| |
| |||||||
Log-Analyse und Auswertung: Virenprüfung meldet infizierte Dateien mit Win32:DHWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.02.2017, 16:58
| #1 |
 |  Virenprüfung meldet infizierte Dateien mit Win32:DH Hallo zusammen, Ich habe gestern die Startzeit Überprüfung von Avast gestartet, die ich immer wöchentlich mal ausführe. Leider wurde etwas gefunden:  Die Datei wurde dann in die Quarantäne verschoben. Ich hab zur Sicherheit nochmal einen normalen Scan mit Avast und Malwarebytes AntiMalware durchgeführt, glücklicherweise ohne Funde. Heute vormittag nochmal die Startzeit Überprüfung ausgeführt und leider wieder Funde:  Allerdings läuft der Rechner meiner Einschätzung nach ohne Probleme. Handelt es sich hier evtl. um einen Fehlalarm? Ich möchte dennoch die Situation ernst nehmen und möchte daher um eine Einschätzung bitten. Mfg. Jens Hier mal die Logs: FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2017 01
durchgeführt von Moritz (Administrator) auf MORITZ2-PC (19-02-2017 17:17:03)
Gestartet von C:\Users\Moritz\Desktop\FRST_64
Geladene Profile: Moritz (Verfügbare Profile: Moritz & Gast)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(AddGadgets) C:\Users\Moritz\Downloads\network meter\PCMeterV4\PCMeterV0.4.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(CMedia) C:\Program Files\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Func\KB-460\KB-460_Core.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-16] (AVAST Software)
HKLM-x32\...\Run: [Func KB-460] => C:\Program Files (x86)\Func\KB-460\KB-460_Core
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [RoccatKonePureOptical] => C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{0B593FE7-9DC9-4042-B7EE-47F019FA174C}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{E43E45DB-6A41-48AA-823C-DD6D572B70A2}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-16] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-16] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-24] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
FireFox:
========
FF DefaultProfile: u4sfw4f1.default-1391466045898
FF ProfilePath: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 [2017-02-19]
FF Homepage: Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 -> hxxps://www.google.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 -> type", 0
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\amznUWL2@amazon.com.xpi [2016-04-27]
FF Extension: (ProxTube) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\ich@maltegoetz.de.xpi [2016-08-28]
FF Extension: (Premiumize.me) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2014-11-07] [ist nicht signiert]
FF Extension: (Personas Plus) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\personas@christopher.beard.xpi [2016-07-28]
FF Extension: (Google Translator for Firefox) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: (NoScript) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-01]
FF Extension: (Video DownloadHelper) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-05]
FF Extension: (Adblock Plus) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF SearchPlugin: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\searchplugins\google-play.xml [2015-05-05]
FF SearchPlugin: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\searchplugins\wettercom.xml [2014-06-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-02-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-02-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-21] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-21] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2295199210-3298315446-242086744-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Moritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default [2017-02-18]
CHR Extension: (Google Docs) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12]
CHR Extension: (Google Drive) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Google Cast) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-08-10]
CHR Extension: (Adblock Plus) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-06]
CHR Extension: (Google-Suche) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-16]
CHR Extension: (Google Docs Offline) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-10]
CHR Extension: (Avast Online Security) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-16]
CHR Extension: (Google Mail) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-16]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-12-23] (Advanced Micro Devices) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-16] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-16] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [173848 2015-02-22] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 GalaxyClientService; E:\Programme\GOG Galaxy\GalaxyClient\GalaxyClientService.exe [284224 2016-12-26] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-12-26] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; E:\Programme\Origin\OriginClientService.exe [2122248 2017-01-24] (Electronic Arts)
S2 Origin Web Helper Service; E:\Programme\Origin\OriginWebHelperService.exe [2184208 2017-01-24] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-04-20] ()
R2 Realtek11nCU; C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
S4 TeamViewer9; E:\Programme\Team Viewer 9\TeamViewer_Service.exe [4915040 2014-01-29] (TeamViewer GmbH)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-12-23] (Advanced Micro Devices)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309784 2017-02-16] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-02-16] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-02-16] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-02-16] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-02-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126088 2017-02-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-02-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [74680 2017-02-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [991496 2017-02-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-02-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337080 2017-02-16] (AVAST Software)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-02] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-07-04] (REALiX(tm))
R3 I1KBFLTR; C:\Windows\System32\drivers\I1KBFLTR.sys [29440 2014-06-26] ()
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [93192 2016-06-12] (Intel Corporation)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2010-08-06] (Realtek Semiconductor Corporation )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-02-02] (Duplex Secure Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-10-16] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-10-16] (Acronis)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2013-11-22] (Seiko Epson Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-10-16] (Acronis International GmbH)
R3 WinRing0_1_2_0; C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp [14544 2017-02-18] (OpenLibSys.org) <==== ACHTUNG
S3 ALSysIO; \??\C:\Users\Moritz\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 GPU-Z; \??\C:\Users\Moritz\AppData\Local\Temp\GPU-Z.sys [X] <==== ACHTUNG
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-19 17:16 - 2017-02-19 17:17 - 00000000 ____D C:\Users\Moritz\Desktop\FRST_64
2017-02-19 17:15 - 2017-02-19 17:15 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-02-18 20:17 - 2017-02-18 22:15 - 00000000 ____D C:\Users\Moritz\Desktop\Neuer Ordner
2017-02-18 20:02 - 2017-02-18 20:02 - 34980000 _____ (AMD Inc.) C:\Users\Moritz\Downloads\radeon-crimson-relive-17.2.1-minimalsetup-170213_64bit.exe
2017-02-17 00:38 - 2017-02-17 00:38 - 00000000 _____ C:\Users\Moritz\Desktop\spotfy premium account.txt
2017-02-17 00:26 - 2017-02-17 00:26 - 00000000 _____ C:\Users\Moritz\Desktop\Graktreiber wurde widerhergestellt.txt
2017-02-17 00:24 - 2017-02-17 00:24 - 00000000 _____ C:\Users\Moritz\Desktop\Der Treiber hat einen Controllerfehler auf DeviceHarddisk2DR2.txt
2017-02-16 22:08 - 2017-02-19 17:03 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-02-16 22:08 - 2017-02-16 22:08 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-02-16 22:08 - 2017-02-16 22:08 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00309784 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-02-06 19:00 - 2017-02-06 19:00 - 00000000 ____D C:\Users\Moritz\.QtWebEngineProcess
2017-02-06 19:00 - 2017-02-06 19:00 - 00000000 ____D C:\Users\Moritz\.Origin
2017-02-01 22:38 - 2017-02-01 22:38 - 00000000 ____D C:\Users\Moritz\AppData\LocalLow\AMD
2017-01-30 17:20 - 2017-01-30 17:20 - 00000000 ____D C:\ProgramData\ATI
2017-01-28 14:17 - 2017-01-28 14:18 - 00000000 ____D C:\Users\Moritz\Desktop\Fritzbox Einstellung_Sicherung
2017-01-28 14:13 - 2017-01-28 14:13 - 00000000 ____D C:\Users\Moritz\AppData\Local\AMD
2017-01-28 14:12 - 2017-01-28 14:12 - 00003152 _____ C:\Windows\System32\Tasks\StartCN
2017-01-28 14:12 - 2017-01-28 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-01-28 14:12 - 2017-01-28 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-01-28 14:11 - 2017-01-28 14:11 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-28 14:11 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-01-28 14:11 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2017-01-28 14:11 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-01-28 14:11 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2017-01-26 15:12 - 2017-01-26 15:12 - 54462926 _____ C:\Users\Moritz\Desktop\PC-WeltWLAN09-2015-issue.pdf
2017-01-21 16:08 - 2017-01-21 16:08 - 00010755 _____ C:\Users\Moritz\Desktop\NAS vergleich.xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-19 17:17 - 2015-12-16 15:35 - 00000000 ____D C:\FRST
2017-02-19 17:13 - 2014-02-04 12:12 - 00000029 _____ C:\Users\Moritz\AppData\Roaming\Network Meter_Usage.ini
2017-02-19 17:13 - 2014-02-02 10:28 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-02-19 17:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-19 16:18 - 2016-12-21 19:03 - 00000000 ____D C:\Users\Moritz\AppData\Roaming\vlc
2017-02-19 16:17 - 2014-02-04 11:57 - 00000000 ____D C:\Users\Moritz\Documents\My Games
2017-02-19 16:16 - 2016-11-16 12:17 - 00000000 ____D C:\Users\Moritz\AppData\LocalLow\Mozilla
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\Users\Moritz\AppData\Local\Sony
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\ProgramData\Sony
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-02-19 15:03 - 2014-05-27 10:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-19 15:00 - 2009-07-14 05:45 - 00030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-19 15:00 - 2009-07-14 05:45 - 00030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-19 14:56 - 2011-04-12 08:43 - 03941958 _____ C:\Windows\system32\perfh007.dat
2017-02-19 14:56 - 2011-04-12 08:43 - 01156746 _____ C:\Windows\system32\perfc007.dat
2017-02-19 14:56 - 2009-07-14 06:13 - 00006224 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-19 01:09 - 2014-02-01 22:14 - 00007622 _____ C:\Users\Moritz\AppData\Local\resmon.resmoncfg
2017-02-18 23:58 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-02-18 20:16 - 2016-11-16 13:08 - 00000000 ____D C:\ProgramData\Unity
2017-02-18 20:02 - 2014-02-02 10:25 - 00000000 ____D C:\AMD
2017-02-16 22:08 - 2014-05-02 20:54 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00991496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148727930370604
2017-02-16 22:08 - 2014-02-02 13:55 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00126088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00074680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-02-14 23:52 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-02-14 23:50 - 2014-02-03 15:00 - 00000000 ____D C:\Users\Moritz\AppData\Roaming\Origin
2017-02-14 22:40 - 2014-02-03 14:54 - 00000000 ____D C:\ProgramData\Origin
2017-02-09 13:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-07 17:26 - 2014-02-03 15:00 - 00000000 ____D C:\Users\Moritz\AppData\Local\Origin
2017-02-07 01:00 - 2014-02-17 17:55 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 01:00 - 2014-02-17 17:55 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 19:00 - 2014-02-01 20:46 - 00000000 ____D C:\Users\Moritz
2017-02-01 22:27 - 2014-08-28 10:32 - 00000000 ____D C:\Program Files\Recuva
2017-01-30 17:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-28 14:12 - 2015-10-09 12:03 - 00000000 ____D C:\Program Files (x86)\AMD
2017-01-28 14:12 - 2014-02-02 10:27 - 00000000 ____D C:\Program Files\AMD
2017-01-28 14:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-28 14:06 - 2014-02-02 11:38 - 00000000 ____D C:\Windows\system32\MRT
2017-01-28 14:04 - 2014-02-02 11:38 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-28 14:02 - 2016-11-16 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 14:02 - 2014-02-02 13:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-26 10:25 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-24 21:41 - 2016-11-16 12:34 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-01-24 21:41 - 2016-08-28 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-01-24 21:41 - 2014-08-06 21:20 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-24 21:41 - 2014-02-03 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-21 20:35 - 2014-04-02 19:25 - 00779776 ___SH C:\Users\Moritz\Desktop\Thumbs.db
2017-01-21 20:35 - 2014-02-03 19:44 - 00000000 ____D C:\Users\Moritz\.gimp-2.8
2017-01-21 14:45 - 2015-11-01 00:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-21 14:45 - 2015-11-01 00:09 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-21 14:45 - 2014-08-26 09:31 - 00000000 ____D C:\Users\Moritz\AppData\Local\Adobe
2017-01-21 14:45 - 2014-02-02 20:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-21 14:45 - 2014-02-02 20:32 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-20 23:42 - 2015-10-27 17:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-02-03 20:49 - 2014-06-10 23:45 - 0000627 _____ () C:\Users\Moritz\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-02-03 20:49 - 2014-11-21 15:15 - 0000293 _____ () C:\Users\Moritz\AppData\Roaming\GPU MeterV2_Settings.ini
2014-02-04 11:46 - 2016-08-02 21:47 - 0000971 _____ () C:\Users\Moritz\AppData\Roaming\Network Meter_Settings.ini
2014-02-04 12:12 - 2017-02-19 17:13 - 0000029 _____ () C:\Users\Moritz\AppData\Roaming\Network Meter_Usage.ini
2014-03-24 13:06 - 2016-02-21 17:02 - 1065984 _____ () C:\Users\Moritz\AppData\Local\file__0.localstorage
2017-01-05 16:38 - 2017-01-05 16:38 - 0006787 _____ () C:\Users\Moritz\AppData\Local\recently-used.xbel
2014-02-01 22:14 - 2017-02-19 01:09 - 0007622 _____ () C:\Users\Moritz\AppData\Local\resmon.resmoncfg
2014-02-02 10:53 - 2014-02-02 10:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-01-24 21:40 - 2017-01-24 21:40 - 0739904 _____ (Oracle Corporation) C:\Users\Moritz\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-01-28 14:08 - 2017-01-28 14:09 - 429088496 _____ (AMD Inc.) C:\Users\Moritz\AppData\Local\Temp\tmp510C.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-13 13:45
==================== Ende von FRST.txt ============================
Geändert von Jens85 (19.02.2017 um 17:31 Uhr) |
|
19.02.2017, 17:31
| #2 |
| |  Virenprüfung meldet infizierte Dateien mit Win32:DH Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017 01
durchgeführt von Moritz (19-02-2017 17:17:17)
Gestartet von C:\Users\Moritz\Desktop\FRST_64
Windows 7 Ultimate Service Pack 1 (X64) (2014-02-01 19:46:13)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2295199210-3298315446-242086744-500 - Administrator - Disabled)
Gast (S-1-5-21-2295199210-3298315446-242086744-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2295199210-3298315446-242086744-1002 - Limited - Enabled)
Moritz (S-1-5-21-2295199210-3298315446-242086744-1000 - Administrator - Enabled) => C:\Users\Moritz
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.1223.1210.58 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin's Creed(R) III v1.03 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.03 - Ubisoft)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Battlefield 4â„¢ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BioShock Remastered (HKLM\...\Steam App 409710) (Version: - 2K Boston)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 6.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DARK SOULS III (HKLM-x32\...\Steam App 374320) (Version: - FromSoftware, Inc.)
Day of the Tentacle Remastered (HKLM\...\Steam App 388210) (Version: - Double Fine Productions)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Driver Sweeper Version 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
Druckerdeinstallation für EPSON Remote Print (HKLM\...\EPSON Remote Print) (Version: - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON WF-3520 Series (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0165 - Edimax Technology Co.)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
Firewatch (HKLM-x32\...\Steam App 383870) (Version: - Campo Santo)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Func KB-460 Settings software (HKLM-x32\...\{8918A402-4EEF-489F-940F-DC25BEEFA6FF}_sbay) (Version: - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version: - Codemasters Racing)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version: - Valve)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.3.0.4 - GOG.com)
HWiNFO64 Version 4.40 (HKLM\...\HWiNFO64_is1) (Version: 4.40 - Martin MalÃ*k - REALiX)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Livestreamer 1.11.1 (HKLM-x32\...\Livestreamer) (Version: - )
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Mount and Blade (HKLM-x32\...\1207666893_is1) (Version: 2.0.0.4 - GOG.com)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 141106.96623 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenVPN 2.3.6-I601 (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
ROCCAT Kone Pure Optical Mouse Driver (HKLM-x32\...\{22D40E66-0D41-45A3-A8A1-90B8A38D9A68}) (Version: - Roccat GmbH)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.8 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
S.T.A.L.K.E.R. German Uncut Trilogy Edition 1.0 (HKLM-x32\...\S.T.A.L.K.E.R. German Uncut Trilogy Edition 1.0) (Version: - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SDK Debuggers (x32 Version: 8.59.29746 - Microsoft Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
SketchUp 2017 (HKLM\...\{5A8C61BD-0912-4B76-805E-4EDE5E13298C}) (Version: 17.1.174 - Trimble Navigation Limited)
Sleeping Dogsâ„¢ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
SmartGit (HKLM-x32\...\SmartGit c:/program files (x86)/smartgit_is1) (Version: - syntevo GmbH)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)
Spotify (HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Star Swarm Stress Test (HKLM-x32\...\Steam App 267130) (Version: - Oxide Games)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version: - LucasArts)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Crusader 2 (HKLM\...\Steam App 232890) (Version: - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Walking Dead: A New Frontier (HKLM\...\Steam App 536220) (Version: - Telltale Games)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.5.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version: - Team17 Digital Ltd)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1115AF7F-56C9-47A7-8828-A5C6A5A56119} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2175CC94-DF29-4050-A204-C6862C86A73F} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {2F7ECD5A-49A4-4B39-ADB6-90A35A5A8571} - System32\Tasks\{3EF969C1-230F-4C85-837A-38BC5527D691} => Firefox.exe hxxp://ui.skype.com/ui/0/7.12.80.101/de/abandoninstall?page=tsProgressBar
Task: {313BBAC0-B0CE-488F-8189-518B0C9AFF23} - System32\Tasks\SafeZone scheduled Autoupdate 1461831637 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {3824FB2D-EDF7-4602-9D27-66D3F4ABB7BF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2016-12-23] (Advanced Micro Devices, Inc.)
