Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   win8.1 64 bit - Trojan.scriptKD.1998 (https://www.trojaner-board.de/168198-win8-1-64-bit-trojan-scriptkd-1998-a.html)

mr.lowcut 24.06.2015 17:14
win8.1 64 bit - Trojan.scriptKD.1998
 
Hallo,

ich habe gerade mit Bitfender einen kompletten Systemscan durchgeführt und er hat auf c:, sowie auf der backup e: den "trojan.scriptKD.1998" gefunden. Bitfender konnte das Problem nicht beheben. Googeln auch nicht. :(

Da mir früher bereits einmal von euch sehr kompetent und schnell geholfen wurde, poste ich nun erneut ins Forum und bitte um eure Hilfe.

Vielen Dank!!

Mein System:
Win8.1 64 bit
Intel i3
16gig RAM
c: 256gb SSD
e: 1tb HDD
Bitfender
Firefox 38

schrauber 24.06.2015 17:33
hi,

Logfile von dem Fund?

mr.lowcut 24.06.2015 18:13
Die Bitfender Logfiles kann ich leider nicht ausfindig machen, sie scheinen recht gut versteckt zu sein (habe gegoogelt, aber keine gescheite Anleitung gefunden).

Gmer hat auch ein Problem:
"C:\Windows\System32\config\system: Der Prozess kann nicht auf die Datein zugreifen, da sie von einem anderen Prozess verwendet wird. "
Danach stürzt Gmer ab.

Hier trotzdem schonmal das FRST Log:

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by Arn (administrator) on NRA on 24-06-2015 18:56:16
Running from C:\Users\Arn\Desktop
Loaded Profiles: Arn (Available Profiles: Arn)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Arn\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253952 2013-05-07] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-12] (Bitdefender)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-11-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [Hercules DJ Series] => C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [631592 2009-07-09] (Hercules®)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
Startup: C:\Users\Arn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk [2014-04-06]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1709069591-411249894-1299585004-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-1709069591-411249894-1299585004-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1709069591-411249894-1299585004-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-24] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin HKU\S-1-5-21-1709069591-411249894-1299585004-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-31] ()
FF Extension: WOT - C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-29]
FF Extension: Speed Dial - C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-05-10]
FF Extension: NoScript - C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-10]
FF Extension: Adblock Plus - C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-05-31]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-05-31]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [45056 2013-06-15] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [20480 2007-11-21] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-06-24] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-04-25] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-04-24] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-16] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-01-09] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [150528 2009-07-08] (© Guillemot R&D, 2009. All rights reserved.)
S3 busenum; C:\Windows\System32\drivers\SteelBus64.sys [145408 2014-01-08] (SteelSeries Corporation) [File not signed]
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)
S3 HDJMidi; C:\Windows\system32\DRIVERS\HDJMidi.sys [143360 2009-07-08] (© Guillemot R&D, 2009. All rights reserved.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 Razerlow; C:\Windows\system32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [547032 2013-07-04] (Realtek Semiconductor Corporation)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-22] (Realtek Semiconductor Corporation                          )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation) [File not signed]
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\E:\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X]
S3 UCORESYS; \??\E:\UCORESYS.sys [X]
S3 WacHidRouter; \SystemRoot\System32\drivers\wachidrouter.sys [X]
S3 wacomrouterfilter; \SystemRoot\System32\drivers\wacomrouterfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-24 18:56 - 2015-06-24 18:56 - 00023078 _____ C:\Users\Arn\Desktop\FRST.txt
2015-06-24 18:55 - 2015-06-24 18:56 - 00000000 ____D C:\FRST
2015-06-24 18:54 - 2015-06-24 18:54 - 02109952 _____ (Farbar) C:\Users\Arn\Desktop\FRST64.exe
2015-06-24 18:54 - 2015-06-24 18:54 - 00380416 _____ C:\Users\Arn\Desktop\Gmer-19357.exe
2015-06-15 18:35 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-15 18:35 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-15 18:35 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-15 18:35 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-15 18:35 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-15 18:35 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-15 18:35 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-15 18:35 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-15 18:35 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-15 18:35 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-15 18:35 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-15 18:35 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-15 18:35 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-15 18:35 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-15 18:35 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-15 18:35 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-15 18:35 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-15 18:35 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-15 18:35 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-15 18:35 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-15 18:35 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-15 18:35 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-15 18:35 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-15 18:35 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-15 18:35 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-15 18:35 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-15 18:35 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-15 18:35 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-15 18:35 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-15 18:35 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-15 18:35 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-15 18:35 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-15 18:35 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-15 18:35 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-15 18:35 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-15 18:35 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-15 18:35 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-15 18:35 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-15 18:35 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-15 18:35 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-15 18:35 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-15 18:35 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-15 18:35 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-15 18:35 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-15 18:35 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-15 18:35 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-15 18:34 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-12 08:38 - 2015-06-12 08:38 - 00005165 _____ C:\Users\Arn\AppData\Local\recently-used.xbel
2015-06-10 16:17 - 2015-06-21 20:51 - 00470880 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-09 18:51 - 2015-06-09 18:51 - 00000000 ____D C:\Program Files\Voxengo
2015-06-09 18:51 - 2015-06-09 18:51 - 00000000 ____D C:\Program Files\Common Files\Steinberg
2015-06-09 18:50 - 2015-06-09 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Firebird
2015-06-09 18:47 - 2015-06-09 18:47 - 00000000 ____D C:\Users\Public\Documents\u-he
2015-06-09 18:46 - 2015-06-09 18:46 - 00000000 ____D C:\Programme
2015-06-09 18:46 - 2015-06-09 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phasewave
2015-06-09 18:45 - 2015-06-09 18:45 - 00000000 ____D C:\Program Files\Mellowmuse
2015-06-06 15:40 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-06 15:39 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-06 15:39 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00878816 _____ C:\Windows\system32\nvmcumd.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00117576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-06-05 15:07 - 2015-06-05 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-06-05 15:07 - 2015-06-05 15:07 - 00000000 ____D C:\Program Files\CPUID
2015-06-03 15:37 - 2015-06-04 08:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 16:04 - 2015-06-06 15:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 16:04 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-01 16:04 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-01 15:59 - 2015-06-01 15:59 - 00000000 ____D C:\Users\Arn\AppData\Local\GWX
2015-05-31 17:15 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-31 17:15 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-05-31 17:15 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-05-31 17:15 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-05-31 17:15 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-05-31 17:15 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-05-31 17:15 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-05-31 17:15 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-05-31 17:15 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-05-31 17:14 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-05-31 17:14 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-05-31 17:14 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-05-31 17:14 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-05-31 17:14 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-05-31 17:14 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-05-31 17:14 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-05-31 17:14 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-05-31 17:14 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-05-31 17:14 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-05-31 17:14 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-05-31 17:14 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-05-31 17:14 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-05-31 17:14 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-05-31 17:14 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-05-31 17:14 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-05-31 17:14 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-05-31 17:14 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-05-31 17:14 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-05-31 16:56 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-05-31 16:56 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-05-31 16:55 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-05-31 16:55 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-05-31 12:43 - 2015-05-31 12:43 - 00000000 ____D C:\Users\Arn\AppData\Temp
2015-05-31 12:24 - 2015-05-31 12:24 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-05-31 12:14 - 2015-05-31 12:51 - 00000000 ____D C:\ProgramData\BDLogging
2015-05-31 12:14 - 2015-05-31 12:14 - 00718339 _____ C:\ProgramData\1433066729.bdinstall.bin
2015-05-31 12:14 - 2015-05-31 12:14 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2015-05-31 12:14 - 2015-05-31 12:14 - 00000385 _____ C:\Users\Arn\AppData\Roaminguser_gensett.xml
2015-05-31 12:14 - 2015-05-31 12:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-05-31 12:14 - 2015-05-31 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-05-31 12:13 - 2015-01-23 16:30 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-05-31 12:13 - 2015-01-14 13:13 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-05-31 12:13 - 2015-01-14 13:07 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-05-31 12:13 - 2015-01-09 11:59 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-05-31 12:13 - 2015-01-09 11:44 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-05-31 12:13 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2015-05-31 12:13 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-05-31 12:13 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-05-31 12:07 - 2015-05-31 12:07 - 00000000 ____D C:\Users\Arn\AppData\Roaming\Bitdefender
2015-05-31 12:05 - 2015-05-31 12:14 - 00000000 ____D C:\ProgramData\Bitdefender
2015-05-31 12:05 - 2015-05-31 12:05 - 00000000 ____D C:\Users\Arn\AppData\Roaming\QuickScan
2015-05-31 12:05 - 2015-05-31 12:05 - 00000000 ____D C:\Program Files\Bitdefender
2015-05-31 12:05 - 2015-02-24 17:52 - 00160544 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-05-31 12:05 - 2015-01-09 11:44 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2015-05-31 12:05 - 2015-01-09 11:44 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2015-05-31 12:05 - 2014-10-15 17:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-05-31 11:57 - 2015-05-31 12:05 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-05-29 16:46 - 2015-05-25 10:37 - 00450831 ____R C:\Windows\system32\Drivers\etc\hosts.20150529-164621.backup
2015-05-25 10:37 - 2015-05-10 14:57 - 00450831 ____R C:\Windows\system32\Drivers\etc\hosts.20150525-103719.backup