Task: {3B544326-D40E-486D-BB94-F7ED8B065A37} - System32\Tasks\PCMeter\Startup => C:\Users\Moritz\Downloads\network meter\PCMeterV4\PCMeterV0.4.exe [2013-11-05] (AddGadgets)
Task: {3BC6704D-33F0-4CE7-AE7E-3E6869F61CCC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {3FDC4290-414E-423E-B951-5461E645FBA7} - System32\Tasks\{AE8D2FA2-1FA0-4FB0-B984-D9D50CEB0C70} => pcalua.exe -a C:\Users\Moritz\Downloads\iview437g_setup(1).exe -d C:\Users\Moritz\Downloads
Task: {6A8BBF8A-FC41-4B98-A830-9F96547B56B8} - System32\Tasks\{A9B95B13-260E-46B0-9C7D-C402B89FAACD} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {6D887FBC-9C90-4C7A-A77F-79252CD57BB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {98E8D6FC-7A7C-43DF-B27F-14E0826F76FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BE01862F-FD61-45FA-A951-5BB4F61DB955} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-16] (AVAST Software)
Task: {C6861602-9B6F-47E4-B964-62175A3B6E76} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2295199210-3298315446-242086744-1000
Task: {CAD7C128-9F9F-429E-AEA3-9C1B3AB2EBE3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {F2EA2F54-A3A3-428D-9168-19D87223A5CC} - System32\Tasks\{276C619C-62DD-43E3-815B-3BEEDEDC334B} => pcalua.exe -a "E:\Programme\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "E:\Programme\Steam\steamapps\common\Left 4 Dead 2" -c /register
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-03-27 21:39 - 2013-03-27 21:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2014-06-08 23:56 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2014-04-01 14:14 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2014-02-03 20:49 - 2014-02-03 20:49 - 00012520 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2014-02-03 20:49 - 2014-02-03 20:49 - 00015080 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2014-02-03 20:49 - 2014-02-03 20:49 - 00014056 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2017-01-15 15:51 - 2014-06-27 14:15 - 01750528 _____ () C:\Program Files (x86)\Func\KB-460\KB-460_Core.exe
2015-03-13 14:54 - 2015-03-13 14:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-04 21:52 - 2014-04-20 14:43 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-02-16 22:08 - 2017-02-16 22:08 - 00162600 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00792656 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-18 15:17 - 2017-02-18 15:17 - 05979224 _____ () C:\Program Files\AVAST Software\Avast\defs\17021801\algo.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-10-25 18:08 - 2011-04-19 14:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DG Audio\Customapp\VmixP8.dll
2016-08-07 09:30 - 2016-08-07 09:30 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2013-03-27 23:37 - 2013-03-27 23:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 12:43 - 2013-01-10 12:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2017-01-15 16:23 - 2012-10-01 18:53 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\hiddriver.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-13 17:19 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-02-02 11:13 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-03-27 21:09 - 2013-03-27 21:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-03-27 21:36 - 2013-03-27 21:36 - 00021312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Moritz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^Users^Moritz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: GalaxyClient =>
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\Moritz\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Moritz\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{9F48DC17-C632-40B9-B6CC-C749FEE8F505}C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe
FirewallRules: [UDP Query User{C47FBBE4-221C-4A67-8837-7A9CAA8BFDE4}C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe
FirewallRules: [{A252124C-789B-4CCB-9296-A5BB6E432880}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{D9CB8CF5-B053-4444-9374-970CC9723693}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [TCP Query User{1FEDF8B8-3AB5-41C2-92E1-1F9FF81C2E3E}C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{270380D9-80FB-41C3-A882-E35A7BA57E10}C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [TCP Query User{ED07AD7E-3AF6-4114-8A21-009585115235}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CAC1056C-04D1-4FBD-B0C6-E31781E990D2}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [{835761BC-EC5F-4FA0-85F0-5ED6EE4190E6}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{6E3BCFF2-261C-4427-AE80-9353E04A6560}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{5F890B29-C7E6-462E-A803-D5AC3C10B647}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B802124F-A6D7-4849-AC50-E92D1D8BEF2F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4AB85895-9616-4292-BE0D-0AB33A55F89D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2D1FC328-3892-4123-9872-277B9CEC3ECB}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{F243356A-171C-49AF-97B7-3B67679411E0}] => (Allow) E:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3AD70C31-E055-4C3B-B3F3-1EE8626D2F72}] => (Allow) E:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1E9817E7-EC93-4E70-B501-0255782E5409}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer.exe
FirewallRules: [{DC079025-4EE8-46FB-B0A2-E69804592552}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer.exe
FirewallRules: [{F6A23DAD-C4BA-4BA2-AEDA-D9F30038B647}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer_Service.exe
FirewallRules: [{D5025577-8916-4148-9578-E467DE9F4357}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer_Service.exe
FirewallRules: [{66FDFD22-8967-4518-A622-EA700C4E3ADB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{846B3CF1-9334-4EF9-8E35-624FA05276D9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1C3941DA-6072-4ED0-969C-B2D06D0EF8E5}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{AE3E2EB6-60B1-40FD-82D3-C6713B632B33}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{121EA7B1-4A8A-4F57-BE8F-651A57473C6B}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{7B3A6EAE-79A9-4149-9006-4E2D85EE0413}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{21C3FC04-0454-4CEC-A22F-A03D36A0EF35}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{5BAE880F-8396-4A5C-8F9E-FAF6B00F6CF0}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{5E5BDF55-2B94-474E-A299-3ECFFE013878}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{A463E25A-51BE-4C01-A6AE-D60D5B4036F9}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{1F3AE00A-4009-40A7-AC96-B723739FA96B}] => (Allow) E:\Programme\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9A9C40DB-49E9-42C5-93F0-F379185FB3B4}] => (Allow) E:\Programme\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{55029BE0-8F2D-4DE3-B801-CD32B295EEC2}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{A020E013-F054-4AD3-AB62-4B16B21ECA4D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9F2DE602-1069-4763-8893-8E89EDAF5A71}] => (Allow) E:\Programme\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{AA991D56-6514-4129-8D8A-E56F3E772D22}] => (Allow) E:\Programme\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3A7EC411-FE92-4B01-BD5A-55B2D14A7CBA}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Swarm Benchmark\StarSwarmLauncher.exe
FirewallRules: [{7D44FF47-F694-4F33-8102-5C24E82B33C8}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Swarm Benchmark\StarSwarmLauncher.exe
FirewallRules: [{317F0B43-5E45-4370-AAC1-EEE35C049984}] => (Allow) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{FE9DF765-320D-4DB2-8B53-9CAA58269692}] => (Allow) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{A4967B98-9263-4D9A-86BD-E45EB81131D9}] => (Allow) LPort=1542
FirewallRules: [{0B39CF90-9205-4D4D-8AE0-DD57E95FB7E8}] => (Allow) LPort=1542
FirewallRules: [{A7564107-3D25-45CE-AE76-ACD34F690568}] => (Allow) LPort=53
FirewallRules: [TCP Query User{366E93D3-2AFD-4CBB-8120-553F448EB7CD}E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{E4205812-FA12-4EBC-B457-E34DD51C6EA9}E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [TCP Query User{0C9CB934-4D96-410F-AE9A-FBBB39DD1D46}E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{CCFA0A18-E8D0-4021-AD9D-E653C3EF5568}E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{6EA67949-9DF2-4784-B4F6-47E0AAD28836}E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{80CA1D36-2FB0-4E22-BF13-41753E818971}E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{3145218B-FBD9-4AFB-B133-A17A32A36721}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB3370E0-A42A-4CEB-A804-0732635AAA1A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3BDCF098-75A1-4E34-AB24-C9D24E006CA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5CF7C33-9FAF-45C4-AF2A-5555FF10BEE4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FDB386EA-9777-4ED8-BA56-2EFDAF991A5D}] => (Allow) E:\Programme\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{F22D6293-39FE-4BAC-A133-76E4FC2C6719}] => (Allow) E:\Programme\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{B0000A8C-E298-4B92-912E-70A5B41A10B6}] => (Allow) E:\Programme\Assasins Creed III\AC3SP.exe
FirewallRules: [{C39FED0D-95CD-4650-BEA6-BAC67B2D7D55}] => (Allow) E:\Programme\Assasins Creed III\AC3SP.exe
FirewallRules: [{D7BACB0B-A225-440C-96A2-1030C117C0C2}] => (Allow) E:\Programme\Assasins Creed III\AC3MP.exe
FirewallRules: [{FF5C97D6-0669-4131-8FD9-06768CD84BB7}] => (Allow) E:\Programme\Assasins Creed III\AC3MP.exe
FirewallRules: [{FA392126-FEA6-45DC-B9E6-6DB4A5009572}] => (Allow) E:\Programme\Assasins Creed III\AssassinsCreed3.exe
FirewallRules: [{7C713F40-8DF5-4DC1-AFBB-1FBE1A177F6E}] => (Allow) E:\Programme\Assasins Creed III\AssassinsCreed3.exe
FirewallRules: [{80C79962-F0F8-4107-9707-DAEA51C6BA1C}] => (Allow) E:\Programme\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{55AD4AE4-2AE6-472E-A7FD-BF390AD51AA5}] => (Allow) E:\Programme\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{01C37433-0382-462F-85EE-D1ECD5B5BC33}] => (Allow) E:\Programme\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{20E7E8A9-B9E1-43FE-9B5A-046FC0C3A18B}] => (Allow) E:\Programme\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{175897FA-452C-49A0-990B-36D3A2EFA861}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{C1DED10E-3BA3-4733-B569-BA6471C02A47}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BAADD536-7203-4158-B9A8-51F54163C1AF}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{126C9FCC-B3A4-4751-A195-715C4DBCA19B}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{8043B5FC-DA6F-49CA-839E-CC41ED1D5FE0}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [UDP Query User{7528866E-B88D-494A-B442-718E97848541}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [{FF058A66-A2B5-422C-BCF3-E4F900AB3221}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C4FD885D-09FE-4E02-858E-4B2E29222FCB}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{64BA3D36-2928-4A39-9A0F-CE165CACCA62}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [TCP Query User{BAA949F5-3D1C-4319-963A-D5B291812238}E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{6EE8280D-7E91-4225-B1C8-904648C34D72}E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{78097B75-6F31-4C81-9A7D-F78371BCC7FF}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [UDP Query User{B71BC5AE-6458-45DA-9A2D-7CC437F76242}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [{DC8BB13D-638B-4F72-90D7-26D9BAAD45E8}] => (Allow) E:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{64513FC1-06CC-4650-8A0B-45F58EB0C62F}] => (Allow) E:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{2661D080-2A6D-445E-ABB2-99A9A73AEA31}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{9825C8BA-734B-48D1-B127-BD9BD927854C}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{9B67DD18-3377-4A3F-9827-26DBB199CEF5}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{2A045AAC-3F12-400E-B4C6-35D9BA741DB4}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{BF6A92E6-0F95-40A4-AD0A-17E468A62832}I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{7B15D0FE-4DA4-41DF-9125-527ECB87AD80}I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [{84D1E065-51FF-4567-A449-A363D143FD10}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{23CF9A31-CD04-4AF3-9978-B23DDB60CC5A}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{6FA92CD7-0ABC-4772-AE06-C6CDD433280E}] => (Allow) E:\Programme\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{C6E4FE6E-A4CD-4070-964D-7A733431B654}] => (Allow) E:\Programme\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{0BE50CA4-1562-4FA3-AB1A-51D3B9725FF1}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{DF853EA3-0BD6-4760-911D-7868114CE916}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{7C7BA48E-930C-4FFD-A107-D61237E4EEF4}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{07BA5C2B-EC8C-4FDF-9909-D0B96DA0924D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{D2C623EA-C39C-4F52-B95E-006BFEBB4A0D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{9F32FD7E-E274-429D-8366-442BA260C3FC}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{F9970860-B3C3-40DA-9FEA-36130036CFBC}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{21DED4B3-AD60-4E3C-909F-BF803A8370AD}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{529CC96F-B359-4462-9F4C-1DE5AA7874C8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{5B24E472-D439-4BB2-828F-316419EA973A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{C6A5902A-220F-4C2A-9503-EF5F4AC78A61}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{B689282E-E994-42E2-B83B-C551AA42400F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{E478F2D4-3D92-459A-8CB5-120C5B63D8B5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3C2EB2E1-DC55-4F68-A2DD-D1AF6F774D74}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{665CA9D4-E4E9-4F15-8183-EF19E2441128}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8C931A00-EB42-48FF-8A01-33EC9495BB22}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{4FACA160-C14A-43EB-AAE4-8EF15D0D4BE7}E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe] => (Block) E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe
FirewallRules: [UDP Query User{CDDF2E14-32F3-4D4D-9D41-F0465B640AEE}E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe] => (Block) E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe
FirewallRules: [{9B6590AC-50A6-4DE8-927A-713388A6EF44}] => (Allow) E:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4B5ED7AE-90A4-4ABA-A28E-A40346F6943F}] => (Allow) E:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AA611099-568A-4A41-9AAC-810C5FFDA3B9}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{74FC100C-4BAC-4CDC-B825-93242412C57D}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6653207C-500F-4FAD-94B3-0ABC8DD2BF34}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{9D57DCA7-53A1-4660-B490-9B6B64B5C9A1}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{08A409A9-D7BF-43E3-A602-65216779DD96}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{165F398A-1093-4883-9930-4DC59D7A4765}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [TCP Query User{28BFD208-5463-451D-94E1-1B9BC7DDA854}E:\programme\far cry 4\far cry 4\bin\farcry4.exe] => (Block) E:\programme\far cry 4\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{F430BED3-DACD-4A1F-88B6-8125CB8E63D7}E:\programme\far cry 4\far cry 4\bin\farcry4.exe] => (Block) E:\programme\far cry 4\far cry 4\bin\farcry4.exe
FirewallRules: [{F3CF7B63-D80B-4626-9029-C3BF55B2CF25}] => (Allow) E:\Programme\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{FB1F6F93-A4A3-4684-AB92-851ECC9297D6}] => (Allow) E:\Programme\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [TCP Query User{47DFBE5E-499F-48FB-A181-A35E7E762637}E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe] => (Block) E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe
FirewallRules: [UDP Query User{C96B953B-DB6E-4941-A4B0-757A33578997}E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe] => (Block) E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe
FirewallRules: [{6600AB11-F4FF-4FD3-9D44-F0B249663B05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DA234D1-3ED1-4400-8104-167385FCE302}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAD6A776-C1A3-4BDC-B419-DF3CC12C0281}] => (Allow) E:\Programme\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{8DFDB7EA-96C6-45B2-806A-E24B2A0BE02C}] => (Allow) E:\Programme\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{3406CBDC-A022-455E-BB26-CC45A7BDC392}] => (Allow) E:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{9F1AFE9D-5508-49CB-9F76-19A4F1388C63}] => (Allow) E:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{D2A0A427-23FF-4D9D-8134-4183278B5592}E:\programme\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\programme\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{BB4B8E49-7A11-4BAB-A749-FCCC4A871E71}E:\programme\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\programme\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{33541720-48A2-41D5-B528-AFCC0CF1ECF2}E:\programme\dying light\dying light\dyinglightgame.exe] => (Block) E:\programme\dying light\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{E7FE5F35-8063-4089-A883-EF3A7724016D}E:\programme\dying light\dying light\dyinglightgame.exe] => (Block) E:\programme\dying light\dying light\dyinglightgame.exe
FirewallRules: [{22B672A0-D761-4D6A-B4B7-F64FABA1730A}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{779CBB8F-8927-4CD5-8C2B-CC259FE52F6F}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [TCP Query User{193929A9-9386-4D63-B5DE-CC7661484202}C:\Program Files\OpenVPN\bin\openvpn.exe] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [UDP Query User{DC2D5FCA-16D0-4E27-9B83-EC738B51CA07}C:\Program Files\OpenVPN\bin\openvpn.exe] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [{4D423F66-D8AB-44AE-B01D-52B03B7936A9}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{40ECA176-3CFC-4AAA-B20F-3BFAEF91CB3A}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{272BC383-A829-406C-8C0A-BA2A18DB9D3D}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{81AC5D42-A04C-4704-8003-C94FA45248AA}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{CE5FCD03-2C17-4E78-9FE8-E32BFB8C766E}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [{80ADC9D8-30D7-46CB-9C3C-C463D2694D0F}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [TCP Query User{15093DF0-A055-4F42-818E-66F84A7278EC}G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{1DD764AC-D614-4A76-939D-786695796C92}G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [{83CBA4A7-FCF9-4C14-A527-B59199D5C001}] => (Allow) E:\Programme\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{8C2F0E84-AC94-402E-B080-C6EB616FD081}] => (Allow) E:\Programme\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [TCP Query User{3D3EDF22-206C-4139-AFB2-752C8EAC0058}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7FD67DD5-19BC-4901-9220-9CFD16E7FD94}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A84CCA9C-2775-4DAD-877C-10B3B4AD35F2}] => (Allow) E:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{FC829EE0-E9A9-4271-9078-8672DD52B3DA}] => (Allow) E:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{EF1E5EBD-355C-49A5-A72B-D2ACF6FF392B}E:\programme\gta 5\gta5.exe] => (Allow) E:\programme\gta 5\gta5.exe
FirewallRules: [UDP Query User{C3156579-4BF6-4C2B-A2A8-176C03CC8DCA}E:\programme\gta 5\gta5.exe] => (Allow) E:\programme\gta 5\gta5.exe
FirewallRules: [{BCCB1445-8058-41A8-9FCD-E8EC324CC440}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{A5FEE466-AE08-46A6-AC39-61D8CB376579}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8608C00B-E65E-41B2-9F1B-6C2028BE69E0}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2D9703EB-DBEA-47B8-8E9F-04D8910B98F0}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{23E15B51-BF8A-40EF-8B0A-3A4E69126DFC}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{77D0A513-9A42-4CF3-B324-015291FC1AE4}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{3A8D7A81-9173-41A9-AF37-DBB798B3AC28}] => (Allow) E:\Programme\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{55D1FD90-F3BB-4004-A0ED-ABC25E43558C}] => (Allow) E:\Programme\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [TCP Query User{1BCD782D-5586-47F8-A5D9-A32CBFBBA246}C:\users\moritz\desktop\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [UDP Query User{1A47E407-6F1D-49B7-A85A-79E0855752F7}C:\users\moritz\desktop\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [{90A1B2B7-6481-47EA-A517-42AE89A63CE3}] => (Allow) E:\Programme\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{0A24BE58-DDB2-452E-8471-D0ABD256362F}] => (Allow) E:\Programme\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [TCP Query User{4449331D-B7B2-49EF-B76A-48EC9E0A6786}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D3799B63-4753-4A81-AE8D-F98A0352F7EE}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C7F33D4-B81D-4234-BCE0-18A3B7EB344E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9E7D781-EA50-4A3F-8EA7-7F81250BEE6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8048DCCD-272F-4C91-A2C9-A2EC17A881BC}] => (Allow) E:\Programme\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{BFE71DEC-3CD6-4BBA-85E8-0D9E1F7F621A}] => (Allow) E:\Programme\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{8157D4D5-AA29-49AA-992F-D89F83C9C3A5}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{636ADD68-371F-487D-8FF3-39BC34921934}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{DB7A3645-FF67-4CAC-AFBB-80FA26F9D17D}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{A090F100-31BD-4351-B02D-61C83A0015CF}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{0AF77098-3F6E-4BDB-892C-4813CF1675E9}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{952F1315-D8D4-4E21-A818-F48D9D4CAE7D}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{B3A77A6B-9CCB-46A9-BF3F-277A7B087826}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{792178EC-0D5D-4566-B41D-93359E0FD7C9}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{0C09BD9D-116E-46C1-A3F0-021DA04CF309}] => (Allow) E:\Programme\Steam\SteamApps\common\Firewatch\Firewatch.exe