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-24 18:45 - 2014-07-31 17:39 - 00000000 ____D C:\Users\Arn\AppData\Roaming\vlc
2015-06-24 18:08 - 2014-04-18 18:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-24 18:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-24 17:20 - 2014-04-05 15:11 - 00000000 ____D C:\ProgramData\Origin
2015-06-24 17:17 - 2014-01-06 11:27 - 01075258 _____ C:\Windows\WindowsUpdate.log
2015-06-24 16:33 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-24 16:08 - 2014-04-18 18:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 16:01 - 2014-04-06 13:02 - 00000000 ___DO C:\Users\Arn\SkyDrive
2015-06-24 15:56 - 2014-04-05 15:11 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-24 15:34 - 2013-11-09 09:40 - 02731366 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-24 15:34 - 2013-09-13 22:52 - 00794000 _____ C:\Windows\system32\perfh010.dat
2015-06-24 15:34 - 2013-09-13 22:52 - 00156420 _____ C:\Windows\system32\perfc010.dat
2015-06-24 15:34 - 2013-09-13 22:22 - 00765378 _____ C:\Windows\system32\perfh007.dat
2015-06-24 15:34 - 2013-09-13 22:22 - 00159696 _____ C:\Windows\system32\perfc007.dat
2015-06-24 15:31 - 2014-03-22 04:34 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{306185A1-195C-4154-9A37-9E59D559F6C1}
2015-06-24 15:28 - 2014-11-01 13:30 - 00083158 _____ C:\Windows\setupact.log
2015-06-24 15:28 - 2014-05-17 12:38 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-24 15:28 - 2014-03-22 04:21 - 00081426 _____ C:\Users\Arn\AppData\Local\BTServer.log
2015-06-24 15:28 - 2014-01-06 11:38 - 00000025 ___SH C:\Windows\SysWOW64\ReadTag.ini
2015-06-24 15:28 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-23 17:23 - 2015-05-18 16:50 - 00000000 ____D C:\Users\Arn\AppData\Roaming\Audacity
2015-06-21 22:20 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-19 14:33 - 2014-12-10 16:42 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-19 14:33 - 2014-07-10 15:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-19 14:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-19 13:25 - 2014-03-22 11:37 - 00000000 ____D C:\Windows\system32\MRT
2015-06-19 13:25 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-19 13:23 - 2014-03-22 11:36 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-19 13:22 - 2014-01-06 11:26 - 00000000 ____D C:\ProgramData\Realtek
2015-06-18 16:57 - 2014-04-05 15:56 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-06-18 16:57 - 2014-04-05 15:56 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-06-18 16:32 - 2014-04-10 16:23 - 00000000 ____D C:\Users\Arn\AppData\Roaming\TS3Client
2015-06-17 20:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 07:30 - 2014-04-05 15:48 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-06-17 07:30 - 2013-11-09 09:22 - 00055226 _____ C:\Windows\PFRO.log
2015-06-13 19:38 - 2014-10-16 11:31 - 00000000 ____D C:\Users\Arn\AppData\Local\Adobe
2015-06-13 14:56 - 2014-03-21 21:08 - 00000000 ___RD C:\Users\Arn\Desktop\Programme
2015-06-13 14:05 - 2014-09-04 18:55 - 00000000 ____D C:\Users\Arn\AppData\Roaming\FlowStone
2015-06-12 19:56 - 2015-05-18 17:00 - 00000000 ____D C:\Users\Arn\Desktop\Samples
2015-06-12 08:38 - 2014-04-20 20:15 - 00000000 ____D C:\Users\Arn\AppData\Local\gtk-2.0
2015-06-12 08:38 - 2014-03-22 11:14 - 00000000 ____D C:\Users\Arn\.gimp-2.8
2015-06-11 20:17 - 2014-10-16 12:34 - 00000000 ____D C:\Users\Arn\AppData\Local\Battle.net
2015-06-09 21:44 - 2014-03-22 04:27 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1709069591-411249894-1299585004-1001
2015-06-09 18:39 - 2014-09-29 18:35 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2015-06-06 15:41 - 2014-05-17 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-06 15:41 - 2014-05-17 12:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-05 21:02 - 2013-11-09 10:15 - 00587578 _____ C:\Windows\DirectX.log
2015-06-05 07:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-03 15:38 - 2014-05-10 17:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-01 16:54 - 2014-04-05 15:13 - 00000000 ____D C:\Users\Arn\AppData\Roaming\Origin
2015-05-31 20:13 - 2014-04-06 14:15 - 00000000 ____D C:\ProgramData\Skype
2015-05-31 20:12 - 2014-04-06 14:15 - 00000000 ____D C:\Users\Arn\AppData\Roaming\Skype
2015-05-31 17:22 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-05-31 16:46 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\Offline Web Pages
2015-05-31 16:45 - 2014-04-25 18:40 - 00000000 ____D C:\Windows\Minidump
2015-05-31 12:01 - 2014-12-18 11:46 - 00000085 _____ C:\Windows\wininit.ini
2015-05-31 12:01 - 2014-03-25 10:17 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-29 16:02 - 2014-06-27 11:28 - 00000000 ____D C:\Program Files\CCleaner
2015-05-28 09:04 - 2014-09-21 09:59 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-05-28 09:04 - 2014-05-17 12:37 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 09:04 - 2014-05-17 12:36 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-05-17 12:36 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-05-17 12:36 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-05-17 12:38 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2014-05-17 12:38 - 04408727 _____ C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2014-03-27 18:38 - 2014-03-21 22:45 - 0012005 _____ () C:\Users\Arn\AppData\Roaming\alsoft.ini
2014-03-22 04:21 - 2015-06-24 15:28 - 0081426 _____ () C:\Users\Arn\AppData\Local\BTServer.log
2015-06-12 08:38 - 2015-06-12 08:38 - 0005165 _____ () C:\Users\Arn\AppData\Local\recently-used.xbel
2014-03-25 08:05 - 2014-05-08 20:07 - 0007609 _____ () C:\Users\Arn\AppData\Local\resmon.resmoncfg
2015-05-31 12:14 - 2015-05-31 12:14 - 0718339 _____ () C:\ProgramData\1433066729.bdinstall.bin
2014-04-06 16:13 - 2014-04-06 16:13 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-11-09 09:40 - 2013-11-09 09:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-23 18:10

==================== End of log ============================

schrauber 25.06.2015 10:35
Fehlt noch die Addition.txt von FRST. Schau mal bitte in Bitdefender selbst, ob du das irgendwo findest, oder scanne nochmal mit Bitdefender und mach dann einen Screenshot.

mr.lowcut 25.06.2015 14:24
Hi,
habe nachgeschaut, war doch nicht so schwierig. :)

Bitfender:
Code:
<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="C:\Program Files\Bitdefender\Bitdefender 2015\ondemand.xsl"?>
<ScanSession creator="Bitdefender Total Security 2015" name="System-Scan" installPath="C:\Program Files\Bitdefender\Bitdefender 2015\" creationDate="Mittwoch, 24. Juni 2015 18:55:06" originalPath="C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1435158511_1_03.xml" >
        <ScanSettings
                statisticsRefreshInterval="1000"
                scanSpeed="1.000000"
                lowPriority="0"
                enableExclusions="1"
                enableTaskExclusions="0"
                scanAdware="1"
                scanSpyware="1"
                scanApplications="1"
                scanDialers="1"
                scanKeyloggers="1"
                scanFiles="1"
                scanAllFiles="1"
                scanProgramsOnly="0"
                useCustomPrograms="0"
                customPrograms=""
                scanUserDefined="0"
                scanPacked="1"
                scanArchives="1"
                useSmartScan="1"
                scanEmails="1"
                scanRootkits="0"
                scanAllRootkits="1"
                scanBoot="1"
                scanMemory="1"
                scanRegistry="1"
                quickScan="1"
                quickScanMemory="0"
                quickScanAutoruns="0"
                quickScanPlugins="1"
                scanCookies="1"
                shutdownAfter="0"
                passwordPrompt="0"
                onlyAllowedActions="1"
                deepArchiveScan="1"
                maxArchiveLevel="15"
                maxArchiveSize="0"
                infectedAction1="3"
                infectedAction2="7"
                suspectAction1="7"
                suspectAction2="1"
                rootkitAction="3"
                userDefinedExtensions=""
                scanPua="-1"
        >

                <ScanPaths>
                        <path>C:\</path>
                        <path>D:\</path>
                        <path>E:\</path>
                </ScanPaths>

                <ExcludedPaths>
                </ExcludedPaths>

                <ExcludedExtensions>
                </ExcludedExtensions>

        </ScanSettings>

        <EngineSummary
                totalSignatures="5704914"
                />

        <ScanSummary
                scannedArchives="369"
                scannedPacked="82"
                startTime="1435158511"
                duration="3033500"
        >

                <TypeSummary type="1"
                        scanned="30"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="4"
                        scanned="0"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="0"
                        scanned="3624238"
                        infected="2"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="5"
                        scanned="0"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="2"
                        scanned="4691"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="3"
                        scanned="3200"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

                <TypeSummary type="6"
                        scanned="335"
                        infected="0"
                        suspicious="0"
                        disinfected="0"
                        deleted="0"
                        moved="0"
                        moved_reboot="0"
                        delete_reboot="0"
                        renamed="0"
                        hidden="0"
                />

        </ScanSummary>

        <ScanDetails>
                <UnresolvedDetails>
                        <Item type="0" objectType="0" path="E:\Windows Backup\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\psprofiler_portable[1].exe=&gt;(RAR Sfx o)=&gt;[Comment]=&gt;(unicode)" threatType="0" threatName="Trojan.ScriptKD.1998" action="1" allActions="3 7 1" initialStatus="3" finalStatus="3" failReason="2" />
                        <Item type="0" objectType="0" path="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\psprofiler_portable[1].exe=&gt;(RAR Sfx o)=&gt;[Comment]=&gt;(unicode)" threatType="0" threatName="Trojan.ScriptKD.1998" action="1" allActions="3 7 1" initialStatus="3" finalStatus="3" failReason="2" />
                </UnresolvedDetails>

                <ResolvedDetails>
                </ResolvedDetails>

                <IgnoredDetails>
                </IgnoredDetails>

                <QuickScanDetails>
                </QuickScanDetails>
                <NotScannedDetails
                        skipped="2469426"
                        ioerrors="3"
                        archiveBombs="0"
                        passwordProtected="354"
                >

                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;spriteSheet1.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Universe Sandbox\Media\shader.dat=&gt;ShaderV2.fx" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;bossLineFire.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_9.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;UltraAdvert.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach19x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank02.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach11.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Universe Sandbox\Media\MilkyWay.dat=&gt;MilkyWay-2048-1of2.dds" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_11.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Universe Sandbox\Media\MilkyWay.dat=&gt;MilkyWay-2048-2of2.dds" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach17x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_7.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/SamsungRapidSvc.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach06.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank01.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach10.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/dp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach09x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_8.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0002.zip=&gt;150112-212255.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_10.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach19.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui1.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_12.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;xboxX.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_13.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;xboxY.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_14.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_15.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach10x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_fade.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;xboxA.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;un4seen.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;xboxB.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach18x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0002.zip=&gt;150112-212255.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Verlauf-0000.zip=&gt;Verlauf-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach01.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach01x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank11.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach20.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach02.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach20x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/dp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach02x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank12.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach21.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach03.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach21x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach03x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach04.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach04x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;smoke2.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach05.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach05x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach06x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach07.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach07x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach08.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0002.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_in_woosh.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach08x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach09.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach11x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank03.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach12.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/DIFxAPI.dll" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach12x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/addfilter.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank04.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach13.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach13x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank05.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;logo.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach14.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach14x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank06.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach15.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach15x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank07.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach16.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/SamsungRapidSvc.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0001.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach16x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank08.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach17.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank09.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach18.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank13.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach22.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0001.zip=&gt;141230-132040.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach22x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/addfilter.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank14.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach23.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach23x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank15.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach24.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/rp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach24x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank16.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach25.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ach25x.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidApp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;alarm.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/SamsungRapidSvc.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;bossBlobFire.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;bossFireCircles.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;bossMissileFire.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;bossPreLineFire.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;cloud1.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;icon file.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;cloud2.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0001.zip=&gt;141230-132040.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ColdBeam.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;controller.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;crystal1.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Verlauf-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;crystal2.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;explosion1.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;explosion2.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;news.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;explosion3.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;fire.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;font.fnt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;font.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;glass.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;Hard_Core_Gamer.mp3" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;Head_Spinning.mp3" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;hge.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;icon beathazard.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;icon computer.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidApp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;icon drive.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;icon folder.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;icon shortcut.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;icon up.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;icon yes.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0000.zip=&gt;Cache-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;In_The_Outer_Zone.mp3" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;Little_Wack.mp3" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidApp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;LogoGameplayPowered.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;Looming_Over_You.mp3" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;Lunacy_Hypocrisy.mp3" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;Mad_Mad_Mad.mp3" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/README.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;menu.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;Mixed_Up_World.mp3" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/dp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;Off_Your_Rear_End.mp3" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC arrows.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC Backspace.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidApp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC Enter.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC Esc.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0001.zip=&gt;MS DirectInput-0001.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC H.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC Left Arrow.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC LeftClick.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC Mouse.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC N.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC Right Arrow.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC RightClick.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC tutorial.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC UpDown.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;PC V.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank00.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank10.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank17.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank18.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank19.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank20.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank21.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank22.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank23.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank24.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank25.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;rank26.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_back.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;sand1.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;sand2.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ship_hit.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;smoke.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;spriteSheet1.res" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;star1.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;star2.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;TheVizLogo.png" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_back_woosh.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_1.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_select.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_2.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0000.zip=&gt;141218-105349.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_3.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_4.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_5.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="D:\Steam\SteamApps\common\Beat Hazard\BHClassic\Content.res=&gt;ui_woosh_6.wav" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/rp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\System Volume Information\{6f1dda33-142f-11e5-84a5-d850e6e8982e}{3808876b-c176-4e48-b7ae-04046e6cc752}" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidApp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
                        <Item type="0" objectType="0" path="E:\System Volume Information\{02474f33-1674-11e5-84ab-d850e6e8982e}{3808876b-c176-4e48-b7ae-04046e6cc752}" threatType="0" threatName="" action="1" allActions="" initialStatus="0" finalStatus="0" failReason="9" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0002.zip=&gt;150112-212255.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0002.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0002.zip=&gt;Windows Media SDK-0002.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0002.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0002.zip=&gt;150112-212255.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0001.zip=&gt;Windows Explorer-0001.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0002.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0002.zip=&gt;Windows Explorer-0002.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0002.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0001.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/README.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0001.zip=&gt;Windows Media SDK-0001.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0001.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0001.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0001.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0000.zip=&gt;Windows Explorer-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Explorer-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Verlauf-0000.zip=&gt;141218-105349.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/DIFxAPI.dll" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0000.zip=&gt;Windows Media SDK-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0002.zip=&gt;MS DirectInput-0002.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0002.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS Paint-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0000.zip=&gt;141218-105349.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Windows Media SDK-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS Paint-0000.zip=&gt;141218-105349.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS Paint-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS Paint-0000.zip=&gt;MS Paint-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0002.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0002.zip=&gt;Cache-0002.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0001.zip=&gt;141230-132040.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0001.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0000.zip=&gt;141218-105349.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/install.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0000.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0000.zip=&gt;141218-105349.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/rp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0000.zip=&gt;MS DirectInput-0000.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\MS DirectInput-0000.zip=&gt;Quarantine.reg" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Help.pdf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/install.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/LIMITATIONS.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/addfilter.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/RELEASE_NOTES.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/dp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/addfilter.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/DIFxAPI.dll" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/DIFxAPI.dll" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/rp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/SamsungRapidSvc.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/addfilter.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/DIFxAPI.dll" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/SamsungRapidSvc.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/README.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/DIFxAPI.dll" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/rp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidApp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0001.zip=&gt;141230-132040.xml" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/dp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/addfilter.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/SamsungRapidSvc.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/README.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0001.zip=&gt;Quarantine.ini" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="E:\Windows Backup\ProgramData\Spybot - Search &amp; Destroy\Quarantine\Cache-0001.zip=&gt;Cache-0001.sfv" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Help.pdf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/LIMITATIONS.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/RELEASE_NOTES.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/dp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/addfilter.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/rp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidApp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/SamsungRapidSvc.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/DIFxAPI.dll" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/rp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidApp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/dp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/addfilter.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/rp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/dp.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/DIFxAPI.dll" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/OpenSourceAnnouncement.txt" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/SamsungRapidSvc.exe" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                        <Item type="0" objectType="0" path="C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid.dll=&gt;(ZIP Sfx r)=&gt;Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat" threatType="0" threatName="" action="1" allActions="" initialStatus="10" finalStatus="10" failReason="5" />
                </NotScannedDetails>
        </ScanDetails>

</ScanSession>

mr.lowcut 25.06.2015 14:25
Addition:

[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by Arn at 2015-06-24 18:56:40
Running from C:\Users\Arn\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1709069591-411249894-1299585004-500 - Administrator - Disabled)
Arn (S-1-5-21-1709069591-411249894-1299585004-1001 - Administrator - Enabled) => C:\Users\Arn
Gast (S-1-5-21-1709069591-411249894-1299585004-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7 Wonders: Magical Mystery Tour (HKLM-x32\...\Steam App 275830) (Version:  - MumboJumbo)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Akai Professional MPK Mini MkII Editor (HKLM-x32\...\MPKminiMkIIEditor) (Version:  - )
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.00.05 - ASUSTeK Computer Inc.)
ASUS Manager - Recovery (HKLM-x32\...\{CF4A14CB-C4CB-4241-B659-7C58517515CF}) (Version: 2.00.08 - ASUSTeK Computer Inc.)
ASUS Manager - USB Lock (HKLM-x32\...\{1931C916-6CB8-4E4D-8561-EA20C426AE19}) (Version: 2.00.10 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.06.02 - ASUSTeK Computer Inc.)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version:  - Cold Beam Games)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.22.0.1521 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.71.1.2014 - Georgy Berdyshev)
Circuits (HKLM-x32\...\Steam App 282760) (Version:  - Digital Tentacle)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Deadlight (HKLM-x32\...\Steam App 211400) (Version:  - Tequila Works, S.L.)
Deponia (HKLM-x32\...\Steam App 214340) (Version:  - Daedalic Entertainment)
Dishonored (HKLM-x32\...\Steam App 205100) (Version:  - Arkane Studios)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
EQ1A version 2.7 (HKLM\...\EQ1A_is1) (Version: 2.7 - )
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version:  - Ubisoft Montreal)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version:  - Ubisoft Montreal)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Firebird v2.1 (HKLM-x32\...\Tone2 Firebird_is1) (Version:  - Tone2)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Floating Point (HKLM-x32\...\Steam App 302380) (Version:  - Suspicious Developments)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Geometry Wars: Retro Evolved (HKLM-x32\...\Steam App 8400) (Version:  - Bizarre Creations)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Halo: Spartan Assault (HKLM-x32\...\Steam App 277430) (Version:  - Vanguard Games)
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 3.HDJS.2009 - Hercules)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Hybrid (HKLM-x32\...\{85078f1b-c114-47c0-b9de-b753f2effd03}) (Version: 3.0.5.18874 - AIR Music Tech GmbH)
Hybrid AAX32 (x32 Version: 3.0.5.18874 - AIR Music Tech GmbH) Hidden
Hybrid AAX64 (Version: 3.0.5.18874 - AIR Music Tech GmbH) Hidden
Hybrid Content (x32 Version: 3.0.5.18874 - AIR Music Tech GmbH) Hidden
Hybrid VST32 (x32 Version: 3.0.5.18874 - AIR Music Tech GmbH) Hidden
Hybrid VST64 (Version: 3.0.5.18874 - AIR Music Tech GmbH) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Kerbal Space Program Demo (HKLM-x32\...\Steam App 231410) (Version:  - Squad)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
LYNE (HKLM-x32\...\Steam App 266010) (Version:  - Thomas Bowker)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC Essentials 1.8.2 (HKLM\...\com.akaipro.mpc.essentials_is1) (Version: 1.8.2 - Akai Professional)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-c6688c9e-aafd-416c-89f7-5616badcc736) (Version:  - Epic Games, Inc.)
Not The Robots (HKLM-x32\...\Steam App 257120) (Version:  - 2DArray)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.6.0840 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.4.6.0840 - PACE Anti-Piracy, Inc.) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap Games, Inc.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Q.U.B.E: Director's Cut (HKLM-x32\...\Steam App 239430) (Version:  - Toxic Games)
Quake Live (HKLM-x32\...\Quake Live) (Version:  - id Software)
Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.754.754.082613 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6976 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Resident Evil Revelations 2 / Biohazard Revelations 2 (HKLM-x32\...\Steam App 287290) (Version:  - CAPCOM Co., Ltd.)
Reus (HKLM-x32\...\Steam App 222730) (Version:  - Abbey Games)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Shank 2 (HKLM-x32\...\Steam App 102840) (Version:  - Klei Entertainment)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SONiVOX Wobble 2 (HKLM-x32\...\SONiVOX Wobble 2_is1) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
TeamSpeak 3 Client (HKU\S-1-5-21-1709069591-411249894-1299585004-1001\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Plan (HKLM-x32\...\Steam App 250600) (Version:  - Krillbite Studio)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD PROJEKT RED)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version:  - Stridemann)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version:  - Black Pants Game Studio)
TrackMania² Canyon (HKLM-x32\...\Steam App 228760) (Version:  - Nadeo)
TubeOhm-M-Phasewave (HKLM-x32\...\TUBEOHM-M-Phasewave_is1) (Version:  - )
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Voxengo Stereo Touch (HKLM\...\Voxengo Stereo Touch_is1) (Version: 2.7 - Voxengo)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-05-29 16:46 - 00450831 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0EC6777A-E99F-44E1-A7E5-4D4C7E788BB3} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {3539C102-EEBC-47E3-B51C-53D2C5E4E5F7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {3E3788D4-9945-4B5A-9590-017A973C016F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {60E491A3-138A-451C-A613-D181FD49D664} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe
Task: {628FEABC-C0FD-4E44-B1D4-D1A06C2D5575} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe
Task: {77C1BEC2-C727-4471-9FAA-5082383CF6B4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-19] (Microsoft Corporation)
Task: {996ACD59-13B3-4282-B859-7924BC1B416A} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-08-09] ()
Task: {99BDB820-D0F9-419E-BE38-83B43ADB964D} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-18] (ASUSTeK Computer Inc.)
Task: {AA18FE0A-887B-40E9-8B00-1D1FCF7376C9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {B428EFAA-7E6D-478D-B8EA-76134A8481F6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {BFF4CF07-B675-49EC-B74A-6975BA59739E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {C0FDC2A1-9267-4180-8619-5E54F4E1330E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe
Task: {C6AC01D3-29E0-4A39-AA50-E4C58ED31DEE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe
Task: {C7FAA285-9CC3-4510-8D47-0EFEAD7C5002} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {D8B0CE6B-6848-42CA-89E4-05ACBE953DE5} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-23] ()
Task: {F19CA003-CCF5-4C12-A31B-83394031E50D} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-31 12:13 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-05-31 12:13 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-05-31 12:13 - 2015-04-01 18:05 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-05-31 12:13 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-05-31 12:22 - 2015-05-31 12:22 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpbr.mdl
2015-05-31 12:22 - 2015-05-31 12:22 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpdsp.mdl
2015-05-31 12:22 - 2015-05-31 12:22 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttpph.mdl
2015-05-31 12:22 - 2015-05-31 12:22 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_002\ashttprbl.mdl
2014-05-17 12:38 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-06 11:26 - 2013-06-15 04:12 - 00045056 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-01-06 11:31 - 2013-08-08 20:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe
2015-03-28 14:33 - 2007-11-21 14:16 - 00020480 _____ () C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
2014-06-08 20:19 - 2015-04-25 14:30 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-01-06 11:31 - 2013-08-09 03:33 - 01114768 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
2015-03-14 07:49 - 2015-03-14 07:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-31 12:36 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-20 04:29 - 2015-05-20 04:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-03-13 16:05 - 2014-11-26 04:12 - 40622592 _____ () C:\Users\Arn\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2015-03-13 15:36 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-03-13 16:05 - 2014-11-26 04:12 - 00911360 _____ () C:\Users\Arn\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-03-13 16:05 - 2014-11-26 04:12 - 00134144 _____ () C:\Users\Arn\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2014-04-28 17:21 - 2013-08-19 11:10 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Arn\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Arn\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Arn\Desktop\Gmer-19357.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7871 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1709069591-411249894-1299585004-1001\Control Panel\Desktop\\Wallpaper -> D:\Bilder\MaunaKeaPan_black_5000.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Hercules DJ Series"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Hercules DJ Series"
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\...\StartupApproved\StartupFolder: => "Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk"
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{20CE89DD-1C33-40F9-8CCF-56DCE0DF4644}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{6E001E87-482C-4A97-8146-D2BE6D15AB6F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6ED68FEC-BF2E-4456-991D-67815A256DD7}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{BF5EA9B4-DB2F-4D27-B230-915A7D65F27C}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{465A0D77-4453-4910-8664-28464B3BFA36}] => (Allow) D:\Steam\SteamApps\common\LYNE\LYNE.exe
FirewallRules: [{587EFFAC-CD69-40A1-B796-2B64DBFC18BA}] => (Allow) D:\Steam\SteamApps\common\LYNE\LYNE.exe
FirewallRules: [{BE28D4DE-62BE-4849-9698-3481290911AE}] => (Allow) D:\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{DF86DFED-8B90-4082-8C6A-F45DBE6897D3}] => (Allow) D:\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{B3E6DDC9-643A-451C-BB31-65603DDDE805}] => (Allow) D:\Steam\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{1368F490-6C7F-4DA5-BDFD-88D2972B1AFC}] => (Allow) D:\Steam\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{FE80FBC4-73E0-4811-8523-DAD4E971C217}] => (Allow) D:\Steam\SteamApps\common\Reus\Reus.exe
FirewallRules: [{108A60AD-6908-4026-AEF8-2231703CAD43}] => (Allow) D:\Steam\SteamApps\common\Reus\Reus.exe
FirewallRules: [{DDDAD146-0307-4EAA-AEC5-49B63E267BF8}] => (Allow) D:\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{F32EEE03-7A30-4199-9426-F68ECEEF2117}] => (Allow) D:\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{9EF345BE-7F15-4B38-A9F0-88991A1A1404}] => (Allow) D:\Steam\SteamApps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{AC8C85D2-B949-402C-BA97-FEFE0376A55D}] => (Allow) D:\Steam\SteamApps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{724E9C9F-64F4-4D44-A93D-8177F8A618E9}] => (Allow) D:\Steam\SteamApps\common\Beat Hazard\runme.exe
FirewallRules: [{4829573B-2DA0-42A0-A0AD-B175834A2122}] => (Allow) D:\Steam\SteamApps\common\Beat Hazard\runme.exe
FirewallRules: [{F9651907-6D1C-466E-A63E-2B1B9B5192DB}] => (Allow) D:\Steam\SteamApps\common\Universe Sandbox\Universe Sandbox.exe
FirewallRules: [{151921C5-C1C7-43BD-8C54-8DD233BB4CAA}] => (Allow) D:\Steam\SteamApps\common\Universe Sandbox\Universe Sandbox.exe