FirewallRules: [{185182B9-44F4-46DA-A139-B640D40C7BD3}] => (Allow) E:\Programme\Steam\SteamApps\common\Firewatch\Firewatch.exe
FirewallRules: [{CC3D82A3-B5D1-48BD-B2C7-1FC1308C58B1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F0398C61-D380-41BE-8B49-CE8671852B53}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{09853F4D-C08A-4C44-A0C3-651976FD7A12}] => (Allow) E:\Programme\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{85688F78-4467-4F5B-99FA-428292CD3CAD}] => (Allow) E:\Programme\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [TCP Query User{F310E270-D523-4AAE-9A61-9EAEA3E13584}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{645F17DC-9E39-4A7E-AFE0-4C8B76902B56}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{46AF9636-F522-4442-8986-F34E3D5D711E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{2D630AD7-E9F9-4502-8AB1-F4103D501BCE}] => (Allow) E:\Programme\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{1C65D9B4-7168-46A0-A1CB-3C8160C909ED}] => (Allow) E:\Programme\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{9BF1CA9B-A955-4A4E-ACC6-AE9DE1B0A8F2}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C731DBB6-CF7D-430D-BDCD-6574D95430D5}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23D7BD37-12B2-4F7A-B72E-A2C5FE9CE3CD}] => (Allow) E:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{F5F2528C-0CE6-4A83-96D7-0A46DA679B1C}] => (Allow) E:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{A937D96F-5191-4D67-A53B-18C174E84940}] => (Allow) E:\Programme\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{02C4124C-3FE8-402B-B7DF-436B184E1C2A}] => (Allow) E:\Programme\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{20A101F3-8A38-4D76-9C8F-52DED032B7D7}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{36777EE1-AC1A-4973-8F8A-8CB2E20A7A9D}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{44D00FB1-BC73-4220-9D8A-FD4136203F1E}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [{EF7D0523-FCC5-4B1B-84D8-8828A39F6FCB}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [{8D5EBC86-0A97-42D7-B8E5-82C46B9FC7D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1F007600-62A9-4C3A-88A9-AFEBEAC8DC40}] => (Allow) E:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F0783921-5361-405E-815E-C2F5AA11E73B}] => (Allow) E:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
==================== Wiederherstellungspunkte =========================
19-02-2017 16:05:08 Removed Vegas Pro 12.0 (64-bit)
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/19/2017 05:14:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (02/19/2017 02:56:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (02/19/2017 02:56:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (02/19/2017 02:56:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (02/19/2017 02:52:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (02/19/2017 02:14:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (02/19/2017 02:14:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (02/19/2017 02:14:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (02/19/2017 02:10:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Moritz\Downloads\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (02/19/2017 02:10:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Moritz\Downloads\esetsmartinstaller_deu(1).exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Systemfehler:
=============
Error: (02/19/2017 05:14:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (02/19/2017 05:14:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (02/19/2017 05:14:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/19/2017 05:14:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (02/19/2017 05:13:42 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (02/19/2017 02:53:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (02/19/2017 02:52:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (02/19/2017 02:52:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/19/2017 02:52:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (02/19/2017 12:00:39 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 16303.22 MB
Verfügbarer physikalischer RAM: 13451.99 MB
Summe virtueller Speicher: 32604.62 MB
Verfügbarer virtueller Speicher: 29975.76 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:223.47 GB) (Free:30.21 GB) NTFS
Drive e: (Data) (Fixed) (Total:931.51 GB) (Free:220.71 GB) NTFS
Drive j: (Stick_Transcend_32GB) (Removable) (Total:29.42 GB) (Free:19 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 9B757ED2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1DE46529)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 29.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=29.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
20.02.2017, 00:48
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Virenprüfung meldet infizierte Dateien mit Win32:DHZitat:
 Lesestoff:Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ |
|
20.02.2017, 11:07
| #4 |
| | Virenprüfung meldet infizierte Dateien mit Win32:DH Ok, ist entfernt. Ist natürlich noch unter den Firewall regeln aufgeführt, habe es aber eben deinstalliert Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2017 01
durchgeführt von Moritz (Administrator) auf MORITZ2-PC (20-02-2017 10:59:53)
Gestartet von C:\Users\Moritz\Desktop\FRST_64
Geladene Profile: Moritz (Verfügbare Profile: Moritz & Gast)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(AddGadgets) C:\Users\Moritz\Downloads\network meter\PCMeterV4\PCMeterV0.4.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CMedia) C:\Program Files\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Func\KB-460\KB-460_Core.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-16] (AVAST Software)
HKLM-x32\...\Run: [Func KB-460] => C:\Program Files (x86)\Func\KB-460\KB-460_Core
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [RoccatKonePureOptical] => C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0B593FE7-9DC9-4042-B7EE-47F019FA174C}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{E43E45DB-6A41-48AA-823C-DD6D572B70A2}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-16] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-16] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-24] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
FireFox:
========
FF DefaultProfile: u4sfw4f1.default-1391466045898
FF ProfilePath: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 [2017-02-19]
FF Homepage: Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 -> hxxps://www.google.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 -> type", 0
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\amznUWL2@amazon.com.xpi [2016-04-27]
FF Extension: (ProxTube) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\ich@maltegoetz.de.xpi [2016-08-28]
FF Extension: (Premiumize.me) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2014-11-07] [ist nicht signiert]
FF Extension: (Personas Plus) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\personas@christopher.beard.xpi [2016-07-28]
FF Extension: (Google Translator for Firefox) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: (NoScript) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-01]
FF Extension: (Video DownloadHelper) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-05]
FF Extension: (Adblock Plus) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF SearchPlugin: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\searchplugins\google-play.xml [2015-05-05]
FF SearchPlugin: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\searchplugins\wettercom.xml [2014-06-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-02-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-02-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-21] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-21] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2295199210-3298315446-242086744-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Moritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default [2017-02-18]
CHR Extension: (Google Docs) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12]
CHR Extension: (Google Drive) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Google Cast) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-08-10]
CHR Extension: (Adblock Plus) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-06]
CHR Extension: (Google-Suche) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-16]
CHR Extension: (Google Docs Offline) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-10]
CHR Extension: (Avast Online Security) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-16]
CHR Extension: (Google Mail) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-16]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-12-23] (Advanced Micro Devices) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-16] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-16] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [173848 2015-02-22] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 GalaxyClientService; E:\Programme\GOG Galaxy\GalaxyClient\GalaxyClientService.exe [284224 2016-12-26] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-12-26] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; E:\Programme\Origin\OriginClientService.exe [2122248 2017-01-24] (Electronic Arts)
S2 Origin Web Helper Service; E:\Programme\Origin\OriginWebHelperService.exe [2184208 2017-01-24] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-04-20] ()
R2 Realtek11nCU; C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
S4 TeamViewer9; E:\Programme\Team Viewer 9\TeamViewer_Service.exe [4915040 2014-01-29] (TeamViewer GmbH)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-12-23] (Advanced Micro Devices)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309784 2017-02-16] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-02-16] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-02-16] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-02-16] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-02-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126088 2017-02-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-02-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [74680 2017-02-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [991496 2017-02-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-02-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337080 2017-02-16] (AVAST Software)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-02] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-07-04] (REALiX(tm))
R3 I1KBFLTR; C:\Windows\System32\drivers\I1KBFLTR.sys [29440 2014-06-26] ()
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [93192 2016-06-12] (Intel Corporation)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2010-08-06] (Realtek Semiconductor Corporation )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-02-02] (Duplex Secure Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-10-16] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-10-16] (Acronis)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2013-11-22] (Seiko Epson Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-10-16] (Acronis International GmbH)
R3 WinRing0_1_2_0; C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp [14544 2017-02-18] (OpenLibSys.org) <==== ACHTUNG
S3 ALSysIO; \??\C:\Users\Moritz\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 GPU-Z; \??\C:\Users\Moritz\AppData\Local\Temp\GPU-Z.sys [X] <==== ACHTUNG
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-20 10:51 - 2017-02-20 10:51 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-02-20 10:39 - 2017-02-20 10:44 - 00000004 _____ C:\ScrubRetValFile.txt
2017-02-19 17:16 - 2017-02-20 10:59 - 00000000 ____D C:\Users\Moritz\Desktop\FRST_64
2017-02-18 20:17 - 2017-02-18 22:15 - 00000000 ____D C:\Users\Moritz\Desktop\Neuer Ordner
2017-02-18 20:02 - 2017-02-18 20:02 - 34980000 _____ (AMD Inc.) C:\Users\Moritz\Downloads\radeon-crimson-relive-17.2.1-minimalsetup-170213_64bit.exe
2017-02-17 00:38 - 2017-02-17 00:38 - 00000000 _____ C:\Users\Moritz\Desktop\spotfy premium account.txt
2017-02-17 00:26 - 2017-02-17 00:26 - 00000000 _____ C:\Users\Moritz\Desktop\Graktreiber wurde widerhergestellt.txt
2017-02-17 00:24 - 2017-02-17 00:24 - 00000000 _____ C:\Users\Moritz\Desktop\Der Treiber hat einen Controllerfehler auf DeviceHarddisk2DR2.txt
2017-02-16 22:08 - 2017-02-20 10:56 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-02-16 22:08 - 2017-02-16 22:08 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-02-16 22:08 - 2017-02-16 22:08 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00309784 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-02-06 19:00 - 2017-02-06 19:00 - 00000000 ____D C:\Users\Moritz\.QtWebEngineProcess
2017-02-06 19:00 - 2017-02-06 19:00 - 00000000 ____D C:\Users\Moritz\.Origin
2017-02-01 22:38 - 2017-02-01 22:38 - 00000000 ____D C:\Users\Moritz\AppData\LocalLow\AMD
2017-01-30 17:20 - 2017-01-30 17:20 - 00000000 ____D C:\ProgramData\ATI
2017-01-28 14:17 - 2017-01-28 14:18 - 00000000 ____D C:\Users\Moritz\Desktop\Fritzbox Einstellung_Sicherung
2017-01-28 14:13 - 2017-01-28 14:13 - 00000000 ____D C:\Users\Moritz\AppData\Local\AMD
2017-01-28 14:12 - 2017-01-28 14:12 - 00003152 _____ C:\Windows\System32\Tasks\StartCN
2017-01-28 14:12 - 2017-01-28 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-01-28 14:12 - 2017-01-28 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-01-28 14:11 - 2017-01-28 14:11 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-28 14:11 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-01-28 14:11 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2017-01-28 14:11 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-01-28 14:11 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2017-01-26 15:12 - 2017-01-26 15:12 - 54462926 _____ C:\Users\Moritz\Desktop\PC-WeltWLAN09-2015-issue.pdf
2017-01-21 16:08 - 2017-01-21 16:08 - 00010755 _____ C:\Users\Moritz\Desktop\NAS vergleich.xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-20 10:59 - 2015-12-16 15:35 - 00000000 ____D C:\FRST
2017-02-20 10:55 - 2009-07-14 05:45 - 00030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-20 10:55 - 2009-07-14 05:45 - 00030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-20 10:52 - 2011-04-12 08:43 - 04000126 _____ C:\Windows\system32\perfh007.dat
2017-02-20 10:52 - 2011-04-12 08:43 - 01174818 _____ C:\Windows\system32\perfc007.dat
2017-02-20 10:52 - 2009-07-14 06:13 - 00006224 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-20 10:47 - 2014-02-02 10:28 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-02-20 10:47 - 2014-02-01 21:54 - 00124048 _____ C:\Users\Moritz\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-20 10:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-20 10:47 - 2009-07-14 05:45 - 00505008 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-20 10:46 - 2014-02-04 12:12 - 00000029 _____ C:\Users\Moritz\AppData\Roaming\Network Meter_Usage.ini
2017-02-20 10:43 - 2014-02-02 19:04 - 00000000 ____D C:\Program Files\Microsoft Office
2017-02-20 10:43 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-02-20 10:41 - 2014-02-02 19:05 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-02-20 10:41 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\ShellNew
2017-02-20 10:41 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-20 10:41 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2017-02-20 10:41 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2017-02-19 20:10 - 2016-11-16 12:17 - 00000000 ____D C:\Users\Moritz\AppData\LocalLow\Mozilla
2017-02-19 16:18 - 2016-12-21 19:03 - 00000000 ____D C:\Users\Moritz\AppData\Roaming\vlc
2017-02-19 16:17 - 2014-02-04 11:57 - 00000000 ____D C:\Users\Moritz\Documents\My Games
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\Users\Moritz\AppData\Local\Sony
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\ProgramData\Sony
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-02-19 15:03 - 2014-05-27 10:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-19 01:09 - 2014-02-01 22:14 - 00007622 _____ C:\Users\Moritz\AppData\Local\resmon.resmoncfg
2017-02-18 23:58 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-02-18 20:16 - 2016-11-16 13:08 - 00000000 ____D C:\ProgramData\Unity
2017-02-18 20:02 - 2014-02-02 10:25 - 00000000 ____D C:\AMD
2017-02-16 22:08 - 2014-05-02 20:54 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00991496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148727930370604
2017-02-16 22:08 - 2014-02-02 13:55 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00126088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00074680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-02-14 23:52 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-02-14 23:50 - 2014-02-03 15:00 - 00000000 ____D C:\Users\Moritz\AppData\Roaming\Origin
2017-02-14 22:40 - 2014-02-03 14:54 - 00000000 ____D C:\ProgramData\Origin
2017-02-09 13:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-07 17:26 - 2014-02-03 15:00 - 00000000 ____D C:\Users\Moritz\AppData\Local\Origin
2017-02-07 01:00 - 2014-02-17 17:55 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 01:00 - 2014-02-17 17:55 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 19:00 - 2014-02-01 20:46 - 00000000 ____D C:\Users\Moritz
2017-02-01 22:27 - 2014-08-28 10:32 - 00000000 ____D C:\Program Files\Recuva
2017-01-30 17:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-28 14:12 - 2015-10-09 12:03 - 00000000 ____D C:\Program Files (x86)\AMD
2017-01-28 14:12 - 2014-02-02 10:27 - 00000000 ____D C:\Program Files\AMD
2017-01-28 14:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-28 14:06 - 2014-02-02 11:38 - 00000000 ____D C:\Windows\system32\MRT
2017-01-28 14:04 - 2014-02-02 11:38 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-28 14:02 - 2016-11-16 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 14:02 - 2014-02-02 13:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-26 10:25 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-24 21:41 - 2016-11-16 12:34 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-01-24 21:41 - 2016-08-28 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-01-24 21:41 - 2014-08-06 21:20 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-24 21:41 - 2014-02-03 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-21 20:35 - 2014-04-02 19:25 - 00779776 ___SH C:\Users\Moritz\Desktop\Thumbs.db
2017-01-21 20:35 - 2014-02-03 19:44 - 00000000 ____D C:\Users\Moritz\.gimp-2.8
2017-01-21 14:45 - 2015-11-01 00:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-21 14:45 - 2015-11-01 00:09 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-21 14:45 - 2014-08-26 09:31 - 00000000 ____D C:\Users\Moritz\AppData\Local\Adobe
2017-01-21 14:45 - 2014-02-02 20:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-21 14:45 - 2014-02-02 20:32 - 00000000 ____D C:\Windows\system32\Macromed
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-02-03 20:49 - 2014-06-10 23:45 - 0000627 _____ () C:\Users\Moritz\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-02-03 20:49 - 2014-11-21 15:15 - 0000293 _____ () C:\Users\Moritz\AppData\Roaming\GPU MeterV2_Settings.ini
2014-02-04 11:46 - 2016-08-02 21:47 - 0000971 _____ () C:\Users\Moritz\AppData\Roaming\Network Meter_Settings.ini
2014-02-04 12:12 - 2017-02-20 10:46 - 0000029 _____ () C:\Users\Moritz\AppData\Roaming\Network Meter_Usage.ini
2014-03-24 13:06 - 2016-02-21 17:02 - 1065984 _____ () C:\Users\Moritz\AppData\Local\file__0.localstorage
2017-01-05 16:38 - 2017-01-05 16:38 - 0006787 _____ () C:\Users\Moritz\AppData\Local\recently-used.xbel
2014-02-01 22:14 - 2017-02-19 01:09 - 0007622 _____ () C:\Users\Moritz\AppData\Local\resmon.resmoncfg
2014-02-02 10:53 - 2014-02-02 10:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-01-24 21:40 - 2017-01-24 21:40 - 0739904 _____ (Oracle Corporation) C:\Users\Moritz\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-02-20 10:35 - 2017-02-20 10:35 - 1278976 _____ (Microsoft Corporation) C:\Users\Moritz\AppData\Local\Temp\PidGenX.dll
2017-01-28 14:08 - 2017-01-28 14:09 - 429088496 _____ (AMD Inc.) C:\Users\Moritz\AppData\Local\Temp\tmp510C.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-13 13:45
==================== Ende von FRST.txt ============================
|
|
20.02.2017, 11:08
| #5 |
| | Virenprüfung meldet infizierte Dateien mit Win32:DHCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017 01
durchgeführt von Moritz (20-02-2017 11:00:10)
Gestartet von C:\Users\Moritz\Desktop\FRST_64
Windows 7 Ultimate Service Pack 1 (X64) (2014-02-01 19:46:13)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2295199210-3298315446-242086744-500 - Administrator - Disabled)
Gast (S-1-5-21-2295199210-3298315446-242086744-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2295199210-3298315446-242086744-1002 - Limited - Enabled)
Moritz (S-1-5-21-2295199210-3298315446-242086744-1000 - Administrator - Enabled) => C:\Users\Moritz
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.1223.1210.58 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin's Creed(R) III v1.03 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.03 - Ubisoft)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Battlefield 4â„¢ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BioShock Remastered (HKLM\...\Steam App 409710) (Version: - 2K Boston)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 6.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DARK SOULS III (HKLM-x32\...\Steam App 374320) (Version: - FromSoftware, Inc.)
Day of the Tentacle Remastered (HKLM\...\Steam App 388210) (Version: - Double Fine Productions)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Driver Sweeper Version 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
Druckerdeinstallation für EPSON Remote Print (HKLM\...\EPSON Remote Print) (Version: - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON WF-3520 Series (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0165 - Edimax Technology Co.)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
Firewatch (HKLM-x32\...\Steam App 383870) (Version: - Campo Santo)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Func KB-460 Settings software (HKLM-x32\...\{8918A402-4EEF-489F-940F-DC25BEEFA6FF}_sbay) (Version: - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version: - Codemasters Racing)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version: - Valve)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.3.0.4 - GOG.com)
HWiNFO64 Version 4.40 (HKLM\...\HWiNFO64_is1) (Version: 4.40 - Martin MalÃ*k - REALiX)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Livestreamer 1.11.1 (HKLM-x32\...\Livestreamer) (Version: - )
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Mount and Blade (HKLM-x32\...\1207666893_is1) (Version: 2.0.0.4 - GOG.com)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 141106.96623 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenVPN 2.3.6-I601 (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
ROCCAT Kone Pure Optical Mouse Driver (HKLM-x32\...\{22D40E66-0D41-45A3-A8A1-90B8A38D9A68}) (Version: - Roccat GmbH)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.8 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
S.T.A.L.K.E.R. German Uncut Trilogy Edition 1.0 (HKLM-x32\...\S.T.A.L.K.E.R. German Uncut Trilogy Edition 1.0) (Version: - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SDK Debuggers (x32 Version: 8.59.29746 - Microsoft Corporation) Hidden
SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
SketchUp 2017 (HKLM\...\{5A8C61BD-0912-4B76-805E-4EDE5E13298C}) (Version: 17.1.174 - Trimble Navigation Limited)
Sleeping Dogsâ„¢ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
SmartGit (HKLM-x32\...\SmartGit c:/program files (x86)/smartgit_is1) (Version: - syntevo GmbH)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)
Spotify (HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Star Swarm Stress Test (HKLM-x32\...\Steam App 267130) (Version: - Oxide Games)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version: - LucasArts)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Crusader 2 (HKLM\...\Steam App 232890) (Version: - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Walking Dead: A New Frontier (HKLM\...\Steam App 536220) (Version: - Telltale Games)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.5.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version: - Team17 Digital Ltd)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1115AF7F-56C9-47A7-8828-A5C6A5A56119} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2175CC94-DF29-4050-A204-C6862C86A73F} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {2F7ECD5A-49A4-4B39-ADB6-90A35A5A8571} - System32\Tasks\{3EF969C1-230F-4C85-837A-38BC5527D691} => Firefox.exe hxxp://ui.skype.com/ui/0/7.12.80.101/de/abandoninstall?page=tsProgressBar
Task: {313BBAC0-B0CE-488F-8189-518B0C9AFF23} - System32\Tasks\SafeZone scheduled Autoupdate 1461831637 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {3824FB2D-EDF7-4602-9D27-66D3F4ABB7BF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2016-12-23] (Advanced Micro Devices, Inc.)
Task: {3B544326-D40E-486D-BB94-F7ED8B065A37} - System32\Tasks\PCMeter\Startup => C:\Users\Moritz\Downloads\network meter\PCMeterV4\PCMeterV0.4.exe [2013-11-05] (AddGadgets)
Task: {3BC6704D-33F0-4CE7-AE7E-3E6869F61CCC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {3FDC4290-414E-423E-B951-5461E645FBA7} - System32\Tasks\{AE8D2FA2-1FA0-4FB0-B984-D9D50CEB0C70} => pcalua.exe -a C:\Users\Moritz\Downloads\iview437g_setup(1).exe -d C:\Users\Moritz\Downloads
Task: {6A8BBF8A-FC41-4B98-A830-9F96547B56B8} - System32\Tasks\{A9B95B13-260E-46B0-9C7D-C402B89FAACD} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {6D887FBC-9C90-4C7A-A77F-79252CD57BB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {98E8D6FC-7A7C-43DF-B27F-14E0826F76FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BE01862F-FD61-45FA-A951-5BB4F61DB955} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-16] (AVAST Software)
Task: {C6861602-9B6F-47E4-B964-62175A3B6E76} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2295199210-3298315446-242086744-1000
Task: {CAD7C128-9F9F-429E-AEA3-9C1B3AB2EBE3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {F2EA2F54-A3A3-428D-9168-19D87223A5CC} - System32\Tasks\{276C619C-62DD-43E3-815B-3BEEDEDC334B} => pcalua.exe -a "E:\Programme\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "E:\Programme\Steam\steamapps\common\Left 4 Dead 2" -c /register
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-03-27 21:39 - 2013-03-27 21:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2014-06-08 23:56 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2014-04-01 14:14 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2014-02-03 20:49 - 2014-02-03 20:49 - 00012520 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2014-02-03 20:49 - 2014-02-03 20:49 - 00015080 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2014-02-03 20:49 - 2014-02-03 20:49 - 00014056 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2017-01-15 15:51 - 2014-06-27 14:15 - 01750528 _____ () C:\Program Files (x86)\Func\KB-460\KB-460_Core.exe
2016-09-13 01:51 - 2016-09-13 01:51 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-03-13 14:54 - 2015-03-13 14:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-04 21:52 - 2014-04-20 14:43 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-02-16 22:08 - 2017-02-16 22:08 - 00162600 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00792656 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-19 17:28 - 2017-02-19 17:28 - 05979224 _____ () C:\Program Files\AVAST Software\Avast\defs\17021900\algo.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-10-25 18:08 - 2011-04-19 14:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DG Audio\Customapp\VmixP8.dll
2016-08-07 09:30 - 2016-08-07 09:30 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2013-03-27 23:37 - 2013-03-27 23:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 12:43 - 2013-01-10 12:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2017-01-15 16:23 - 2012-10-01 18:53 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\hiddriver.dll
2014-02-13 17:19 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-02-02 11:13 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-03-27 21:09 - 2013-03-27 21:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Moritz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^Users^Moritz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: GalaxyClient =>
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\Moritz\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Moritz\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{9F48DC17-C632-40B9-B6CC-C749FEE8F505}C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe
FirewallRules: [UDP Query User{C47FBBE4-221C-4A67-8837-7A9CAA8BFDE4}C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe
FirewallRules: [{A252124C-789B-4CCB-9296-A5BB6E432880}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{D9CB8CF5-B053-4444-9374-970CC9723693}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [TCP Query User{1FEDF8B8-3AB5-41C2-92E1-1F9FF81C2E3E}C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{270380D9-80FB-41C3-A882-E35A7BA57E10}C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [TCP Query User{ED07AD7E-3AF6-4114-8A21-009585115235}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CAC1056C-04D1-4FBD-B0C6-E31781E990D2}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [{835761BC-EC5F-4FA0-85F0-5ED6EE4190E6}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{6E3BCFF2-261C-4427-AE80-9353E04A6560}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{5F890B29-C7E6-462E-A803-D5AC3C10B647}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B802124F-A6D7-4849-AC50-E92D1D8BEF2F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4AB85895-9616-4292-BE0D-0AB33A55F89D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2D1FC328-3892-4123-9872-277B9CEC3ECB}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{F243356A-171C-49AF-97B7-3B67679411E0}] => (Allow) E:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3AD70C31-E055-4C3B-B3F3-1EE8626D2F72}] => (Allow) E:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1E9817E7-EC93-4E70-B501-0255782E5409}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer.exe
FirewallRules: [{DC079025-4EE8-46FB-B0A2-E69804592552}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer.exe
FirewallRules: [{F6A23DAD-C4BA-4BA2-AEDA-D9F30038B647}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer_Service.exe
FirewallRules: [{D5025577-8916-4148-9578-E467DE9F4357}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer_Service.exe
FirewallRules: [{66FDFD22-8967-4518-A622-EA700C4E3ADB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{846B3CF1-9334-4EF9-8E35-624FA05276D9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1C3941DA-6072-4ED0-969C-B2D06D0EF8E5}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{AE3E2EB6-60B1-40FD-82D3-C6713B632B33}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{121EA7B1-4A8A-4F57-BE8F-651A57473C6B}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{7B3A6EAE-79A9-4149-9006-4E2D85EE0413}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{21C3FC04-0454-4CEC-A22F-A03D36A0EF35}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{5BAE880F-8396-4A5C-8F9E-FAF6B00F6CF0}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{5E5BDF55-2B94-474E-A299-3ECFFE013878}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{A463E25A-51BE-4C01-A6AE-D60D5B4036F9}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{1F3AE00A-4009-40A7-AC96-B723739FA96B}] => (Allow) E:\Programme\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9A9C40DB-49E9-42C5-93F0-F379185FB3B4}] => (Allow) E:\Programme\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{55029BE0-8F2D-4DE3-B801-CD32B295EEC2}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{A020E013-F054-4AD3-AB62-4B16B21ECA4D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9F2DE602-1069-4763-8893-8E89EDAF5A71}] => (Allow) E:\Programme\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{AA991D56-6514-4129-8D8A-E56F3E772D22}] => (Allow) E:\Programme\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3A7EC411-FE92-4B01-BD5A-55B2D14A7CBA}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Swarm Benchmark\StarSwarmLauncher.exe
FirewallRules: [{7D44FF47-F694-4F33-8102-5C24E82B33C8}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Swarm Benchmark\StarSwarmLauncher.exe
FirewallRules: [{317F0B43-5E45-4370-AAC1-EEE35C049984}] => (Allow) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{FE9DF765-320D-4DB2-8B53-9CAA58269692}] => (Allow) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{A4967B98-9263-4D9A-86BD-E45EB81131D9}] => (Allow) LPort=1542
FirewallRules: [{0B39CF90-9205-4D4D-8AE0-DD57E95FB7E8}] => (Allow) LPort=1542
FirewallRules: [{A7564107-3D25-45CE-AE76-ACD34F690568}] => (Allow) LPort=53
FirewallRules: [TCP Query User{366E93D3-2AFD-4CBB-8120-553F448EB7CD}E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{E4205812-FA12-4EBC-B457-E34DD51C6EA9}E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [TCP Query User{0C9CB934-4D96-410F-AE9A-FBBB39DD1D46}E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{CCFA0A18-E8D0-4021-AD9D-E653C3EF5568}E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{6EA67949-9DF2-4784-B4F6-47E0AAD28836}E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{80CA1D36-2FB0-4E22-BF13-41753E818971}E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{3145218B-FBD9-4AFB-B133-A17A32A36721}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB3370E0-A42A-4CEB-A804-0732635AAA1A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3BDCF098-75A1-4E34-AB24-C9D24E006CA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5CF7C33-9FAF-45C4-AF2A-5555FF10BEE4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FDB386EA-9777-4ED8-BA56-2EFDAF991A5D}] => (Allow) E:\Programme\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{F22D6293-39FE-4BAC-A133-76E4FC2C6719}] => (Allow) E:\Programme\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{B0000A8C-E298-4B92-912E-70A5B41A10B6}] => (Allow) E:\Programme\Assasins Creed III\AC3SP.exe
FirewallRules: [{C39FED0D-95CD-4650-BEA6-BAC67B2D7D55}] => (Allow) E:\Programme\Assasins Creed III\AC3SP.exe
FirewallRules: [{D7BACB0B-A225-440C-96A2-1030C117C0C2}] => (Allow) E:\Programme\Assasins Creed III\AC3MP.exe
FirewallRules: [{FF5C97D6-0669-4131-8FD9-06768CD84BB7}] => (Allow) E:\Programme\Assasins Creed III\AC3MP.exe
FirewallRules: [{FA392126-FEA6-45DC-B9E6-6DB4A5009572}] => (Allow) E:\Programme\Assasins Creed III\AssassinsCreed3.exe
FirewallRules: [{7C713F40-8DF5-4DC1-AFBB-1FBE1A177F6E}] => (Allow) E:\Programme\Assasins Creed III\AssassinsCreed3.exe
FirewallRules: [{80C79962-F0F8-4107-9707-DAEA51C6BA1C}] => (Allow) E:\Programme\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{55AD4AE4-2AE6-472E-A7FD-BF390AD51AA5}] => (Allow) E:\Programme\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{01C37433-0382-462F-85EE-D1ECD5B5BC33}] => (Allow) E:\Programme\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{20E7E8A9-B9E1-43FE-9B5A-046FC0C3A18B}] => (Allow) E:\Programme\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{175897FA-452C-49A0-990B-36D3A2EFA861}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{C1DED10E-3BA3-4733-B569-BA6471C02A47}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BAADD536-7203-4158-B9A8-51F54163C1AF}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{126C9FCC-B3A4-4751-A195-715C4DBCA19B}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{8043B5FC-DA6F-49CA-839E-CC41ED1D5FE0}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [UDP Query User{7528866E-B88D-494A-B442-718E97848541}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [{FF058A66-A2B5-422C-BCF3-E4F900AB3221}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C4FD885D-09FE-4E02-858E-4B2E29222FCB}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{64BA3D36-2928-4A39-9A0F-CE165CACCA62}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [TCP Query User{BAA949F5-3D1C-4319-963A-D5B291812238}E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{6EE8280D-7E91-4225-B1C8-904648C34D72}E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{78097B75-6F31-4C81-9A7D-F78371BCC7FF}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [UDP Query User{B71BC5AE-6458-45DA-9A2D-7CC437F76242}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [{DC8BB13D-638B-4F72-90D7-26D9BAAD45E8}] => (Allow) E:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{64513FC1-06CC-4650-8A0B-45F58EB0C62F}] => (Allow) E:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{2661D080-2A6D-445E-ABB2-99A9A73AEA31}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{9825C8BA-734B-48D1-B127-BD9BD927854C}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{9B67DD18-3377-4A3F-9827-26DBB199CEF5}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{2A045AAC-3F12-400E-B4C6-35D9BA741DB4}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{BF6A92E6-0F95-40A4-AD0A-17E468A62832}I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{7B15D0FE-4DA4-41DF-9125-527ECB87AD80}I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [{84D1E065-51FF-4567-A449-A363D143FD10}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{23CF9A31-CD04-4AF3-9978-B23DDB60CC5A}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{6FA92CD7-0ABC-4772-AE06-C6CDD433280E}] => (Allow) E:\Programme\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{C6E4FE6E-A4CD-4070-964D-7A733431B654}] => (Allow) E:\Programme\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{0BE50CA4-1562-4FA3-AB1A-51D3B9725FF1}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{DF853EA3-0BD6-4760-911D-7868114CE916}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{7C7BA48E-930C-4FFD-A107-D61237E4EEF4}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{07BA5C2B-EC8C-4FDF-9909-D0B96DA0924D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{D2C623EA-C39C-4F52-B95E-006BFEBB4A0D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{9F32FD7E-E274-429D-8366-442BA260C3FC}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{F9970860-B3C3-40DA-9FEA-36130036CFBC}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{21DED4B3-AD60-4E3C-909F-BF803A8370AD}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{529CC96F-B359-4462-9F4C-1DE5AA7874C8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{5B24E472-D439-4BB2-828F-316419EA973A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{C6A5902A-220F-4C2A-9503-EF5F4AC78A61}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{B689282E-E994-42E2-B83B-C551AA42400F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{E478F2D4-3D92-459A-8CB5-120C5B63D8B5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3C2EB2E1-DC55-4F68-A2DD-D1AF6F774D74}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{665CA9D4-E4E9-4F15-8183-EF19E2441128}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8C931A00-EB42-48FF-8A01-33EC9495BB22}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{4FACA160-C14A-43EB-AAE4-8EF15D0D4BE7}E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe] => (Block) E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe
FirewallRules: [UDP Query User{CDDF2E14-32F3-4D4D-9D41-F0465B640AEE}E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe] => (Block) E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe
FirewallRules: [{9B6590AC-50A6-4DE8-927A-713388A6EF44}] => (Allow) E:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4B5ED7AE-90A4-4ABA-A28E-A40346F6943F}] => (Allow) E:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AA611099-568A-4A41-9AAC-810C5FFDA3B9}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{74FC100C-4BAC-4CDC-B825-93242412C57D}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6653207C-500F-4FAD-94B3-0ABC8DD2BF34}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{9D57DCA7-53A1-4660-B490-9B6B64B5C9A1}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{08A409A9-D7BF-43E3-A602-65216779DD96}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{165F398A-1093-4883-9930-4DC59D7A4765}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [TCP Query User{28BFD208-5463-451D-94E1-1B9BC7DDA854}E:\programme\far cry 4\far cry 4\bin\farcry4.exe] => (Block) E:\programme\far cry 4\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{F430BED3-DACD-4A1F-88B6-8125CB8E63D7}E:\programme\far cry 4\far cry 4\bin\farcry4.exe] => (Block) E:\programme\far cry 4\far cry 4\bin\farcry4.exe
FirewallRules: [{F3CF7B63-D80B-4626-9029-C3BF55B2CF25}] => (Allow) E:\Programme\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{FB1F6F93-A4A3-4684-AB92-851ECC9297D6}] => (Allow) E:\Programme\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [TCP Query User{47DFBE5E-499F-48FB-A181-A35E7E762637}E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe] => (Block) E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe
FirewallRules: [UDP Query User{C96B953B-DB6E-4941-A4B0-757A33578997}E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe] => (Block) E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe
FirewallRules: [{6600AB11-F4FF-4FD3-9D44-F0B249663B05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DA234D1-3ED1-4400-8104-167385FCE302}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAD6A776-C1A3-4BDC-B419-DF3CC12C0281}] => (Allow) E:\Programme\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{8DFDB7EA-96C6-45B2-806A-E24B2A0BE02C}] => (Allow) E:\Programme\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{3406CBDC-A022-455E-BB26-CC45A7BDC392}] => (Allow) E:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{9F1AFE9D-5508-49CB-9F76-19A4F1388C63}] => (Allow) E:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{D2A0A427-23FF-4D9D-8134-4183278B5592}E:\programme\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\programme\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{BB4B8E49-7A11-4BAB-A749-FCCC4A871E71}E:\programme\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\programme\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{33541720-48A2-41D5-B528-AFCC0CF1ECF2}E:\programme\dying light\dying light\dyinglightgame.exe] => (Block) E:\programme\dying light\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{E7FE5F35-8063-4089-A883-EF3A7724016D}E:\programme\dying light\dying light\dyinglightgame.exe] => (Block) E:\programme\dying light\dying light\dyinglightgame.exe