FirewallRules: [{9A259067-F2CB-4763-BF79-62FE8C0CB0F4}] => (Allow) D:\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{D510DD41-FABF-43D0-98E7-5395C28D2613}] => (Allow) D:\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{8539A55B-C183-4CBA-B6BE-7F8AB9E36F22}] => (Allow) D:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{CBDF984B-7DC4-4ADD-923E-B056781B6DD5}] => (Allow) D:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{1C63750E-EE33-4DD0-BAB8-21B98183004A}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{17C9679D-9FA5-49DD-BE72-3023EF8064D3}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{488FC580-8C30-415B-A8E9-D491BB6BB478}] => (Allow) D:\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{5933DDCA-E79B-4097-A502-A25A59DB1A56}] => (Allow) D:\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{44571606-194E-48BF-91D4-5CB7EEDBBA88}] => (Allow) D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{FF7F0BCF-83D7-4658-B261-A5EFC5178FD7}] => (Allow) D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{A4C34688-5B28-497C-BE9D-192D3E8EE964}] => (Allow) D:\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{0D67AB2D-CE7E-48FC-81DE-E4F867CC78E7}] => (Allow) D:\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{795622B1-AF96-49E5-9D89-56542B465D2C}] => (Allow) D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{3566AA91-A64B-4464-9F3E-22D6391ABC8E}] => (Allow) D:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{A3946AFD-8FF5-43AB-8C47-5B7479DD7E49}] => (Allow) D:\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{764DC380-5B7D-4252-A351-3584ED227E3B}] => (Allow) D:\Steam\SteamApps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{481322DE-34FF-4C43-AA80-B0A182E6EB72}] => (Allow) D:\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{030B9029-3AB5-4933-8FDC-431B45012F27}] => (Allow) D:\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{6CE0A45B-A96E-4FC5-AEC4-59BE1F2D35D8}] => (Allow) D:\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{FC64F284-957A-4271-ABA6-EDF01DED883C}] => (Allow) D:\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{C0B5D76A-7C81-4BC2-85C1-29C12D408ABF}] => (Allow) D:\Steam\SteamApps\common\Shank 2\bin\shank2.exe
FirewallRules: [{FF71E69F-2713-4713-8661-4581D375B946}] => (Allow) D:\Steam\SteamApps\common\Shank 2\bin\shank2.exe
FirewallRules: [{82B82C48-6FD8-4973-9D96-2D42C11F0A2E}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{70E0D068-BBED-43AC-9CE6-B41418B895A7}] => (Allow) D:\Steam\SteamApps\common\Deponia\Deponia.exe
FirewallRules: [{6E987B49-2645-4F4B-8CBD-46013AAB46D2}] => (Allow) D:\Steam\SteamApps\common\Deponia\Deponia.exe
FirewallRules: [{94270CDF-FD57-4E44-890D-6F34D538CF2A}] => (Allow) D:\Steam\SteamApps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{68EA10F4-BF8D-478E-9AAF-612D48C36007}] => (Allow) D:\Steam\SteamApps\common\Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{A8F092D4-F78B-4A77-B2F7-C7FAEEE3612A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FC70E258-29C2-43F6-A888-5B5165AECC7F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4C592480-E5BC-4865-BD02-82150DDC7C8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{03822897-FE1E-40EF-BEEE-29E6449BEE2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3F9FBF0E-64A0-41AF-9163-F4D5201225FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02170038-C120-494E-9CD7-2B7487C574F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3EA013B2-123B-4167-83F3-5003495DCC31}] => (Allow) D:\Games\Battlefield 4\SimCity\SimCity\SimCity.exe
FirewallRules: [{55D6DACA-86A3-4E7B-9A52-DECEA4CA7171}] => (Allow) D:\Games\Battlefield 4\SimCity\SimCity\SimCity.exe
FirewallRules: [{2303DFA3-0BB2-4EA6-B769-599EB032F5DC}] => (Allow) D:\Games\Battlefield 4\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{7D931372-F2F7-40C6-A584-E9C47B948A6D}] => (Allow) D:\Games\Battlefield 4\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{B3AB0D3B-12E8-4BAC-B144-0E6211DF371C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{36E89499-3AAE-4AEC-8300-F05D01818C72}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{E4EBBA1D-D7C8-4446-894D-080B8074B60F}] => (Allow) D:\Games\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{2664AA40-0727-4643-9D35-74E7E6D06E69}] => (Allow) D:\Games\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{7BE44F49-A1B7-4CC7-AC7E-49E34CA9ECAB}] => (Allow) D:\Games\Blizzard\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{BA95F86B-5DE3-437C-B059-7263B0D34A7B}] => (Allow) D:\Games\Blizzard\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{5F94034B-2473-47EF-9E23-AC72918ED807}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{BCB4EF73-AAE6-4892-B925-6F48EFAFD3F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{53A1F0B3-63A9-4C5B-8447-D5D3DBC1DA93}] => (Allow) D:\Steam\SteamApps\common\TinyAndBig\bin64\tinyandbig.exe
FirewallRules: [{F4626FB3-8BC1-455E-9FA4-4F499224628C}] => (Allow) D:\Steam\SteamApps\common\TinyAndBig\bin64\tinyandbig.exe
FirewallRules: [{39A22F8B-AD2F-48D7-BB49-28C255D698F1}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{2653F21C-5753-4DD4-8030-FB765D63A72E}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{A7203579-66C4-454D-9D56-E27AD4D40070}] => (Allow) D:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9EC7DAED-6AB2-45D2-9EB1-7DFA73F0F43A}] => (Allow) D:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3E357915-AD47-4880-B077-61B3CF39FA29}] => (Allow) D:\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{7FC3DC36-982A-48B7-B9EB-4FB22B75B156}] => (Allow) D:\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\FC3BDUpdaterSteam.exe
FirewallRules: [{D30E3C5E-C684-4720-ABF3-2900F5B9FF25}] => (Allow) D:\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{03EA059C-B6BF-4BC7-93FE-6FE83AA2F546}] => (Allow) D:\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{C389BB77-5D85-4EFE-B9AD-547D60458351}] => (Allow) D:\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{FC226769-D14E-40DE-A373-60FA8E9778C3}] => (Allow) D:\Steam\SteamApps\common\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{269E7E2B-8FA3-41E1-84F6-AA662D4EB7C8}] => (Allow) D:\Steam\SteamApps\common\Thinking with Time Machine\TWTM.exe
FirewallRules: [{DA0B5349-4C97-47A2-8372-DB67F3F9F1D2}] => (Allow) D:\Steam\SteamApps\common\Thinking with Time Machine\TWTM.exe
FirewallRules: [{3606D669-9EE4-4CC2-ADAE-017C8FC9A798}] => (Allow) D:\Steam\SteamApps\common\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{2F517344-46E8-45D7-84C0-44481002FDD4}] => (Allow) D:\Steam\SteamApps\common\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{15FC5403-A367-47E9-B5D5-2935D1603E28}] => (Allow) D:\Steam\SteamApps\common\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{A232A6DB-943E-4F54-A96D-E0BCB62EF3DF}] => (Allow) D:\Steam\SteamApps\common\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{35EF70E1-350F-48DB-A193-CF5C15BF9F82}] => (Allow) D:\Steam\SteamApps\common\Far Cry 2\bin\FC2BenchmarkTool.exe
FirewallRules: [{5C8C124C-D9F9-4040-A96C-A5B8BA71BE3A}] => (Allow) D:\Steam\SteamApps\common\Far Cry 2\bin\FC2BenchmarkTool.exe
FirewallRules: [{63FC3CBA-5A54-4E34-A5C0-62B4DAC9FF8E}] => (Allow) D:\Steam\SteamApps\common\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{86E6A64A-DA5A-434D-805F-654CFE244F2C}] => (Allow) D:\Steam\SteamApps\common\Far Cry 2\bin\FC2ServerLauncher.exe
FirewallRules: [{DF96CEC2-867A-4907-B9DD-7B548253F4BD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0C17DE2E-2071-4035-8884-F8D13709ADA7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6CCE9C38-E661-4CA9-A74B-49E3FB4F3B1B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{660B4939-6E6E-4AE6-83CC-D34176EFFB24}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AEA77BD9-38CB-414A-B603-B1BB6307BC2B}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2D59D380-4311-4F60-8C43-BB2A396A1E20}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{70EBF092-08A4-44E3-A10A-B2B60B7A49DD}] => (Allow) D:\Steam\SteamApps\common\The Plan\The Plan.exe
FirewallRules: [{45C34BA3-80FD-435A-AB3A-0ED41BD1F499}] => (Allow) D:\Steam\SteamApps\common\The Plan\The Plan.exe
FirewallRules: [TCP Query User{E3C8D444-44D9-46BF-8558-B555ECAC916D}C:\users\arn\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\arn\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [UDP Query User{BD11E29E-08AB-4F9A-8F0E-ADB3274D5737}C:\users\arn\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\arn\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [{36C3C2E5-099F-4833-B503-ADC31DF523E2}] => (Allow) D:\Games\Battlefield 4\SimCity\SimCity\SimCity.exe
FirewallRules: [{F84554A1-0D86-4E8A-9711-1992A43F792A}] => (Allow) D:\Games\Battlefield 4\SimCity\SimCity\SimCity.exe
FirewallRules: [{FDFF45FF-A64E-4F93-8E73-59CC1CB85E50}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{FF98E043-3D24-405A-B563-5222536A5AFD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{7C86A77E-49A0-4DFC-9BCD-BF9AE2112F69}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{A2FC2A7E-6178-4D33-9FDF-BEB6FAE9412F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{C0D18C6A-ABEB-451E-8BDE-201EE23C661F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{0676CACC-12CC-48AD-9C05-8D0E2D4AD996}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{453AC00C-5480-454B-87F2-E60504051442}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{C2CFD94F-A6B7-4757-B80F-ACF5F4C9C3BF}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{B23E454B-2282-4A0E-A818-886846128509}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{13929E07-1016-417F-914D-95AB993C531D}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{ECB3379F-9936-4A95-A985-30AAB5D8480D}] => (Allow) D:\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{6313F61A-38D6-456D-ABAB-995133C12836}] => (Allow) D:\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{3EC0980D-BC5A-4AEA-8822-7F5A148FFB75}] => (Allow) D:\Steam\SteamApps\common\Thinking with Time Machine\bin\SDKLauncher.exe
FirewallRules: [{5EF69A95-A087-44FB-895A-BE65A655779E}] => (Allow) D:\Steam\SteamApps\common\Thinking with Time Machine\bin\SDKLauncher.exe
FirewallRules: [{CF4857AB-55EF-4FE0-BE9D-FB7E37FB5DEF}] => (Allow) D:\Steam\SteamApps\common\Thinking with Time Machine\bin\p2map_publish.exe
FirewallRules: [{53DC89D8-4B42-4481-BCDD-CEE627014700}] => (Allow) D:\Steam\SteamApps\common\Thinking with Time Machine\bin\p2map_publish.exe
FirewallRules: [{9D9054B9-BE4C-406F-88BC-7728C3E99542}] => (Allow) D:\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{2CD43965-59F0-4003-A9B2-53EC5B437DB9}] => (Allow) D:\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{2FA0297C-29C7-4990-8C18-AA691C65CA52}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{49EBF4A8-C827-48AE-9663-97B3F6BFCB1D}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D51D0A75-92AC-4B9D-A0D7-F2071FF9C443}] => (Allow) D:\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{A8358260-485E-424A-B861-44AAC73B258B}] => (Allow) D:\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{34776E9C-EB62-477E-B56C-2C8DB0EA44D9}] => (Allow) D:\Games\Battlefield 4\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{051A39D7-2015-4802-ACEE-AC27B6BE31D4}] => (Allow) D:\Games\Battlefield 4\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{A5F5BF20-4BEB-4A94-8E8D-AB3B151A90B1}] => (Allow) D:\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{CA167DB9-8403-4CD7-828D-695B2F2332A0}] => (Allow) D:\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{870EF172-1F55-4960-95CC-A92117E2D5DF}] => (Allow) D:\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{1BA299F1-9444-4097-B179-5343D1C819C0}] => (Allow) D:\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{CD4D3D9C-0069-45A3-BCF4-EAE6A3F8A471}] => (Allow) D:\Steam\SteamApps\common\Circuits\Circuits.exe
FirewallRules: [{731C724D-2A7C-4088-A44E-250F15622EAB}] => (Allow) D:\Steam\SteamApps\common\Circuits\Circuits.exe
FirewallRules: [{D3F79C24-76F4-43C9-97CB-C6F5973076C2}] => (Allow) D:\Steam\SteamApps\common\Not The Robots\Not the Robots.exe
FirewallRules: [{7507A548-19B3-4D4D-8609-0ED82F6947BC}] => (Allow) D:\Steam\SteamApps\common\Not The Robots\Not the Robots.exe