FirewallRules: [{22B672A0-D761-4D6A-B4B7-F64FABA1730A}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{779CBB8F-8927-4CD5-8C2B-CC259FE52F6F}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [TCP Query User{193929A9-9386-4D63-B5DE-CC7661484202}C:\Program Files\OpenVPN\bin\openvpn.exe] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [UDP Query User{DC2D5FCA-16D0-4E27-9B83-EC738B51CA07}C:\Program Files\OpenVPN\bin\openvpn.exe] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [{4D423F66-D8AB-44AE-B01D-52B03B7936A9}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{40ECA176-3CFC-4AAA-B20F-3BFAEF91CB3A}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{272BC383-A829-406C-8C0A-BA2A18DB9D3D}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{81AC5D42-A04C-4704-8003-C94FA45248AA}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{CE5FCD03-2C17-4E78-9FE8-E32BFB8C766E}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [{80ADC9D8-30D7-46CB-9C3C-C463D2694D0F}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [TCP Query User{15093DF0-A055-4F42-818E-66F84A7278EC}G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{1DD764AC-D614-4A76-939D-786695796C92}G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [{83CBA4A7-FCF9-4C14-A527-B59199D5C001}] => (Allow) E:\Programme\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{8C2F0E84-AC94-402E-B080-C6EB616FD081}] => (Allow) E:\Programme\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [TCP Query User{3D3EDF22-206C-4139-AFB2-752C8EAC0058}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7FD67DD5-19BC-4901-9220-9CFD16E7FD94}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A84CCA9C-2775-4DAD-877C-10B3B4AD35F2}] => (Allow) E:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{FC829EE0-E9A9-4271-9078-8672DD52B3DA}] => (Allow) E:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{EF1E5EBD-355C-49A5-A72B-D2ACF6FF392B}E:\programme\gta 5\gta5.exe] => (Allow) E:\programme\gta 5\gta5.exe
FirewallRules: [UDP Query User{C3156579-4BF6-4C2B-A2A8-176C03CC8DCA}E:\programme\gta 5\gta5.exe] => (Allow) E:\programme\gta 5\gta5.exe
FirewallRules: [{BCCB1445-8058-41A8-9FCD-E8EC324CC440}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{A5FEE466-AE08-46A6-AC39-61D8CB376579}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8608C00B-E65E-41B2-9F1B-6C2028BE69E0}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2D9703EB-DBEA-47B8-8E9F-04D8910B98F0}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{23E15B51-BF8A-40EF-8B0A-3A4E69126DFC}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{77D0A513-9A42-4CF3-B324-015291FC1AE4}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{3A8D7A81-9173-41A9-AF37-DBB798B3AC28}] => (Allow) E:\Programme\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{55D1FD90-F3BB-4004-A0ED-ABC25E43558C}] => (Allow) E:\Programme\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [TCP Query User{1BCD782D-5586-47F8-A5D9-A32CBFBBA246}C:\users\moritz\desktop\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [UDP Query User{1A47E407-6F1D-49B7-A85A-79E0855752F7}C:\users\moritz\desktop\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [{90A1B2B7-6481-47EA-A517-42AE89A63CE3}] => (Allow) E:\Programme\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{0A24BE58-DDB2-452E-8471-D0ABD256362F}] => (Allow) E:\Programme\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [TCP Query User{4449331D-B7B2-49EF-B76A-48EC9E0A6786}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D3799B63-4753-4A81-AE8D-F98A0352F7EE}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C7F33D4-B81D-4234-BCE0-18A3B7EB344E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9E7D781-EA50-4A3F-8EA7-7F81250BEE6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8048DCCD-272F-4C91-A2C9-A2EC17A881BC}] => (Allow) E:\Programme\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{BFE71DEC-3CD6-4BBA-85E8-0D9E1F7F621A}] => (Allow) E:\Programme\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{8157D4D5-AA29-49AA-992F-D89F83C9C3A5}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{636ADD68-371F-487D-8FF3-39BC34921934}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{DB7A3645-FF67-4CAC-AFBB-80FA26F9D17D}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{A090F100-31BD-4351-B02D-61C83A0015CF}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{0AF77098-3F6E-4BDB-892C-4813CF1675E9}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{952F1315-D8D4-4E21-A818-F48D9D4CAE7D}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{B3A77A6B-9CCB-46A9-BF3F-277A7B087826}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{792178EC-0D5D-4566-B41D-93359E0FD7C9}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{0C09BD9D-116E-46C1-A3F0-021DA04CF309}] => (Allow) E:\Programme\Steam\SteamApps\common\Firewatch\Firewatch.exe
FirewallRules: [{185182B9-44F4-46DA-A139-B640D40C7BD3}] => (Allow) E:\Programme\Steam\SteamApps\common\Firewatch\Firewatch.exe
FirewallRules: [{CC3D82A3-B5D1-48BD-B2C7-1FC1308C58B1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F0398C61-D380-41BE-8B49-CE8671852B53}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{09853F4D-C08A-4C44-A0C3-651976FD7A12}] => (Allow) E:\Programme\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{85688F78-4467-4F5B-99FA-428292CD3CAD}] => (Allow) E:\Programme\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [TCP Query User{F310E270-D523-4AAE-9A61-9EAEA3E13584}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{645F17DC-9E39-4A7E-AFE0-4C8B76902B56}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{46AF9636-F522-4442-8986-F34E3D5D711E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{2D630AD7-E9F9-4502-8AB1-F4103D501BCE}] => (Allow) E:\Programme\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{1C65D9B4-7168-46A0-A1CB-3C8160C909ED}] => (Allow) E:\Programme\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{9BF1CA9B-A955-4A4E-ACC6-AE9DE1B0A8F2}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C731DBB6-CF7D-430D-BDCD-6574D95430D5}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23D7BD37-12B2-4F7A-B72E-A2C5FE9CE3CD}] => (Allow) E:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{F5F2528C-0CE6-4A83-96D7-0A46DA679B1C}] => (Allow) E:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{A937D96F-5191-4D67-A53B-18C174E84940}] => (Allow) E:\Programme\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{02C4124C-3FE8-402B-B7DF-436B184E1C2A}] => (Allow) E:\Programme\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{20A101F3-8A38-4D76-9C8F-52DED032B7D7}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{36777EE1-AC1A-4973-8F8A-8CB2E20A7A9D}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{44D00FB1-BC73-4220-9D8A-FD4136203F1E}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [{EF7D0523-FCC5-4B1B-84D8-8828A39F6FCB}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [{8D5EBC86-0A97-42D7-B8E5-82C46B9FC7D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1F007600-62A9-4C3A-88A9-AFEBEAC8DC40}] => (Allow) E:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F0783921-5361-405E-815E-C2F5AA11E73B}] => (Allow) E:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{2EC20945-A94F-4566-9AA7-2D74A8600C1F}C:\users\moritz\desktop\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [UDP Query User{57530A65-6715-46D6-88B3-C6633576F1C8}C:\users\moritz\desktop\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft toolkit.exe
==================== Wiederherstellungspunkte =========================
19-02-2017 16:05:08 Removed Vegas Pro 12.0 (64-bit)
20-02-2017 10:40:38 Removed Microsoft Office Professional Plus 2010
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/20/2017 10:52:12 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (02/20/2017 10:52:12 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (02/20/2017 10:52:12 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (02/20/2017 10:48:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (02/20/2017 10:40:37 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {8e3616e0-5daa-4053-a29a-27e8281f2a73}
Error: (02/20/2017 10:37:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (02/20/2017 10:37:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (02/20/2017 10:37:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (02/20/2017 10:33:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (02/19/2017 07:15:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Systemfehler:
=============
Error: (02/20/2017 10:48:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (02/20/2017 10:48:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (02/20/2017 10:47:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/20/2017 10:47:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (02/20/2017 10:47:19 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (02/20/2017 10:33:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (02/20/2017 10:33:11 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (02/20/2017 10:33:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/20/2017 10:33:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (02/20/2017 10:32:32 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16303.22 MB
Verfügbarer physikalischer RAM: 13771.4 MB
Summe virtueller Speicher: 32604.62 MB
Verfügbarer virtueller Speicher: 29924.84 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:223.47 GB) (Free:38.02 GB) NTFS
Drive e: (Data) (Fixed) (Total:931.51 GB) (Free:240.07 GB) NTFS
Drive j: (Stick_Transcend_32GB) (Removable) (Total:29.42 GB) (Free:19 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 9B757ED2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1DE46529)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 29.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=29.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
20.02.2017, 11:10
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenprüfung meldet infizierte Dateien mit Win32:DH Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ --> Virenprüfung meldet infizierte Dateien mit Win32:DH |
|
20.02.2017, 11:24
| #7 |
| | Virenprüfung meldet infizierte Dateien mit Win32:DH Okay, wurde gemacht. Wird ein neuer frst log benötigt? Geändert von Jens85 (20.02.2017 um 11:45 Uhr) |
|
20.02.2017, 12:13
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenprüfung meldet infizierte Dateien mit Win32:DH 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
20.02.2017, 12:45
| #9 |
| | Virenprüfung meldet infizierte Dateien mit Win32:DH Erstmal Danke soweit. Hier die Logs: Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.18537
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.299000 GHz
Memory total: 17095163904, free: 14645968896
Downloaded database version: v2017.02.20.03
Downloaded database version: v2017.02.15.01
Downloaded database version: v2017.02.15.02
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
02/20/2017 12:23:56
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\system32\DRIVERS\vidsflt.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vididr.sys
\SystemRoot\system32\DRIVERS\tib_mounter.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\tib.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\fltsrv.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\C:\Windows\system32\drivers\HWiNFO64A.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\e1d62x64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\cmudaxp.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\xusb21.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\I1KBFLTR.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\amdacpksd.sys
\SystemRoot\system32\DRIVERS\IntelHaxm.sys
\SystemRoot\system32\DRIVERS\afcdp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\nsi.dll
\Windows\System32\shell32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\usp10.dll
\Windows\System32\wininet.dll
\Windows\System32\difxapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\psapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\oleaut32.dll
\Windows\System32\lpk.dll
\Windows\System32\Wldap32.dll
\Windows\System32\gdi32.dll
\Windows\System32\sechost.dll
\Windows\System32\imm32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\normaliz.dll
\Windows\System32\kernel32.dll
\Windows\System32\iertutil.dll
\Windows\System32\imagehlp.dll
\Windows\System32\advapi32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\msctf.dll
\Windows\System32\user32.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\userenv.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2017.02.20.03
rootkit: v2017.02.15.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800d149790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d01fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d149790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d01be00, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800cee3060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9B757ED2
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition is bootable
Partition file system is NTFS
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 468652032
Partition is not bootable
Partition file system is NTFS
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 240057409536 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800d138790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d1382c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d138790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d149530, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800ced6060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1DE46529
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 1953519616
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800d358060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800deadb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d358060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800deabe00, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800deaa990, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 96 Numsec = 61702048
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 31591497728 bytes
Sector size: 512 bytes
Done!
Infected: C:\Users\Moritz\AppData\Local\Temp\_avast_\unp16039750.tmp\13.exe --> [HackTool.WinActivator]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-96-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.18537
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.299000 GHz
Memory total: 17095163904, free: 14731411456
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
02/20/2017 12:32:10
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\system32\DRIVERS\vidsflt.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vididr.sys
\SystemRoot\system32\DRIVERS\tib_mounter.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\tib.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\fltsrv.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\C:\Windows\system32\drivers\HWiNFO64A.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\e1d62x64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\cmudaxp.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\xusb21.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\I1KBFLTR.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\amdacpksd.sys
\SystemRoot\system32\DRIVERS\IntelHaxm.sys
\SystemRoot\system32\DRIVERS\afcdp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\imagehlp.dll
\Windows\System32\shlwapi.dll
\Windows\System32\msctf.dll
\Windows\System32\normaliz.dll
\Windows\System32\user32.dll
\Windows\System32\shell32.dll
\Windows\System32\wininet.dll
\Windows\System32\setupapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\advapi32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\kernel32.dll
\Windows\System32\psapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\nsi.dll
\Windows\System32\ole32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\imm32.dll
\Windows\System32\lpk.dll
\Windows\System32\gdi32.dll
\Windows\System32\sechost.dll
\Windows\System32\urlmon.dll
\Windows\System32\difxapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2017.02.20.03
rootkit: v2017.02.15.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800d168790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d05fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d168790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d05ab40, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800cf02060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9B757ED2
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition is bootable
Partition file system is NTFS
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 468652032
Partition is not bootable
Partition file system is NTFS
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 240057409536 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800d157790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d1572c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d157790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d168530, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800cedd060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1DE46529
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 1953519616
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800e32e790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800e144b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800e32e790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800e13de00, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800e141b60, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 96 Numsec = 61702048
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 31591497728 bytes
Sector size: 512 bytes
Done!
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-96-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
|
|
20.02.2017, 12:45
| #10 |
| | Virenprüfung meldet infizierte Dateien mit Win32:DHCode:
ATTFilter 12:38:53.0863 0x0b1c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
12:38:58.0725 0x0b1c ============================================================
12:38:58.0725 0x0b1c Current date / time: 2017/02/20 12:38:58.0725
12:38:58.0725 0x0b1c SystemInfo:
12:38:58.0725 0x0b1c
12:38:58.0725 0x0b1c OS Version: 6.1.7601 ServicePack: 1.0
12:38:58.0725 0x0b1c Product type: Workstation
12:38:58.0725 0x0b1c ComputerName: MORITZ2-PC
12:38:58.0725 0x0b1c UserName: Moritz
12:38:58.0725 0x0b1c Windows directory: C:\Windows
12:38:58.0725 0x0b1c System windows directory: C:\Windows
12:38:58.0725 0x0b1c Running under WOW64
12:38:58.0725 0x0b1c Processor architecture: Intel x64
12:38:58.0725 0x0b1c Number of processors: 8
12:38:58.0725 0x0b1c Page size: 0x1000
12:38:58.0725 0x0b1c Boot type: Normal boot
12:38:58.0725 0x0b1c CodeIntegrityOptions = 0x00000001
12:38:58.0725 0x0b1c ============================================================
12:38:59.0252 0x0b1c KLMD registered as C:\Windows\system32\drivers\09133975.sys
12:38:59.0252 0x0b1c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
12:38:59.0310 0x0b1c System UUID: {DF0E4705-3441-119B-07D8-5F3ACBE2D13C}
12:38:59.0686 0x0b1c Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:38:59.0687 0x0b1c Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:38:59.0697 0x0b1c Drive \Device\Harddisk2\DR2 - Size: 0x75B000000 ( 29.42 Gb ), SectorSize: 0x200, Cylinders: 0xF00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:38:59.0702 0x0b1c ============================================================
12:38:59.0702 0x0b1c \Device\Harddisk1\DR1:
12:38:59.0702 0x0b1c MBR partitions:
12:38:59.0702 0x0b1c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:38:59.0702 0x0b1c \Device\Harddisk0\DR0:
12:38:59.0702 0x0b1c MBR partitions:
12:38:59.0702 0x0b1c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:38:59.0702 0x0b1c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000
12:38:59.0702 0x0b1c \Device\Harddisk2\DR2:
12:38:59.0703 0x0b1c MBR partitions:
12:38:59.0703 0x0b1c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x60, BlocksNum 0x3AD7FA0
12:38:59.0703 0x0b1c ============================================================
12:38:59.0704 0x0b1c C: <-> \Device\Harddisk0\DR0\Partition2