FirewallRules: [{9D8E9882-60BE-475A-B36D-33E3D64C648E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{87AC1C72-A872-4E1F-8924-5D17DA858C76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{257AD671-5BDE-40DA-8ABA-4401AD84B1E7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{633B1182-CDF0-41D4-8192-71F642632EF2}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{6E52FDB2-743B-4034-984A-FB76D5325163}D:\games\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\games\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{0069E7B7-85EF-43AF-9E97-0959B2F63457}D:\games\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\games\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{A323548F-98A0-4674-9F03-163C9D22FEFB}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{6A3B2AB2-3D7D-49B8-8557-5EF0D9868B18}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{645DE02F-E7B4-4698-92BC-20F49388EC86}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{BC42CAF5-11F6-4B5A-BE12-D110C649BA0C}] => (Allow) D:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{040C9342-EDE3-4E6D-B1BB-0E49A1F06B54}] => (Allow) D:\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{8631B3D7-9904-471B-8D89-5448E17E57C7}] => (Allow) D:\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{2E2F32CD-ECAE-449D-8823-5C308226145C}] => (Allow) D:\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{7D9470D8-4F4F-44CC-8250-215C70217AA2}] => (Allow) D:\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{DDB0501C-8388-4419-87AA-53BEB2742765}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{FB5D3E09-AFBA-42F6-8263-4D3ED0CDC881}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{BF468116-13AD-4F9A-8512-EA678ED1DC30}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{B368262B-B202-4100-97A9-819D8F6A8BDC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{669B8968-2AAD-4485-B416-D6F5D4E52FE2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{F7AADCC7-952F-4223-92C6-BCC9A54077DC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{660939FC-6AEE-46F2-B12D-2B8CD58DFA14}] => (Allow) D:\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{376C94A0-25CC-443A-8C1D-44434E26B53A}] => (Allow) D:\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{B658EBE3-BFCA-4CB0-9757-B6577BE5181A}] => (Allow) D:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{C7163BE6-43C9-4B7E-A016-7E275F03ADCD}] => (Allow) D:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{842AC861-3E6B-4AA8-B12B-0CA906179D2A}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{36BD3996-8C4C-4F0E-9905-220264609E10}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 4\bin\farcry4.exe
FirewallRules: [{C494BD7F-B37F-4AB9-9309-0A36E202A4A2}] => (Allow) D:\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{E18275DA-3FFA-4995-AB5C-0093E822ADB6}] => (Allow) D:\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{AEA9C6C6-C0B4-4348-B977-25583B6A7239}] => (Allow) D:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{9705188D-18CA-4446-B84B-1EAEBA163369}] => (Allow) D:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{19BB5065-39F7-4BD1-A6CA-270C046085C8}D:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{8BA3FFAD-D722-4A6E-87B6-FE2A2AF491D5}D:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{A320E72E-1BE5-4CDA-950F-5238D07EA09E}] => (Allow) D:\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{10E088D6-1BBF-483C-AC67-DCA72109270A}] => (Allow) D:\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{0CAFC00A-5829-4445-924F-40F5C24A7802}] => (Allow) D:\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{35D77E21-D830-45B8-86F9-F159AC1ABFE9}] => (Allow) D:\Steam\SteamApps\common\World of Goo\WorldOfGoo.exe
FirewallRules: [{19E00482-EA3B-4CD2-B4C4-B90A0ACB1FED}] => (Allow) D:\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{82FD12B7-9516-43E7-BBFC-E2613EB492CE}] => (Allow) D:\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{68265A59-6DB7-4375-B973-305641B31CCF}] => (Allow) D:\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{67ED1242-AAC7-4C71-ABC5-9D9DF3EB0315}] => (Allow) D:\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{BF9D49E2-CAE8-4EE9-B911-23016E1A5DA9}] => (Allow) D:\Steam\SteamApps\common\QUBE Directors Cut\Binaries\Win32\QUBEGame.exe
FirewallRules: [{8EF68349-6483-4F98-9F8A-C1DAF80E82C9}] => (Allow) D:\Steam\SteamApps\common\QUBE Directors Cut\Binaries\Win32\QUBEGame.exe
FirewallRules: [{FD3DF585-2741-4BBC-B12D-CCB963FDE95A}] => (Allow) D:\Steam\SteamApps\common\Kerbal Space Program Demo\KSP.exe
FirewallRules: [{E282DED0-B00B-4475-A60D-376A736C6E10}] => (Allow) D:\Steam\SteamApps\common\Kerbal Space Program Demo\KSP.exe
FirewallRules: [{97251414-367E-4A53-81D5-97B27DAD9779}] => (Allow) D:\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{759DB6EA-84EF-4577-B9DC-C4A139FF72BB}] => (Allow) D:\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{6D34566E-AA46-4068-8A7C-0F03376D1E02}] => (Allow) D:\Steam\SteamApps\common\Floating Point\Floating Point.exe
FirewallRules: [{2172013E-8D25-453F-9D8F-E8B746442289}] => (Allow) D:\Steam\SteamApps\common\Floating Point\Floating Point.exe
FirewallRules: [{8C285338-55A5-4B7E-A1CC-7E2C56E1C600}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C925F03B-7E08-46B2-BC00-F177206B6306}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4E28E31B-88FE-4AA1-97E3-3E3B28B187D5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{213DBAFC-1A97-4B10-9F2A-F467330D7FA8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{E263A845-EC7B-47C6-BDB8-AC5B82906DD7}] => (Allow) D:\Steam\SteamApps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{C3AF7DC7-64A4-464A-AA14-540424CFCE9A}] => (Allow) D:\Steam\SteamApps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{4A128CE5-F2B5-429D-A200-664F261486DA}] => (Allow) D:\Games\Battlefield 4\Crysis 3\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{35FFAE7A-9937-4E5C-8805-6A091BDCEC9D}] => (Allow) D:\Games\Battlefield 4\Crysis 3\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{10F0CB1F-C641-4AAE-AD24-AD03F48D87EC}] => (Allow) D:\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{76412A08-0943-4AD4-9780-0071345DAFE1}] => (Allow) D:\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{E465F782-89E9-44BC-BC5E-5CEBE842720F}] => (Allow) D:\Games\Battlefield 4\Crysis 3\Battlefield 4\bf4_x86.exe
FirewallRules: [{90D05ACA-5586-44DB-B52C-711A66CD9066}] => (Allow) D:\Games\Battlefield 4\Crysis 3\Battlefield 4\bf4_x86.exe
FirewallRules: [{151864BE-930A-4B59-952D-CEFECEAB1190}] => (Allow) D:\Games\Battlefield 4\Crysis 3\Battlefield 4\bf4.exe
FirewallRules: [{DFE4934A-22CA-4DAA-ADF4-9550123AE492}] => (Allow) D:\Games\Battlefield 4\Crysis 3\Battlefield 4\bf4.exe
FirewallRules: [{2825824D-9D2D-4CB9-B28E-7DA996F7E417}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E65C7FF1-CECE-447B-968E-168D2B80241C}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{19997E5F-32F8-4B0D-8374-63989258B22B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{AEBACF4A-C186-421F-9B64-11D1B6754587}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{B3C84819-6BA5-4583-96A7-44BD92A3C6CD}] => (Allow) D:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{FA22D21C-4EF7-472C-834A-074339222CB4}] => (Allow) D:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{CBFD851D-3763-4726-9EB7-83A7E5260F50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7957E8C6-86B9-43CB-BFDD-D340EC2EE402}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B3C7B477-B5C8-49F4-A949-3CE57B40D69A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5C3CA323-9D21-4694-97D2-E7B5C284E28A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{D78EF44A-898C-4134-B23B-27FABDF8B64E}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2FEDB71E-9ECA-4A9C-BF67-5C32EC91E227}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{1AE3413F-D0B0-4C90-973E-F2770B37F69D}] => (Allow) D:\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{A7980475-F007-4626-9511-7FB2737C9030}] => (Allow) D:\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{21777EF1-355D-4C7C-8A7E-4AD96ADA9FD8}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{1091E86B-419F-4BE6-BF26-DBF33A489880}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{01C80A17-FFCB-4067-A7B8-786EC9F1A058}] => (Allow) D:\Steam\SteamApps\common\Geometry Wars\GeometryWars.exe
FirewallRules: [{2E8A2EEF-1970-4411-8D1D-0BA2EB0402A5}] => (Allow) D:\Steam\SteamApps\common\Geometry Wars\GeometryWars.exe
FirewallRules: [{3459FC42-955E-4911-A322-FDD1A7350180}] => (Allow) D:\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{1C8E124D-3BEC-48CF-A214-411F70BED250}] => (Allow) D:\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{FAB07330-8411-45D4-B183-AD27FB612E33}] => (Allow) D:\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{2C992A52-FBA2-431C-A8E0-DC61B67D8BFA}] => (Allow) D:\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{30D30E65-72D1-4798-AC50-759C35399F28}] => (Allow) D:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{01E08C2C-A843-4081-BF87-7977A1BB7F1B}] => (Allow) D:\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{623341C9-D15D-4610-8D61-8687D22F5152}] => (Allow) D:\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{3F89FD70-B1AA-42CF-BF1D-5691E885D701}] => (Allow) D:\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{FD40CEF1-7C76-4BF4-8843-835616A9D256}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{309CD499-A185-4AC3-8FFC-C7C26D26CC16}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{8B9BA778-1BCA-42FC-AD4E-53B9DE175E4B}D:\steam\steamapps\common\worms reloaded\wormsreloaded.exe] => (Allow) D:\steam\steamapps\common\worms reloaded\wormsreloaded.exe
FirewallRules: [UDP Query User{F1F6ECF1-5702-40BD-B86A-03F2B56D328F}D:\steam\steamapps\common\worms reloaded\wormsreloaded.exe] => (Allow) D:\steam\steamapps\common\worms reloaded\wormsreloaded.exe
FirewallRules: [{8DFCC98D-4521-4EFF-A9A6-3B8BA7E11219}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D0EE6F4-5255-4217-93FF-23C92EFAF9E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6975931A-7BE4-491C-A65E-2D2153E5FF7B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0579EEE-A47C-4FD3-969C-829F1D4C6CC6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{910046C1-ED01-4BC0-A224-048210BFFAA3}] => (Allow) D:\Steam\SteamApps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe
FirewallRules: [{0379A94C-C3CF-4C23-90DD-C1BC0A4F2592}] => (Allow) D:\Steam\SteamApps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe
FirewallRules: [{F5B6E1D5-C74C-4252-8621-427EAC90B467}] => (Allow) C:\Program Files (x86)\Battlefield 4\Battlefield 4\bf4_x86.exe
FirewallRules: [{296B48C7-BA8B-4781-959C-87B925F4934D}] => (Allow) C:\Program Files (x86)\Battlefield 4\Battlefield 4\bf4_x86.exe
FirewallRules: [{B9B33C40-091B-46A0-969E-CAF2C1A345BD}] => (Allow) C:\Program Files (x86)\Battlefield 4\Battlefield 4\bf4.exe
FirewallRules: [{8D4471C9-3FB5-4C3B-A7A8-53170421FE63}] => (Allow) C:\Program Files (x86)\Battlefield 4\Battlefield 4\bf4.exe
FirewallRules: [{F4DEF702-238F-4C93-B8C7-03AEA89A0B5B}] => (Allow) D:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{1261FF23-EC20-452B-98A9-50947FE08343}] => (Allow) D:\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{55B2A8BF-CBA7-4554-AFA1-E32C6677E6D7}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{31829A98-C4A7-4849-BEC5-A563240CE9DC}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC
Description: Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTWlanE
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2015 06:22:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (06/24/2015 06:22:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/23/2015 06:12:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Windows RE tools" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (06/23/2015 06:10:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (06/23/2015 06:10:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/19/2015 02:32:35 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/19/2015 02:25:19 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/19/2015 01:59:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0x1f34
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (06/19/2015 07:31:58 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/19/2015 07:31:30 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:


System errors:
=============
Error: (06/24/2015 03:31:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASUS Com Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/24/2015 03:31:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht.

Error: (06/24/2015 06:50:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASUS Com Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/24/2015 06:50:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht.

Error: (06/23/2015 02:52:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASUS Com Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/23/2015 02:52:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht.

Error: (06/23/2015 07:23:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASUS Com Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/23/2015 07:23:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht.

Error: (06/22/2015 07:09:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/22/2015 07:09:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.


Microsoft Office:
=========================
Error: (06/24/2015 06:22:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (06/24/2015 06:22:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/23/2015 06:12:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Windows RE toolsFalscher Parameter. (0x80070057)

Error: (06/23/2015 06:10:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8

Error: (06/23/2015 06:10:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/19/2015 02:32:35 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/19/2015 02:25:19 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/19/2015 01:59:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.17736550f4336c0000005000000000005473b1f3401d0aa876fecc5e9C:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dllafce3599-167a-11e5-84ab-d850e6e8982e

Error: (06/19/2015 07:31:58 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/19/2015 07:31:30 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:


CodeIntegrity Errors:
===================================
  Date: 2014-09-07 14:24:42.857
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:24:42.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-07 14:24:07.701
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-04 14:45:31.669
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 52%
Total physical RAM: 8121.71 MB
Available physical RAM: 3885.4 MB
Total Pagefile: 8497.71 MB
Available Pagefile: 4904.12 MB
Total Virtual: 131072 MB
Available Virtual: 131071.76 MB

==================== Drives ================================

Drive c: (Samsung SSD) (Fixed) (Total:208.44 GB) (Free:43.07 GB) NTFS
Drive d: (Data) (Fixed) (Total:764.77 GB) (Free:142.77 GB) NTFS
Drive e: (Backup etc) (Fixed) (Total:150 GB) (Free:64.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: C0438DCF)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: C0438DCF)

Partition: GPT Partition Type.

==================== End of log ============================
--- --- ---

schrauber 26.06.2015 06:01
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

mr.lowcut 26.06.2015 13:57
MBAM
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 26.06.2015
Suchlauf-Zeit: 14:34:46
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.26.04
Rootkit Datenbank: v2015.06.22.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Arn

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 381148
Verstrichene Zeit: 6 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
AdwCleaner
Code:
# AdwCleaner v4.207 - Bericht erstellt 26/06/2015 um 14:45:26
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-06-23.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Arn - NRA
# Gestarted von : C:\Users\Arn\Desktop\AdwCleaner_4.207.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : e1edc438-f640-4184-a443-d2a7c37a01dc

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Arn\AppData\Roaming\dvdvideosoftiehelpers

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.5 (x86 en-US)


*************************

AdwCleaner[R0].txt - [996 Bytes] - [26/06/2015 14:44:34]
AdwCleaner[S0].txt - [921 Bytes] - [26/06/2015 14:45:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [979  Bytes] ##########
JRT
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.1.6 (06.26.2015:2)
OS: Windows 8.1 x64
Ran by Arn on 26.06.2015 at 14:49:26,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] bdsandbox



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\system32\drivers\bdsandbox.sys
Successfully deleted: [File] C:\ProgramData\1433066729.bdinstall.bin



~~~ Folders

Successfully deleted: [Folder] C:\Users\Arn\AppData\Roaming\getrighttogo