12:38:59.0722 0x0b1c E: <-> \Device\Harddisk1\DR1\Partition1
12:38:59.0722 0x0b1c ============================================================
12:38:59.0722 0x0b1c Initialize success
12:38:59.0722 0x0b1c ============================================================
12:39:24.0349 0x17a4 ============================================================
12:39:24.0349 0x17a4 Scan started
12:39:24.0349 0x17a4 Mode: Manual; SigCheck; TDLFS;
12:39:24.0349 0x17a4 ============================================================
12:39:24.0349 0x17a4 KSN ping started
12:39:24.0521 0x17a4 KSN ping finished: true
12:39:25.0100 0x17a4 ================ Scan system memory ========================
12:39:25.0100 0x17a4 System memory - ok
12:39:25.0100 0x17a4 ================ Scan services =============================
12:39:25.0137 0x17a4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:39:25.0161 0x17a4 1394ohci - ok
12:39:25.0170 0x17a4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:39:25.0179 0x17a4 ACPI - ok
12:39:25.0181 0x17a4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:39:25.0193 0x17a4 AcpiPmi - ok
12:39:25.0213 0x17a4 [ 8054C6835F89CA2367798396423608F1, 086B19922CA9DA1BD45BB1CE5E9303A137A09EC6D5971F59341A612CE3BB50BC ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
12:39:25.0233 0x17a4 AcrSch2Svc - ok
12:39:25.0237 0x17a4 [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:39:25.0242 0x17a4 AdobeARMservice - ok
12:39:25.0251 0x17a4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:39:25.0262 0x17a4 adp94xx - ok
12:39:25.0270 0x17a4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:39:25.0278 0x17a4 adpahci - ok
12:39:25.0283 0x17a4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:39:25.0289 0x17a4 adpu320 - ok
12:39:25.0293 0x17a4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:39:25.0300 0x17a4 AeLookupSvc - ok
12:39:25.0307 0x17a4 [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
12:39:25.0318 0x17a4 afcdp - ok
12:39:25.0375 0x17a4 [ 3625E0DEAE06134C3B6FD4CC90329912, B2DD2931C9CD6B6C1D8BB26D78ABD095723EBEA82B2DF26DB99605B3E106CD10 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
12:39:25.0430 0x17a4 afcdpsrv - ok
12:39:25.0441 0x17a4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
12:39:25.0454 0x17a4 AFD - ok
12:39:25.0457 0x17a4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:39:25.0462 0x17a4 agp440 - ok
12:39:25.0464 0x17a4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:39:25.0473 0x17a4 ALG - ok
12:39:25.0476 0x17a4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:39:25.0480 0x17a4 aliide - ok
12:39:25.0492 0x17a4 ALSysIO - ok
12:39:25.0498 0x17a4 [ 128E410A4935CAF039B8B2566B9CDEC3, F688154E9A3109E796F49D911C003223C5A4436FB4FF976C3C1216DA728A4CD3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:39:25.0508 0x17a4 AMD External Events Utility - ok
12:39:25.0514 0x17a4 [ DEFDB9543F04FFEB060A02EC631315C0, 11848CA1AC5BB085EDBE68AFF8A690B2ADCE1F8637186ECEE5FF395E2E7DE3CF ] amdacpksd C:\Windows\system32\drivers\amdacpksd.sys
12:39:25.0523 0x17a4 amdacpksd - ok
12:39:25.0528 0x17a4 [ 7F7FD795017E887CD460D94C64FF5E15, AF9D06B1DB07CD6CF59508C1CEBF607BDCEA071545B11CFE0F763149F767AFBD ] amdacpusrsvc C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
12:39:25.0531 0x17a4 amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
12:39:25.0788 0x17a4 Detect skipped due to KSN trusted
12:39:25.0788 0x17a4 amdacpusrsvc - ok
12:39:25.0790 0x17a4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:39:25.0795 0x17a4 amdide - ok
12:39:25.0798 0x17a4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:39:25.0804 0x17a4 AmdK8 - ok
12:39:25.0806 0x17a4 amdkmdag - ok
12:39:25.0815 0x17a4 [ E23D39E82905A7587C4AFF2D31A18456, E9F7DBB09D2292379E0AE15B07EBCB386088E469EBC53790053D2948DBA405B7 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:39:25.0828 0x17a4 amdkmdap - ok
12:39:25.0831 0x17a4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:39:25.0837 0x17a4 AmdPPM - ok
12:39:25.0841 0x17a4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:39:25.0847 0x17a4 amdsata - ok
12:39:25.0851 0x17a4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:39:25.0859 0x17a4 amdsbs - ok
12:39:25.0861 0x17a4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:39:25.0866 0x17a4 amdxata - ok
12:39:25.0869 0x17a4 [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\Windows\system32\drivers\appid.sys
12:39:25.0877 0x17a4 AppID - ok
12:39:25.0879 0x17a4 [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:39:25.0885 0x17a4 AppIDSvc - ok
12:39:25.0888 0x17a4 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
12:39:25.0895 0x17a4 Appinfo - ok
12:39:25.0900 0x17a4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:39:25.0908 0x17a4 AppMgmt - ok
12:39:25.0911 0x17a4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:39:25.0916 0x17a4 arc - ok
12:39:25.0919 0x17a4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:39:25.0924 0x17a4 arcsas - ok
12:39:25.0934 0x17a4 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:39:25.0940 0x17a4 aspnet_state - ok
12:39:25.0942 0x17a4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:39:25.0983 0x17a4 AsyncMac - ok
12:39:25.0985 0x17a4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:39:25.0990 0x17a4 atapi - ok
12:39:25.0994 0x17a4 [ F9DB31BC5CD3700D37DB136BA56E5E9D, 9AB7421975500EE7FE583CCF86914F94E697606A9199DC4F27D5609554C5D3F7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:39:26.0001 0x17a4 AtiHDAudioService - ok
12:39:26.0014 0x17a4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:39:26.0030 0x17a4 AudioEndpointBuilder - ok
12:39:26.0041 0x17a4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:39:26.0055 0x17a4 AudioSrv - ok
12:39:26.0059 0x17a4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:39:26.0075 0x17a4 AxInstSV - ok
12:39:26.0083 0x17a4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:39:26.0095 0x17a4 b06bdrv - ok
12:39:26.0101 0x17a4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:39:26.0110 0x17a4 b57nd60a - ok
12:39:26.0114 0x17a4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:39:26.0121 0x17a4 BDESVC - ok
12:39:26.0123 0x17a4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:39:26.0141 0x17a4 Beep - ok
12:39:26.0153 0x17a4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:39:26.0169 0x17a4 BFE - ok
12:39:26.0183 0x17a4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:39:26.0238 0x17a4 BITS - ok
12:39:26.0241 0x17a4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:39:26.0247 0x17a4 blbdrive - ok
12:39:26.0250 0x17a4 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:39:26.0258 0x17a4 bowser - ok
12:39:26.0260 0x17a4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:39:26.0267 0x17a4 BrFiltLo - ok
12:39:26.0269 0x17a4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:39:26.0275 0x17a4 BrFiltUp - ok
12:39:26.0279 0x17a4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:39:26.0297 0x17a4 BridgeMP - ok
12:39:26.0301 0x17a4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:39:26.0308 0x17a4 Browser - ok
12:39:26.0314 0x17a4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:39:26.0325 0x17a4 Brserid - ok
12:39:26.0328 0x17a4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:39:26.0335 0x17a4 BrSerWdm - ok
12:39:26.0337 0x17a4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:39:26.0343 0x17a4 BrUsbMdm - ok
12:39:26.0345 0x17a4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:39:26.0351 0x17a4 BrUsbSer - ok
12:39:26.0354 0x17a4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:39:26.0361 0x17a4 BTHMODEM - ok
12:39:26.0365 0x17a4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:39:26.0385 0x17a4 bthserv - ok
12:39:26.0388 0x17a4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:39:26.0406 0x17a4 cdfs - ok
12:39:26.0410 0x17a4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:39:26.0417 0x17a4 cdrom - ok
12:39:26.0420 0x17a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:39:26.0438 0x17a4 CertPropSvc - ok
12:39:26.0441 0x17a4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:39:26.0448 0x17a4 circlass - ok
12:39:26.0455 0x17a4 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
12:39:26.0465 0x17a4 CLFS - ok
12:39:26.0470 0x17a4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:39:26.0475 0x17a4 clr_optimization_v2.0.50727_32 - ok
12:39:26.0479 0x17a4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:39:26.0484 0x17a4 clr_optimization_v2.0.50727_64 - ok
12:39:26.0492 0x17a4 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:39:26.0499 0x17a4 clr_optimization_v4.0.30319_32 - ok
12:39:26.0502 0x17a4 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:39:26.0509 0x17a4 clr_optimization_v4.0.30319_64 - ok
12:39:26.0512 0x17a4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:39:26.0517 0x17a4 CmBatt - ok
12:39:26.0519 0x17a4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:39:26.0523 0x17a4 cmdide - ok
12:39:26.0563 0x17a4 [ 0367F029425CBD5506E8DB2757FF3A8F, EABE6AE4CDB692717AD243D8AA9E11E7AEC0E566204C6873F7E6D24AA5593043 ] cmudaxp C:\Windows\system32\drivers\cmudaxp.sys
12:39:26.0606 0x17a4 cmudaxp - ok
12:39:26.0616 0x17a4 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
12:39:26.0630 0x17a4 CNG - ok
12:39:26.0633 0x17a4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:39:26.0637 0x17a4 Compbatt - ok
12:39:26.0640 0x17a4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:39:26.0647 0x17a4 CompositeBus - ok
12:39:26.0649 0x17a4 COMSysApp - ok
12:39:26.0651 0x17a4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:39:26.0656 0x17a4 crcdisk - ok
12:39:26.0661 0x17a4 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:39:26.0671 0x17a4 CryptSvc - ok
12:39:26.0680 0x17a4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:39:26.0692 0x17a4 CSC - ok
12:39:26.0704 0x17a4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:39:26.0719 0x17a4 CscService - ok
12:39:26.0729 0x17a4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
12:39:26.0742 0x17a4 DcomLaunch - ok
12:39:26.0749 0x17a4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:39:26.0770 0x17a4 defragsvc - ok
12:39:26.0774 0x17a4 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:39:26.0782 0x17a4 DfsC - ok
12:39:26.0788 0x17a4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:39:26.0798 0x17a4 Dhcp - ok
12:39:26.0819 0x17a4 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
12:39:26.0844 0x17a4 DiagTrack - ok
12:39:26.0848 0x17a4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:39:26.0866 0x17a4 discache - ok
12:39:26.0869 0x17a4 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
12:39:26.0874 0x17a4 Disk - ok
12:39:26.0877 0x17a4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:39:26.0883 0x17a4 dmvsc - ok
12:39:26.0887 0x17a4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:39:26.0895 0x17a4 Dnscache - ok
12:39:26.0901 0x17a4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:39:26.0922 0x17a4 dot3svc - ok
12:39:26.0926 0x17a4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:39:26.0946 0x17a4 DPS - ok
12:39:26.0948 0x17a4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:39:26.0953 0x17a4 drmkaud - ok
12:39:26.0959 0x17a4 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:39:26.0967 0x17a4 dtsoftbus01 - ok
12:39:26.0983 0x17a4 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:39:27.0001 0x17a4 DXGKrnl - ok
12:39:27.0012 0x17a4 [ 73F8DE25B04A66CE3BE5D09A10DE56E6, ABA5AA50D936897CC71D710BBCF9A1B1CCCAC290FCD10A710E4471C1CDDE1093 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys
12:39:27.0023 0x17a4 e1dexpress - ok
12:39:27.0027 0x17a4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:39:27.0046 0x17a4 EapHost - ok
12:39:27.0048 0x17a4 EasyAntiCheat - ok
12:39:27.0096 0x17a4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:39:27.0146 0x17a4 ebdrv - ok
12:39:27.0150 0x17a4 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS C:\Windows\System32\lsass.exe
12:39:27.0157 0x17a4 EFS - ok
12:39:27.0169 0x17a4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:39:27.0185 0x17a4 ehRecvr - ok
12:39:27.0189 0x17a4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:39:27.0196 0x17a4 ehSched - ok
12:39:27.0206 0x17a4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:39:27.0218 0x17a4 elxstor - ok
12:39:27.0222 0x17a4 [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe
12:39:27.0228 0x17a4 EpsonScanSvc - ok
12:39:27.0230 0x17a4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:39:27.0235 0x17a4 ErrDev - ok
12:39:27.0244 0x17a4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:39:27.0268 0x17a4 EventSystem - ok
12:39:27.0273 0x17a4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:39:27.0293 0x17a4 exfat - ok
12:39:27.0298 0x17a4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:39:27.0317 0x17a4 fastfat - ok
12:39:27.0329 0x17a4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:39:27.0343 0x17a4 Fax - ok
12:39:27.0346 0x17a4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:39:27.0352 0x17a4 fdc - ok
12:39:27.0354 0x17a4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:39:27.0372 0x17a4 fdPHost - ok
12:39:27.0374 0x17a4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:39:27.0393 0x17a4 FDResPub - ok
12:39:27.0395 0x17a4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:39:27.0401 0x17a4 FileInfo - ok
12:39:27.0403 0x17a4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:39:27.0420 0x17a4 Filetrace - ok
12:39:27.0422 0x17a4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:39:27.0427 0x17a4 flpydisk - ok
12:39:27.0433 0x17a4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:39:27.0441 0x17a4 FltMgr - ok
12:39:27.0445 0x17a4 [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
12:39:27.0450 0x17a4 fltsrv - ok
12:39:27.0468 0x17a4 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
12:39:27.0490 0x17a4 FontCache - ok
12:39:27.0494 0x17a4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:39:27.0498 0x17a4 FontCache3.0.0.0 - ok
12:39:27.0501 0x17a4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:39:27.0506 0x17a4 FsDepends - ok
12:39:27.0508 0x17a4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:39:27.0512 0x17a4 Fs_Rec - ok
12:39:27.0517 0x17a4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:39:27.0525 0x17a4 fvevol - ok
12:39:27.0528 0x17a4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:39:27.0533 0x17a4 gagp30kx - ok
12:39:27.0640 0x17a4 [ 11DD69E94F3B3F2614E88C5657011583, C87D588C3F6517F5ED42BB2512653E0D9860D98E043161686F3A4750F6ECBD40 ] GalaxyClientService E:\Programme\GOG Galaxy\GalaxyClient\GalaxyClientService.exe
12:39:27.0658 0x17a4 GalaxyClientService - ok
12:39:27.0766 0x17a4 [ CB8157B535DA674CA6CBEBE7E3BD5268, 1028FDA5207E9CF412BB0B1F0B984FEFEE511EBF8BD353F392F7052B0021F531 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
12:39:27.0857 0x17a4 GalaxyCommunication - ok
12:39:27.0874 0x17a4 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
12:39:27.0891 0x17a4 gpsvc - ok
12:39:27.0902 0x17a4 GPU-Z - ok
12:39:27.0905 0x17a4 GPUZ - ok
12:39:27.0910 0x17a4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:39:27.0915 0x17a4 gupdate - ok
12:39:27.0918 0x17a4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:39:27.0923 0x17a4 gupdatem - ok
12:39:27.0926 0x17a4 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:39:27.0930 0x17a4 hamachi - ok
12:39:27.0963 0x17a4 [ E24E88736B13BC54CA93E7F86A0F4FCF, 0BD480373AE40C1155E4B4C1D5607C7DF9CD4C5D9C5034F7A35993180BDF2665 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:39:27.0995 0x17a4 Hamachi2Svc - ok
12:39:27.0999 0x17a4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:39:28.0005 0x17a4 hcw85cir - ok
12:39:28.0011 0x17a4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:39:28.0024 0x17a4 HdAudAddService - ok
12:39:28.0027 0x17a4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:39:28.0036 0x17a4 HDAudBus - ok
12:39:28.0039 0x17a4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:39:28.0045 0x17a4 HidBatt - ok
12:39:28.0048 0x17a4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:39:28.0056 0x17a4 HidBth - ok
12:39:28.0058 0x17a4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:39:28.0066 0x17a4 HidIr - ok
12:39:28.0068 0x17a4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
12:39:28.0087 0x17a4 hidserv - ok
12:39:28.0089 0x17a4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:39:28.0094 0x17a4 HidUsb - ok
12:39:28.0097 0x17a4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:39:28.0115 0x17a4 hkmsvc - ok
12:39:28.0120 0x17a4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:39:28.0130 0x17a4 HomeGroupListener - ok
12:39:28.0134 0x17a4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:39:28.0142 0x17a4 HomeGroupProvider - ok
12:39:28.0145 0x17a4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:39:28.0151 0x17a4 HpSAMD - ok
12:39:28.0163 0x17a4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:39:28.0178 0x17a4 HTTP - ok
12:39:28.0181 0x17a4 [ D7E0591E2BA1289C875A9D948377441E, 9FDBC10A4FBCE2E9521DF84E177A08530DF6FBF1F830B3D3788367DF8F8ED327 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
12:39:28.0186 0x17a4 HWiNFO32 - ok
12:39:28.0188 0x17a4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:39:28.0192 0x17a4 hwpolicy - ok
12:39:28.0194 0x17a4 [ 839C97ED7FF07F1C457B7F1751C82C9D, 2C38B7F03E29A163F6F2D8A2BBFB69D3FC5C44B7EA7B662D5A0B5F37D7D0F1C3 ] I1KBFLTR C:\Windows\system32\drivers\I1KBFLTR.sys
12:39:28.0200 0x17a4 I1KBFLTR - ok
12:39:28.0203 0x17a4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:39:28.0209 0x17a4 i8042prt - ok
12:39:28.0217 0x17a4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:39:28.0227 0x17a4 iaStorV - ok
12:39:28.0231 0x17a4 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:39:28.0234 0x17a4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:39:28.0491 0x17a4 Detect skipped due to KSN trusted
12:39:28.0492 0x17a4 IDriverT - ok
12:39:28.0541 0x17a4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:39:28.0569 0x17a4 idsvc - ok
12:39:28.0573 0x17a4 IEEtwCollectorService - ok
12:39:28.0575 0x17a4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:39:28.0580 0x17a4 iirsp - ok
12:39:28.0594 0x17a4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:39:28.0612 0x17a4 IKEEXT - ok
12:39:28.0667 0x17a4 [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:39:28.0721 0x17a4 IntcAzAudAddService - ok
12:39:28.0737 0x17a4 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:39:28.0749 0x17a4 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
12:39:29.0006 0x17a4 Detect skipped due to KSN trusted
12:39:29.0006 0x17a4 Intel(R) Capability Licensing Service Interface - ok
12:39:29.0022 0x17a4 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:39:29.0038 0x17a4 Intel(R) Capability Licensing Service TCP IP Interface - ok
12:39:29.0044 0x17a4 [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
12:39:29.0052 0x17a4 Intel(R) PROSet Monitoring Service - ok
12:39:29.0056 0x17a4 [ B3FF41FCB17206ABFC9B7DCC5E8E0777, 9C4BFC63A2DECBBD380FCCEEFCC8B04BFC4C76F26D4AEEAC5EE8D9D8ED68A493 ] IntelHaxm C:\Windows\system32\DRIVERS\IntelHaxm.sys
12:39:29.0063 0x17a4 IntelHaxm - ok
12:39:29.0066 0x17a4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:39:29.0070 0x17a4 intelide - ok
12:39:29.0073 0x17a4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:39:29.0079 0x17a4 intelppm - ok
12:39:29.0082 0x17a4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:39:29.0102 0x17a4 IPBusEnum - ok
12:39:29.0105 0x17a4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:39:29.0122 0x17a4 IpFilterDriver - ok
12:39:29.0132 0x17a4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:39:29.0146 0x17a4 iphlpsvc - ok
12:39:29.0149 0x17a4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:39:29.0156 0x17a4 IPMIDRV - ok
12:39:29.0159 0x17a4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:39:29.0180 0x17a4 IPNAT - ok
12:39:29.0182 0x17a4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:39:29.0190 0x17a4 IRENUM - ok
12:39:29.0192 0x17a4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:39:29.0196 0x17a4 isapnp - ok
12:39:29.0202 0x17a4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:39:29.0210 0x17a4 iScsiPrt - ok
12:39:29.0212 0x17a4 [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:39:29.0217 0x17a4 iusb3hcs - ok
12:39:29.0224 0x17a4 [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
12:39:29.0233 0x17a4 iusb3hub - ok
12:39:29.0246 0x17a4 [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
12:39:29.0261 0x17a4 iusb3xhc - ok
12:39:29.0267 0x17a4 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:39:29.0273 0x17a4 jhi_service - ok
12:39:29.0276 0x17a4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:39:29.0281 0x17a4 kbdclass - ok
12:39:29.0283 0x17a4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:39:29.0289 0x17a4 kbdhid - ok
12:39:29.0291 0x17a4 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso C:\Windows\system32\lsass.exe
12:39:29.0297 0x17a4 KeyIso - ok
12:39:29.0300 0x17a4 [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:39:29.0305 0x17a4 KSecDD - ok
12:39:29.0310 0x17a4 [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:39:29.0316 0x17a4 KSecPkg - ok
12:39:29.0318 0x17a4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:39:29.0337 0x17a4 ksthunk - ok
12:39:29.0344 0x17a4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:39:29.0367 0x17a4 KtmRm - ok
12:39:29.0375 0x17a4 [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
12:39:29.0384 0x17a4 LADF_CaptureOnly - ok
12:39:29.0388 0x17a4 [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
12:39:29.0393 0x17a4 LADF_RenderOnly - ok
12:39:29.0399 0x17a4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:39:29.0420 0x17a4 LanmanServer - ok
12:39:29.0424 0x17a4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:39:29.0442 0x17a4 LanmanWorkstation - ok
12:39:29.0445 0x17a4 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
12:39:29.0449 0x17a4 LGBusEnum - ok
12:39:29.0452 0x17a4 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
12:39:29.0456 0x17a4 LGSHidFilt - ok
12:39:29.0459 0x17a4 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
12:39:29.0463 0x17a4 LGSUsbFilt - ok
12:39:29.0465 0x17a4 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
12:39:29.0469 0x17a4 LGVirHid - ok
12:39:29.0472 0x17a4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:39:29.0490 0x17a4 lltdio - ok
12:39:29.0497 0x17a4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:39:29.0521 0x17a4 lltdsvc - ok
12:39:29.0523 0x17a4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:39:29.0542 0x17a4 lmhosts - ok
12:39:29.0549 0x17a4 [ 02468469C450CD16FB66A56FAB70138B, 9C3788B3DB2DBF9DE192447EADB6F1A17B69FC4813284B86E589784A53154FAA ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:39:29.0558 0x17a4 LMIGuardianSvc - ok
12:39:29.0566 0x17a4 [ 90C864827E1722F5BB6EEA8896A4E8EF, 6F9D96B7A65BD79ED5A384025393F36A5DEAC4EE01CA173874906B54F57150EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:39:29.0575 0x17a4 LMS - ok
12:39:29.0579 0x17a4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:39:29.0585 0x17a4 LSI_FC - ok
12:39:29.0588 0x17a4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:39:29.0594 0x17a4 LSI_SAS - ok
12:39:29.0597 0x17a4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:39:29.0602 0x17a4 LSI_SAS2 - ok
12:39:29.0605 0x17a4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:39:29.0611 0x17a4 LSI_SCSI - ok
12:39:29.0614 0x17a4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:39:29.0634 0x17a4 luafv - ok
12:39:29.0637 0x17a4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:39:29.0644 0x17a4 Mcx2Svc - ok
12:39:29.0647 0x17a4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:39:29.0652 0x17a4 megasas - ok
12:39:29.0658 0x17a4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:39:29.0666 0x17a4 MegaSR - ok
12:39:29.0670 0x17a4 [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
12:39:29.0675 0x17a4 MEIx64 - ok
12:39:29.0678 0x17a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:39:29.0697 0x17a4 MMCSS - ok
12:39:29.0700 0x17a4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:39:29.0719 0x17a4 Modem - ok
12:39:29.0721 0x17a4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:39:29.0729 0x17a4 monitor - ok
12:39:29.0731 0x17a4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:39:29.0736 0x17a4 mouclass - ok
12:39:29.0739 0x17a4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:39:29.0744 0x17a4 mouhid - ok
12:39:29.0747 0x17a4 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:39:29.0752 0x17a4 mountmgr - ok
12:39:29.0756 0x17a4 [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:39:29.0763 0x17a4 MozillaMaintenance - ok
12:39:29.0767 0x17a4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:39:29.0773 0x17a4 mpio - ok
12:39:29.0776 0x17a4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:39:29.0794 0x17a4 mpsdrv - ok
12:39:29.0808 0x17a4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:39:29.0836 0x17a4 MpsSvc - ok
12:39:29.0841 0x17a4 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:39:29.0848 0x17a4 MRxDAV - ok
12:39:29.0852 0x17a4 [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:39:29.0861 0x17a4 mrxsmb - ok
12:39:29.0868 0x17a4 [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:39:29.0877 0x17a4 mrxsmb10 - ok
12:39:29.0880 0x17a4 [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:39:29.0887 0x17a4 mrxsmb20 - ok
12:39:29.0889 0x17a4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:39:29.0894 0x17a4 msahci - ok
12:39:29.0897 0x17a4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:39:29.0903 0x17a4 msdsm - ok
12:39:29.0907 0x17a4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:39:29.0915 0x17a4 MSDTC - ok
12:39:29.0919 0x17a4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:39:29.0937 0x17a4 Msfs - ok
12:39:29.0939 0x17a4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:39:29.0957 0x17a4 mshidkmdf - ok
12:39:29.0959 0x17a4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:39:29.0964 0x17a4 msisadrv - ok
12:39:29.0968 0x17a4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:39:29.0988 0x17a4 MSiSCSI - ok
12:39:29.0990 0x17a4 msiserver - ok
12:39:29.0991 0x17a4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:39:30.0009 0x17a4 MSKSSRV - ok
12:39:30.0011 0x17a4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:39:30.0029 0x17a4 MSPCLOCK - ok
12:39:30.0031 0x17a4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:39:30.0049 0x17a4 MSPQM - ok
12:39:30.0057 0x17a4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:39:30.0066 0x17a4 MsRPC - ok
12:39:30.0069 0x17a4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:39:30.0074 0x17a4 mssmbios - ok
12:39:30.0077 0x17a4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:39:30.0095 0x17a4 MSTEE - ok
12:39:30.0097 0x17a4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:39:30.0103 0x17a4 MTConfig - ok
12:39:30.0105 0x17a4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:39:30.0110 0x17a4 Mup - ok
12:39:30.0119 0x17a4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:39:30.0143 0x17a4 napagent - ok
12:39:30.0149 0x17a4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:39:30.0161 0x17a4 NativeWifiP - ok
12:39:30.0177 0x17a4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:39:30.0194 0x17a4 NDIS - ok
12:39:30.0197 0x17a4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:39:30.0214 0x17a4 NdisCap - ok
12:39:30.0217 0x17a4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:39:30.0235 0x17a4 NdisTapi - ok
12:39:30.0238 0x17a4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:39:30.0255 0x17a4 Ndisuio - ok
12:39:30.0259 0x17a4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:39:30.0278 0x17a4 NdisWan - ok
12:39:30.0281 0x17a4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:39:30.0298 0x17a4 NDProxy - ok
12:39:30.0301 0x17a4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:39:30.0318 0x17a4 NetBIOS - ok
12:39:30.0324 0x17a4 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:39:30.0333 0x17a4 NetBT - ok
12:39:30.0335 0x17a4 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon C:\Windows\system32\lsass.exe
12:39:30.0341 0x17a4 Netlogon - ok
12:39:30.0348 0x17a4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:39:30.0371 0x17a4 Netman - ok
12:39:30.0379 0x17a4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:30.0386 0x17a4 NetMsmqActivator - ok
12:39:30.0389 0x17a4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:30.0395 0x17a4 NetPipeActivator - ok
12:39:30.0404 0x17a4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:39:30.0429 0x17a4 netprofm - ok
12:39:30.0433 0x17a4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:30.0440 0x17a4 NetTcpActivator - ok
12:39:30.0443 0x17a4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:30.0449 0x17a4 NetTcpPortSharing - ok
12:39:30.0452 0x17a4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:39:30.0457 0x17a4 nfrd960 - ok
12:39:30.0463 0x17a4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:39:30.0473 0x17a4 NlaSvc - ok
12:39:30.0476 0x17a4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:39:30.0494 0x17a4 Npfs - ok
12:39:30.0496 0x17a4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:39:30.0515 0x17a4 nsi - ok
12:39:30.0517 0x17a4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:39:30.0535 0x17a4 nsiproxy - ok
12:39:30.0561 0x17a4 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:39:30.0589 0x17a4 Ntfs - ok
12:39:30.0592 0x17a4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:39:30.0610 0x17a4 Null - ok
12:39:30.0615 0x17a4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:39:30.0621 0x17a4 nvraid - ok
12:39:30.0625 0x17a4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:39:30.0632 0x17a4 nvstor - ok
12:39:30.0635 0x17a4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:39:30.0641 0x17a4 nv_agp - ok
12:39:30.0644 0x17a4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:39:30.0649 0x17a4 ohci1394 - ok
12:39:30.0652 0x17a4 [ 4DE56CE5F4F191C6F040B6C8AA776794, 19E61A561AEE7B49C6B0915EE0FA66047930D46B5FF233608F368A5FF824A156 ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
12:39:30.0656 0x17a4 OpenVPNService - ok
12:39:30.0792 0x17a4 [ 7D331DD034C85FB18DDF028F744FA37B, BF6ADD7AF05732340831CA7DE766B5C93323A190107F7570E2130398846F4430 ] Origin Client Service E:\Programme\Origin\OriginClientService.exe
12:39:30.0825 0x17a4 Origin Client Service - ok
12:39:30.0893 0x17a4 [ 2B099DEBCFCBE33036406739F94C529C, DBBACA632F39530F81D3AC28A350CAE49972156149835197053B8D61E00D8CEA ] Origin Web Helper Service E:\Programme\Origin\OriginWebHelperService.exe
12:39:30.0926 0x17a4 Origin Web Helper Service - ok
12:39:30.0934 0x17a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:39:30.0944 0x17a4 p2pimsvc - ok
12:39:30.0952 0x17a4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:39:30.0964 0x17a4 p2psvc - ok
12:39:30.0967 0x17a4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:39:30.0974 0x17a4 Parport - ok
12:39:30.0977 0x17a4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:39:30.0982 0x17a4 partmgr - ok
12:39:30.0986 0x17a4 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
12:39:30.0995 0x17a4 PcaSvc - ok
12:39:30.0999 0x17a4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:39:31.0006 0x17a4 pci - ok
12:39:31.0008 0x17a4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:39:31.0012 0x17a4 pciide - ok
12:39:31.0017 0x17a4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:39:31.0025 0x17a4 pcmcia - ok
12:39:31.0027 0x17a4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:39:31.0032 0x17a4 pcw - ok
12:39:31.0043 0x17a4 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:39:31.0058 0x17a4 PEAUTH - ok
12:39:31.0080 0x17a4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:39:31.0105 0x17a4 PeerDistSvc - ok
12:39:31.0128 0x17a4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:39:31.0135 0x17a4 PerfHost - ok
12:39:31.0158 0x17a4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:39:31.0195 0x17a4 pla - ok
12:39:31.0204 0x17a4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:39:31.0215 0x17a4 PlugPlay - ok
12:39:31.0218 0x17a4 PnkBstrA - ok
12:39:31.0220 0x17a4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:39:31.0226 0x17a4 PNRPAutoReg - ok
12:39:31.0232 0x17a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:39:31.0242 0x17a4 PNRPsvc - ok
12:39:31.0252 0x17a4 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:39:31.0265 0x17a4 PolicyAgent - ok
12:39:31.0270 0x17a4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:39:31.0291 0x17a4 Power - ok
12:39:31.0295 0x17a4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:39:31.0313 0x17a4 PptpMiniport - ok
12:39:31.0316 0x17a4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:39:31.0322 0x17a4 Processor - ok
12:39:31.0327 0x17a4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:39:31.0336 0x17a4 ProfSvc - ok
12:39:31.0338 0x17a4 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
12:39:31.0344 0x17a4 ProtectedStorage - ok
12:39:31.0347 0x17a4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:39:31.0366 0x17a4 Psched - ok
12:39:31.0389 0x17a4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:39:31.0413 0x17a4 ql2300 - ok
12:39:31.0418 0x17a4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:39:31.0423 0x17a4 ql40xx - ok
12:39:31.0429 0x17a4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:39:31.0440 0x17a4 QWAVE - ok
12:39:31.0443 0x17a4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:39:31.0452 0x17a4 QWAVEdrv - ok
12:39:31.0454 0x17a4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:39:31.0471 0x17a4 RasAcd - ok
12:39:31.0474 0x17a4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:39:31.0491 0x17a4 RasAgileVpn - ok
12:39:31.0495 0x17a4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:39:31.0514 0x17a4 RasAuto - ok
12:39:31.0518 0x17a4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:39:31.0536 0x17a4 Rasl2tp - ok
12:39:31.0543 0x17a4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:39:31.0564 0x17a4 RasMan - ok
12:39:31.0568 0x17a4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:39:31.0586 0x17a4 RasPppoe - ok
12:39:31.0589 0x17a4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:39:31.0607 0x17a4 RasSstp - ok
12:39:31.0613 0x17a4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:39:31.0633 0x17a4 rdbss - ok
12:39:31.0635 0x17a4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:39:31.0642 0x17a4 rdpbus - ok
12:39:31.0644 0x17a4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:39:31.0660 0x17a4 RDPCDD - ok
12:39:31.0665 0x17a4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:39:31.0673 0x17a4 RDPDR - ok
12:39:31.0675 0x17a4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:39:31.0692 0x17a4 RDPENCDD - ok
12:39:31.0695 0x17a4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:39:31.0712 0x17a4 RDPREFMP - ok
12:39:31.0716 0x17a4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:39:31.0722 0x17a4 RdpVideoMiniport - ok
12:39:31.0727 0x17a4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:39:31.0736 0x17a4 RDPWD - ok
12:39:31.0741 0x17a4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:39:31.0749 0x17a4 rdyboost - ok
12:39:31.0753 0x17a4 [ EA569D48B2E755AF6D96F03F3335D98A, EED2DCDF187A69F36A38129C8A1E0D6FE0EBF9232DEAF68A116E9A26E40AB636 ] Realtek11nCU C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
12:39:31.0755 0x17a4 Realtek11nCU - detected UnsignedFile.Multi.Generic ( 1 )
12:39:32.0045 0x17a4 Detect skipped due to KSN trusted
12:39:32.0045 0x17a4 Realtek11nCU - ok
12:39:32.0049 0x17a4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:39:32.0069 0x17a4 RemoteAccess - ok
12:39:32.0073 0x17a4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:39:32.0095 0x17a4 RemoteRegistry - ok
12:39:32.0098 0x17a4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:39:32.0117 0x17a4 RpcEptMapper - ok
12:39:32.0119 0x17a4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:39:32.0125 0x17a4 RpcLocator - ok
12:39:32.0134 0x17a4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
12:39:32.0146 0x17a4 RpcSs - ok
12:39:32.0150 0x17a4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:39:32.0168 0x17a4 rspndr - ok
12:39:32.0181 0x17a4 [ 2BE8E7D6DF63183100F15B27B82EE2ED, CEF98489F7A36F06FF2961CA852386F6E7160BF2F31F12E578D778BE61D56BD6 ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
12:39:32.0195 0x17a4 RTL8192cu - ok
12:39:32.0198 0x17a4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:39:32.0203 0x17a4 s3cap - ok
12:39:32.0206 0x17a4 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs C:\Windows\system32\lsass.exe
12:39:32.0213 0x17a4 SamSs - ok
12:39:32.0217 0x17a4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:39:32.0223 0x17a4 sbp2port - ok
12:39:32.0227 0x17a4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:39:32.0248 0x17a4 SCardSvr - ok
12:39:32.0250 0x17a4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:39:32.0268 0x17a4 scfilter - ok
12:39:32.0286 0x17a4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
12:39:32.0307 0x17a4 Schedule - ok
12:39:32.0311 0x17a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:39:32.0328 0x17a4 SCPolicySvc - ok
12:39:32.0332 0x17a4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:39:32.0341 0x17a4 SDRSVC - ok
12:39:32.0343 0x17a4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:39:32.0349 0x17a4 secdrv - ok
12:39:32.0352 0x17a4 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
12:39:32.0358 0x17a4 seclogon - ok
12:39:32.0361 0x17a4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
12:39:32.0380 0x17a4 SENS - ok
12:39:32.0383 0x17a4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:39:32.0390 0x17a4 SensrSvc - ok
12:39:32.0393 0x17a4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:39:32.0399 0x17a4 Serenum - ok
12:39:32.0401 0x17a4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:39:32.0409 0x17a4 Serial - ok
12:39:32.0411 0x17a4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:39:32.0417 0x17a4 sermouse - ok
12:39:32.0423 0x17a4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:39:32.0443 0x17a4 SessionEnv - ok
12:39:32.0446 0x17a4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:39:32.0452 0x17a4 sffdisk - ok
12:39:32.0455 0x17a4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:39:32.0462 0x17a4 sffp_mmc - ok
12:39:32.0464 0x17a4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:39:32.0471 0x17a4 sffp_sd - ok
12:39:32.0473 0x17a4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:39:32.0478 0x17a4 sfloppy - ok
12:39:32.0485 0x17a4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:39:32.0507 0x17a4 SharedAccess - ok
12:39:32.0515 0x17a4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:39:32.0538 0x17a4 ShellHWDetection - ok
12:39:32.0541 0x17a4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:39:32.0546 0x17a4 SiSRaid2 - ok
12:39:32.0548 0x17a4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:39:32.0554 0x17a4 SiSRaid4 - ok
12:39:32.0557 0x17a4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:39:32.0577 0x17a4 Smb - ok
12:39:32.0583 0x17a4 [ E3E56CAF0472163871B922FC7CBC9654, 1D7208519DB904E1B27F8D5214CA219BD52AB8C1AB64F22F8959DC4E8955AD37 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
12:39:32.0591 0x17a4 snapman - ok
12:39:32.0593 0x17a4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:39:32.0600 0x17a4 SNMPTRAP - ok
12:39:32.0605 0x17a4 [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
12:39:32.0611 0x17a4 Sony PC Companion - ok
12:39:32.0613 0x17a4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:39:32.0617 0x17a4 spldr - ok
12:39:32.0628 0x17a4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:39:32.0641 0x17a4 Spooler - ok
12:39:32.0695 0x17a4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:39:32.0762 0x17a4 sppsvc - ok
12:39:32.0767 0x17a4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:39:32.0789 0x17a4 sppuinotify - ok
12:39:32.0805 0x17a4 [ 9AB59CF736981ED1F83C6AB5FAA8BA5C, 997F3134B5CE3FD73E88E4823FE94D1D0FFA8BE05A35F9982C49A7ED84385A76 ] sptd C:\Windows\system32\Drivers\sptd.sys
12:39:32.0821 0x17a4 sptd - ok
12:39:32.0830 0x17a4 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:39:32.0841 0x17a4 srv - ok
12:39:32.0849 0x17a4 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:39:32.0858 0x17a4 srv2 - ok
12:39:32.0863 0x17a4 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:39:32.0869 0x17a4 srvnet - ok
12:39:32.0874 0x17a4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:39:32.0895 0x17a4 SSDPSRV - ok
12:39:32.0899 0x17a4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:39:32.0918 0x17a4 SstpSvc - ok
12:39:32.0941 0x17a4 [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:39:32.0965 0x17a4 Steam Client Service - ok
12:39:32.0969 0x17a4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:39:32.0973 0x17a4 stexstor - ok
12:39:32.0983 0x17a4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:39:33.0000 0x17a4 stisvc - ok
12:39:33.0004 0x17a4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:39:33.0008 0x17a4 storflt - ok
12:39:33.0011 0x17a4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:39:33.0015 0x17a4 storvsc - ok
12:39:33.0017 0x17a4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:39:33.0022 0x17a4 swenum - ok
12:39:33.0030 0x17a4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:39:33.0056 0x17a4 swprv - ok
12:39:33.0161 0x17a4 [ 062404ED60707B116EDD3E52836AE664, 846E1BF6FA3E8C6484438305901DC9AD867743104A07F67502F5F3A7195CAED7 ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
12:39:33.0265 0x17a4 syncagentsrv - ok
12:39:33.0273 0x17a4 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
12:39:33.0278 0x17a4 Synth3dVsc - ok
12:39:33.0305 0x17a4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
12:39:33.0336 0x17a4 SysMain - ok
12:39:33.0340 0x17a4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:39:33.0350 0x17a4 TabletInputService - ok
12:39:33.0353 0x17a4 [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
12:39:33.0358 0x17a4 tap0901 - ok
12:39:33.0364 0x17a4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:39:33.0386 0x17a4 TapiSrv - ok
12:39:33.0416 0x17a4 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:39:33.0447 0x17a4 Tcpip - ok
12:39:33.0477 0x17a4 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:39:33.0508 0x17a4 TCPIP6 - ok
12:39:33.0512 0x17a4 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:39:33.0518 0x17a4 tcpipreg - ok
12:39:33.0521 0x17a4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:39:33.0525 0x17a4 TDPIPE - ok
12:39:33.0548 0x17a4 [ AC28A6FCA485821499FF018695CEDE16, 8BA6086EB1831FDEDB9E195EA7D5F2FE2B0944E4E0B0CDB41CD06971F7DAC805 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
12:39:33.0573 0x17a4 tdrpman - ok
12:39:33.0577 0x17a4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:39:33.0581 0x17a4 TDTCP - ok
12:39:33.0584 0x17a4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:39:33.0590 0x17a4 tdx - ok
12:39:33.0709 0x17a4 [ 8EA86BC14E5AE25E4DA5C742587FB1A4, F95A56D5C651596AFDF0B794F4F2920CE5193333CE96D26D9A6645E6417ABA47 ] TeamViewer9 E:\Programme\Team Viewer 9\TeamViewer_Service.exe
12:39:33.0781 0x17a4 TeamViewer9 - ok
12:39:33.0787 0x17a4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:39:33.0792 0x17a4 TermDD - ok
12:39:33.0795 0x17a4 [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys
12:39:33.0800 0x17a4 terminpt - ok
12:39:33.0812 0x17a4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:39:33.0827 0x17a4 TermService - ok
12:39:33.0830 0x17a4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:39:33.0839 0x17a4 Themes - ok
12:39:33.0842 0x17a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:39:33.0861 0x17a4 THREADORDER - ok
12:39:33.0878 0x17a4 [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\Windows\system32\DRIVERS\tib.sys
12:39:33.0898 0x17a4 tib - ok
12:39:33.0904 0x17a4 [ 8C750FE6DE38AF13506B99EC2F519F79, 232D18416E9DE3A676C625280CF172ED180B5AF98C69E5B24CC780D480549E35 ] tib_mounter C:\Windows\system32\DRIVERS\tib_mounter.sys
12:39:33.0911 0x17a4 tib_mounter - ok
12:39:33.0916 0x17a4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:39:33.0935 0x17a4 TrkWks - ok
12:39:33.0940 0x17a4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:39:33.0959 0x17a4 TrustedInstaller - ok
12:39:33.0962 0x17a4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:39:33.0967 0x17a4 tssecsrv - ok
12:39:33.0969 0x17a4 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:39:33.0975 0x17a4 TsUsbFlt - ok
12:39:33.0977 0x17a4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:39:33.0982 0x17a4 TsUsbGD - ok
12:39:33.0986 0x17a4 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
12:39:33.0992 0x17a4 tsusbhub - ok
12:39:33.0996 0x17a4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:39:34.0014 0x17a4 tunnel - ok
12:39:34.0017 0x17a4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:39:34.0022 0x17a4 uagp35 - ok
12:39:34.0029 0x17a4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:39:34.0051 0x17a4 udfs - ok
12:39:34.0055 0x17a4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:39:34.0062 0x17a4 UI0Detect - ok
12:39:34.0064 0x17a4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:39:34.0070 0x17a4 uliagpkx - ok
12:39:34.0072 0x17a4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:39:34.0078 0x17a4 umbus - ok
12:39:34.0079 0x17a4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:39:34.0084 0x17a4 UmPass - ok
12:39:34.0089 0x17a4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:39:34.0098 0x17a4 UmRdpService - ok
12:39:34.0105 0x17a4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:39:34.0129 0x17a4 upnphost - ok
12:39:34.0132 0x17a4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:39:34.0138 0x17a4 usbaudio - ok
12:39:34.0141 0x17a4 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:39:34.0148 0x17a4 usbccgp - ok
12:39:34.0151 0x17a4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:39:34.0157 0x17a4 usbcir - ok
12:39:34.0160 0x17a4 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:39:34.0166 0x17a4 usbehci - ok
12:39:34.0172 0x17a4 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
12:39:34.0181 0x17a4 usbhub - ok
12:39:34.0184 0x17a4 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:39:34.0189 0x17a4 usbohci - ok
12:39:34.0192 0x17a4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:39:34.0198 0x17a4 usbprint - ok
12:39:34.0202 0x17a4 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:39:34.0209 0x17a4 USBSTOR - ok
12:39:34.0211 0x17a4 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:39:34.0217 0x17a4 usbuhci - ok
12:39:34.0219 0x17a4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:39:34.0240 0x17a4 UxSms - ok
12:39:34.0242 0x17a4 [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc C:\Windows\system32\lsass.exe
12:39:34.0248 0x17a4 VaultSvc - ok
12:39:34.0250 0x17a4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:39:34.0256 0x17a4 vdrvroot - ok
12:39:34.0265 0x17a4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:39:34.0290 0x17a4 vds - ok
12:39:34.0293 0x17a4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:39:34.0300 0x17a4 vga - ok
12:39:34.0302 0x17a4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:39:34.0319 0x17a4 VgaSave - ok
12:39:34.0321 0x17a4 VGPU - ok
12:39:34.0325 0x17a4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:39:34.0332 0x17a4 vhdmp - ok
12:39:34.0335 0x17a4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:39:34.0339 0x17a4 viaide - ok
12:39:34.0343 0x17a4 [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
12:39:34.0350 0x17a4 vididr - ok
12:39:34.0354 0x17a4 [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt C:\Windows\system32\DRIVERS\vidsflt.sys
12:39:34.0360 0x17a4 vidsflt - ok
12:39:34.0365 0x17a4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:39:34.0372 0x17a4 vmbus - ok
12:39:34.0374 0x17a4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:39:34.0379 0x17a4 VMBusHID - ok
12:39:34.0382 0x17a4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:39:34.0387 0x17a4 volmgr - ok
12:39:34.0393 0x17a4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:39:34.0402 0x17a4 volmgrx - ok
12:39:34.0409 0x17a4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:39:34.0417 0x17a4 volsnap - ok
12:39:34.0421 0x17a4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:39:34.0428 0x17a4 vsmraid - ok
12:39:34.0453 0x17a4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:39:34.0496 0x17a4 VSS - ok
12:39:34.0502 0x17a4 [ BE6C456AE7620B86A7273CBD11A3D450, DEBBB12CB9771722D8258FDF9ECC4ED035BD7090371A975928D11F6B9EDC0C59 ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
12:39:34.0509 0x17a4 VSStandardCollectorService140 - ok
12:39:34.0511 0x17a4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:39:34.0518 0x17a4 vwifibus - ok
12:39:34.0520 0x17a4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:39:34.0529 0x17a4 vwififlt - ok
12:39:34.0536 0x17a4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:39:34.0561 0x17a4 W32Time - ok
12:39:34.0564 0x17a4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:39:34.0570 0x17a4 WacomPen - ok
12:39:34.0573 0x17a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:39:34.0591 0x17a4 WANARP - ok
12:39:34.0593 0x17a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:39:34.0611 0x17a4 Wanarpv6 - ok
12:39:34.0631 0x17a4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:39:34.0652 0x17a4 WatAdminSvc - ok
12:39:34.0676 0x17a4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:39:34.0703 0x17a4 wbengine - ok
12:39:34.0709 0x17a4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:39:34.0720 0x17a4 WbioSrvc - ok
12:39:34.0727 0x17a4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:39:34.0742 0x17a4 wcncsvc - ok
12:39:34.0744 0x17a4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:39:34.0751 0x17a4 WcsPlugInService - ok
12:39:34.0754 0x17a4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:39:34.0758 0x17a4 Wd - ok
12:39:34.0771 0x17a4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:39:34.0787 0x17a4 Wdf01000 - ok
12:39:34.0791 0x17a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:39:34.0798 0x17a4 WdiServiceHost - ok
12:39:34.0800 0x17a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:39:34.0808 0x17a4 WdiSystemHost - ok
12:39:34.0813 0x17a4 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
12:39:34.0823 0x17a4 WebClient - ok
12:39:34.0829 0x17a4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:39:34.0850 0x17a4 Wecsvc - ok
12:39:34.0853 0x17a4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:39:34.0874 0x17a4 wercplsupport - ok
12:39:34.0877 0x17a4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:39:34.0897 0x17a4 WerSvc - ok
12:39:34.0899 0x17a4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:39:34.0918 0x17a4 WfpLwf - ok
12:39:34.0920 0x17a4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:39:34.0925 0x17a4 WIMMount - ok
12:39:34.0926 0x17a4 WinDefend - ok
12:39:34.0929 0x17a4 WinHttpAutoProxySvc - ok
12:39:34.0938 0x17a4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:39:34.0959 0x17a4 Winmgmt - ok
12:39:34.0971 0x17a4 [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp
12:39:34.0976 0x17a4 WinRing0_1_2_0 - ok
12:39:35.0006 0x17a4 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
12:39:35.0039 0x17a4 WinRM - ok
12:39:35.0044 0x17a4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
12:39:35.0052 0x17a4 WinUsb - ok
12:39:35.0066 0x17a4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:39:35.0087 0x17a4 Wlansvc - ok
12:39:35.0123 0x17a4 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:39:35.0159 0x17a4 wlidsvc - ok
12:39:35.0163 0x17a4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:39:35.0168 0x17a4 WmiAcpi - ok
12:39:35.0174 0x17a4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:39:35.0181 0x17a4 wmiApSrv - ok
12:39:35.0183 0x17a4 WMPNetworkSvc - ok
12:39:35.0185 0x17a4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:39:35.0191 0x17a4 WPCSvc - ok
12:39:35.0195 0x17a4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:39:35.0202 0x17a4 WPDBusEnum - ok
12:39:35.0205 0x17a4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:39:35.0222 0x17a4 ws2ifsl - ok
12:39:35.0226 0x17a4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
12:39:35.0236 0x17a4 wscsvc - ok
12:39:35.0238 0x17a4 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:39:35.0245 0x17a4 WSDPrintDevice - ok
12:39:35.0247 0x17a4 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
12:39:35.0252 0x17a4 WSDScan - ok
12:39:35.0254 0x17a4 WSearch - ok
12:39:35.0295 0x17a4 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
12:39:35.0336 0x17a4 wuauserv - ok
12:39:35.0341 0x17a4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:39:35.0347 0x17a4 WudfPf - ok
12:39:35.0352 0x17a4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:39:35.0360 0x17a4 WUDFRd - ok
12:39:35.0363 0x17a4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:39:35.0370 0x17a4 wudfsvc - ok
12:39:35.0376 0x17a4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:39:35.0384 0x17a4 WwanSvc - ok
12:39:35.0388 0x17a4 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
12:39:35.0394 0x17a4 xusb21 - ok
12:39:35.0397 0x17a4 ================ Scan global ===============================
12:39:35.0399 0x17a4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
12:39:35.0405 0x17a4 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
12:39:35.0412 0x17a4 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
12:39:35.0418 0x17a4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:39:35.0425 0x17a4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:39:35.0430 0x17a4 [ Global ] - ok
12:39:35.0430 0x17a4 ================ Scan MBR ==================================
12:39:35.0448 0x17a4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:39:35.0540 0x17a4 \Device\Harddisk1\DR1 - ok
12:39:35.0541 0x17a4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:39:35.0621 0x17a4 \Device\Harddisk0\DR0 - ok
12:39:35.0623 0x17a4 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
12:39:35.0710 0x17a4 \Device\Harddisk2\DR2 - ok
12:39:35.0711 0x17a4 ================ Scan VBR ==================================
12:39:35.0712 0x17a4 [ 5D23D8AA856C245B3F0EEDBCCED02212 ] \Device\Harddisk1\DR1\Partition1
12:39:35.0713 0x17a4 \Device\Harddisk1\DR1\Partition1 - ok
12:39:35.0714 0x17a4 [ E4D1D2EAD36901D9233A070316E5B491 ] \Device\Harddisk0\DR0\Partition1
12:39:35.0715 0x17a4 \Device\Harddisk0\DR0\Partition1 - ok
12:39:35.0716 0x17a4 [ 019409E518D7611233B9FD2C64C39F86 ] \Device\Harddisk0\DR0\Partition2
12:39:35.0717 0x17a4 \Device\Harddisk0\DR0\Partition2 - ok
12:39:35.0719 0x17a4 [ AA8C651406C6BEA6E0B73760F1DBA14C ] \Device\Harddisk2\DR2\Partition1
12:39:35.0721 0x17a4 \Device\Harddisk2\DR2\Partition1 - ok
12:39:35.0721 0x17a4 ================ Scan generic autorun ======================
12:39:35.0730 0x17a4 [ C37341BBB89067D4CCAC7FA799F78BB6, B13B066376B03FA150B53E37FE39DAC4CC82AC66D433C1BB44276235EC0E79E8 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
12:39:35.0740 0x17a4 Acronis Scheduler2 Service - ok
12:39:35.0763 0x17a4 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
12:39:35.0769 0x17a4 Cmaudio8788 - ok
12:39:35.0774 0x17a4 [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
12:39:35.0778 0x17a4 Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
12:39:36.0035 0x17a4 Detect skipped due to KSN trusted
12:39:36.0035 0x17a4 Cmaudio8788GX - ok
12:39:36.0040 0x17a4 [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
12:39:36.0046 0x17a4 Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
12:39:36.0303 0x17a4 Detect skipped due to KSN trusted
12:39:36.0303 0x17a4 Cmaudio8788GX64 - ok
12:39:36.0500 0x17a4 [ 324B8DDDF70D28B7A767E0608256DF36, 2FA4AA3F5E6D9C16A50F986027708AF657ADE9AE2A286E4F7686A1DF510FC2C1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:39:36.0684 0x17a4 RTHDVCPL - ok
12:39:36.0697 0x17a4 [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
12:39:36.0705 0x17a4 USB3MON - ok
12:39:36.0705 0x17a4 Func KB-460 - ok
12:39:36.0795 0x17a4 [ F0C14288A8CBB4919919063F7B781483, 23BD6592035FAB1B222B151134D2504AC013F93768EAB91DF39EE9439AB11F4F ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
12:39:36.0882 0x17a4 TrueImageMonitor.exe - ok
12:39:36.0903 0x17a4 [ 3CEF82F01A4E5071D60CF45264FC50EB, 3E30C49E6B43EF901DBED56A18B88BE5741A8B9576587891BDED6C7174AC5859 ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
12:39:36.0921 0x17a4 AcronisTibMounterMonitor - ok
12:39:36.0925 0x17a4 [ 1907517A11D41C24BD3A8F9137E334B7, 18AC567D9F1284B5CF60D5E98759D691E1BB1DE2637E55CEBEE88C1B68C10CD9 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
12:39:36.0931 0x17a4 IMSS - ok
12:39:36.0940 0x17a4 [ FE6E7F52D875E49A8DA4597675A38D9C, A116BDBD72AA9E21E2F5EE10E62B0FD530C66AD151B2C3CBA9AC77C7FCDE3ACB ] C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
12:39:36.0950 0x17a4 RoccatKonePureOptical - detected UnsignedFile.Multi.Generic ( 1 )
12:39:37.0247 0x17a4 RoccatKonePureOptical ( UnsignedFile.Multi.Generic ) - warning
12:39:37.0378 0x17a4 [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:39:37.0390 0x17a4 SunJavaUpdateSched - ok
12:39:37.0413 0x17a4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:39:37.0441 0x17a4 Sidebar - ok
12:39:37.0454 0x17a4 [ 6ECE746BB283927604DA192CA0D1403D, 327E1E908B6DB1C8414B31DB277EF5EABA340B2EE7FEE19349860B3C8F7778FE ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE
12:39:37.0462 0x17a4 EPLTarget\P0000000000000000 - ok
12:39:37.0573 0x17a4 [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
12:39:37.0676 0x17a4 CCleaner Monitoring - ok
12:39:37.0680 0x17a4 HydraVisionDesktopManager - ok
12:39:37.0689 0x17a4 [ 6ECE746BB283927604DA192CA0D1403D, 327E1E908B6DB1C8414B31DB277EF5EABA340B2EE7FEE19349860B3C8F7778FE ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE
12:39:37.0696 0x17a4 EPLTarget\P0000000000000000 - ok
12:39:37.0719 0x17a4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:39:37.0744 0x17a4 Sidebar - ok
12:39:37.0854 0x17a4 [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
12:39:37.0956 0x17a4 CCleaner Monitoring - ok
12:39:37.0961 0x17a4 Waiting for KSN requests completion. In queue: 151
12:39:38.0968 0x17a4 Win FW state via NFP2: enabled ( trusted )
12:39:39.0048 0x17a4 ============================================================
12:39:39.0048 0x17a4 Scan finished
12:39:39.0048 0x17a4 ============================================================
12:39:39.0051 0x03cc Detected object count: 1
12:39:39.0051 0x03cc Actual detected object count: 1
12:40:37.0374 0x03cc RoccatKonePureOptical ( UnsignedFile.Multi.Generic ) - skipped by user
12:40:37.0374 0x03cc RoccatKonePureOptical ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:40:43.0611 0x03a0 Deinitialize success
|
|
20.02.2017, 13:04
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenprüfung meldet infizierte Dateien mit Win32:DH Bitte das richtige Log von MBAR posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.02.2017, 13:16
| #12 |
| | Virenprüfung meldet infizierte Dateien mit Win32:DH Upps, hier nun das richtige: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.02.20.03
rootkit: v2017.02.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Moritz :: MORITZ2-PC [administrator]
20.02.2017 12:24:02
mbar-log-2017-02-20 (12-24-02).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 394366
Time elapsed: 5 minute(s), 29 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Moritz\AppData\Local\Temp\_avast_\unp16039750.tmp\13.exe (HackTool.WinActivator) -> Delete on reboot. [959e92133a6e4cea9ed007b96799639d]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.02.20.03
rootkit: v2017.02.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Moritz :: MORITZ2-PC [administrator]
20.02.2017 12:32:17
mbar-log-2017-02-20 (12-32-17).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 394149
Time elapsed: 5 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
20.02.2017, 13:49
| #13 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenprüfung meldet infizierte Dateien mit Win32:DHZitat:
Normalerweile machen wir mit der Reinigung weiter wenn das gecrackte Zeugs vom Hilfesuchenden deinstalliert wird. Aber wenn das OS gecrackt ist, wirds sinnfrei. Besorg dir ein legales Windows. Dann helfe ich gern weiter bei der Neuinstallation. Nimm am besten gleich Windows 10.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.02.2017, 18:01
| #14 |
| | Virenprüfung meldet infizierte Dateien mit Win32:DH Da war mal ein gecracktes Windows installiert, das stimmt. Ich habe den Crack aber entfernt und das Windows mit einem legalen Key aktiviert. Das kann ich dir versichern und wenn du willst auch die Rechnung zeigen. Allerdings ist das schon über ein Jahr her. Ich weiß nicht, warum da scheinbar noch Rückstände vorhanden sind. Gibts denn noch Anzeichen für eine Infektion? Falls du mir dennoch nicht weiterhelfen möchtest, kannst du mir sagen, ob ich die Tools dann einfach löschen kann? Sorry, aber gehts jetzt noch weiter oder nicht?  |
|
20.02.2017, 23:07
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenprüfung meldet infizierte Dateien mit Win32:DH Wie gesagt, gecracktes Windows. Und zuvor wurdest du auch hier mit gecracktem Office schon erwischt. Hilfe gibts jetzt von mir noch mit der Neuinstallation...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Virenprüfung meldet infizierte Dateien mit Win32:DH |
| antimalware, ausgeführt, avast, datei, dateien, durchgeführt, ernst, fehlalarm, gestartet, gestern, hallo zusammen, infizierte, malwarebytes, malwarebytes antimalware, melde, meldet, prüfung, quarantäne, rechner, scan, sicherheit, situation, virus, win, win32, win32:dh, zusammen |
Linear-Darstellung