~~~ FireFox






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.06.2015 at 14:51:58,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by Arn (administrator) on NRA on 26-06-2015 14:53:17
Running from C:\Users\Arn\Desktop
Loaded Profiles: Arn (Available Profiles: Arn)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253952 2013-05-07] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-12] (Bitdefender)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-11-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [Hercules DJ Series] => C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [631592 2009-07-09] (Hercules®)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender)
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
Startup: C:\Users\Arn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk [2014-04-06]
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1709069591-411249894-1299585004-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-1709069591-411249894-1299585004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-24] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin HKU\S-1-5-21-1709069591-411249894-1299585004-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-03-31] ()
FF Extension: WOT - C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-05-29]
FF Extension: Speed Dial - C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-05-10]
FF Extension: NoScript - C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-10]
FF Extension: Adblock Plus - C:\Users\Arn\AppData\Roaming\Mozilla\Firefox\Profiles\fyi7veb6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-05-31]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-05-31]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [45056 2013-06-15] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [20480 2007-11-21] () [File not signed]
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-06-24] (Electronic Arts)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-04-25] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-04-24] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-16] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [150528 2009-07-08] (© Guillemot R&D, 2009. All rights reserved.)
S3 busenum; C:\Windows\System32\drivers\SteelBus64.sys [145408 2014-01-08] (SteelSeries Corporation) [File not signed]
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)
S3 HDJMidi; C:\Windows\system32\DRIVERS\HDJMidi.sys [143360 2009-07-08] (© Guillemot R&D, 2009. All rights reserved.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-05-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 Razerlow; C:\Windows\system32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [547032 2013-07-04] (Realtek Semiconductor Corporation)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-22] (Realtek Semiconductor Corporation                          )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation) [File not signed]
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
S3 UCORESYS; \??\E:\UCORESYS.sys [X]
S3 WacHidRouter; \SystemRoot\System32\drivers\wachidrouter.sys [X]
S3 wacomrouterfilter; \SystemRoot\System32\drivers\wacomrouterfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-26 14:53 - 2015-06-26 14:53 - 00000000 ____D C:\Users\Arn\Desktop\FRST-OlderVersion
2015-06-26 14:51 - 2015-06-26 14:51 - 00000878 _____ C:\Users\Arn\Desktop\JRT.txt
2015-06-26 14:49 - 2015-06-26 14:49 - 00000207 _____ C:\Windows\tweaking.com-regbackup-NRA-Windows-8.1-(64-bit).dat
2015-06-26 14:49 - 2015-06-26 14:49 - 00000000 ____D C:\RegBackup
2015-06-26 14:48 - 2015-06-26 14:48 - 00000547 _____ C:\Users\Arn\Desktop\jrt anleitung.txt
2015-06-26 14:47 - 2015-06-26 14:47 - 00001058 _____ C:\Users\Arn\Desktop\AdwCleaner[S0].txt
2015-06-26 14:44 - 2015-06-26 14:45 - 00000000 ____D C:\AdwCleaner
2015-06-26 14:41 - 2015-06-26 14:41 - 00001190 _____ C:\Users\Arn\Desktop\mbam.txt
2015-06-26 14:33 - 2015-06-26 14:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-26 14:32 - 2015-06-26 14:32 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-26 14:32 - 2015-06-26 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-26 14:32 - 2015-06-26 14:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-26 14:32 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-26 14:32 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-26 14:32 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-26 14:23 - 2015-06-26 14:23 - 02950453 _____ (Malwarebytes Corporation) C:\Users\Arn\Desktop\JRT.exe
2015-06-26 14:23 - 2015-06-26 14:23 - 02244096 _____ C:\Users\Arn\Desktop\AdwCleaner_4.207.exe
2015-06-25 18:20 - 2015-06-25 18:20 - 00000000 ____D C:\Users\Arn\Desktop\Neuer Ordner
2015-06-25 15:10 - 2015-06-25 15:10 - 00000092 _____ C:\Users\Arn\Desktop\benni kontaktdaten.txt
2015-06-24 18:56 - 2015-06-26 14:53 - 00020967 _____ C:\Users\Arn\Desktop\FRST.txt
2015-06-24 18:56 - 2015-06-24 18:57 - 00074144 _____ C:\Users\Arn\Desktop\Addition.txt
2015-06-24 18:55 - 2015-06-26 14:53 - 00000000 ____D C:\FRST
2015-06-24 18:54 - 2015-06-26 14:53 - 02112512 _____ (Farbar) C:\Users\Arn\Desktop\FRST64.exe
2015-06-24 18:54 - 2015-06-24 18:54 - 00380416 _____ C:\Users\Arn\Desktop\Gmer-19357.exe
2015-06-15 18:35 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-15 18:35 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-15 18:35 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-15 18:35 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-15 18:35 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-15 18:35 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-15 18:35 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-15 18:35 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-15 18:35 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-15 18:35 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-15 18:35 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-15 18:35 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-15 18:35 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-15 18:35 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-15 18:35 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-15 18:35 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-15 18:35 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-15 18:35 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-15 18:35 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-15 18:35 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-15 18:35 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-15 18:35 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-15 18:35 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-15 18:35 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-15 18:35 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-15 18:35 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-15 18:35 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-15 18:35 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-15 18:35 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-15 18:35 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-15 18:35 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-15 18:35 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-15 18:35 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-15 18:35 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-15 18:35 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-15 18:35 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-15 18:35 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-15 18:35 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-15 18:35 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-15 18:35 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-15 18:35 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-15 18:35 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-15 18:35 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-15 18:35 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-15 18:35 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-15 18:35 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-15 18:35 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-15 18:34 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-12 08:38 - 2015-06-12 08:38 - 00005165 _____ C:\Users\Arn\AppData\Local\recently-used.xbel
2015-06-10 16:17 - 2015-06-21 20:51 - 00470880 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-09 18:51 - 2015-06-09 18:51 - 00000000 ____D C:\Program Files\Voxengo
2015-06-09 18:51 - 2015-06-09 18:51 - 00000000 ____D C:\Program Files\Common Files\Steinberg
2015-06-09 18:50 - 2015-06-09 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Firebird
2015-06-09 18:47 - 2015-06-09 18:47 - 00000000 ____D C:\Users\Public\Documents\u-he
2015-06-09 18:46 - 2015-06-09 18:46 - 00000000 ____D C:\Programme
2015-06-09 18:46 - 2015-06-09 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phasewave
2015-06-09 18:45 - 2015-06-09 18:45 - 00000000 ____D C:\Program Files\Mellowmuse
2015-06-06 15:40 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-06 15:39 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-06 15:39 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00878816 _____ C:\Windows\system32\nvmcumd.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00117576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-06-06 15:39 - 2015-05-28 09:04 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-06-05 15:07 - 2015-06-05 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-06-05 15:07 - 2015-06-05 15:07 - 00000000 ____D C:\Program Files\CPUID
2015-06-03 15:37 - 2015-06-04 08:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 16:04 - 2015-06-06 15:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 16:04 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-01 16:04 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-01 15:59 - 2015-06-01 15:59 - 00000000 ____D C:\Users\Arn\AppData\Local\GWX
2015-05-31 17:15 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-31 17:15 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-05-31 17:15 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-05-31 17:15 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-05-31 17:15 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-05-31 17:15 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-05-31 17:15 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-05-31 17:15 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-05-31 17:15 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-05-31 17:14 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-05-31 17:14 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-05-31 17:14 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-05-31 17:14 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-05-31 17:14 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-05-31 17:14 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-05-31 17:14 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-05-31 17:14 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-05-31 17:14 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-05-31 17:14 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-05-31 17:14 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-05-31 17:14 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-05-31 17:14 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-05-31 17:14 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-05-31 17:14 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-05-31 17:14 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-05-31 17:14 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-05-31 17:14 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-05-31 17:14 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-05-31 16:56 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-05-31 16:56 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-05-31 16:55 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-05-31 16:55 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-05-31 12:43 - 2015-05-31 12:43 - 00000000 ____D C:\Users\Arn\AppData\Temp
2015-05-31 12:24 - 2015-05-31 12:24 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-05-31 12:14 - 2015-05-31 12:51 - 00000000 ____D C:\ProgramData\BDLogging
2015-05-31 12:14 - 2015-05-31 12:14 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2015-05-31 12:14 - 2015-05-31 12:14 - 00000385 _____ C:\Users\Arn\AppData\Roaminguser_gensett.xml
2015-05-31 12:14 - 2015-05-31 12:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-05-31 12:14 - 2015-05-31 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-05-31 12:13 - 2015-01-23 16:30 - 00262544 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-05-31 12:13 - 2015-01-14 13:13 - 00677104 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-05-31 12:13 - 2015-01-14 13:07 - 01306464 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-05-31 12:13 - 2015-01-09 11:44 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-05-31 12:13 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2015-05-31 12:13 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-05-31 12:13 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-05-31 12:07 - 2015-05-31 12:07 - 00000000 ____D C:\Users\Arn\AppData\Roaming\Bitdefender
2015-05-31 12:05 - 2015-05-31 12:14 - 00000000 ____D C:\ProgramData\Bitdefender
2015-05-31 12:05 - 2015-05-31 12:05 - 00000000 ____D C:\Users\Arn\AppData\Roaming\QuickScan
2015-05-31 12:05 - 2015-05-31 12:05 - 00000000 ____D C:\Program Files\Bitdefender
2015-05-31 12:05 - 2015-02-24 17:52 - 00160544 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-05-31 12:05 - 2015-01-09 11:44 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2015-05-31 12:05 - 2015-01-09 11:44 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2015-05-31 12:05 - 2014-10-15 17:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-05-31 11:57 - 2015-05-31 12:05 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-05-29 16:46 - 2015-05-25 10:37 - 00450831 ____R C:\Windows\system32\Drivers\etc\hosts.20150529-164621.backup

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-26 14:53 - 2013-11-09 09:40 - 02731366 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-26 14:53 - 2013-09-13 22:52 - 00794000 _____ C:\Windows\system32\perfh010.dat
2015-06-26 14:53 - 2013-09-13 22:52 - 00156420 _____ C:\Windows\system32\perfc010.dat
2015-06-26 14:53 - 2013-09-13 22:22 - 00765378 _____ C:\Windows\system32\perfh007.dat
2015-06-26 14:53 - 2013-09-13 22:22 - 00159696 _____ C:\Windows\system32\perfc007.dat
2015-06-26 14:52 - 2014-03-22 04:34 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{306185A1-195C-4154-9A37-9E59D559F6C1}
2015-06-26 14:51 - 2014-03-22 04:27 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1709069591-411249894-1299585004-1001
2015-06-26 14:51 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-26 14:47 - 2014-04-06 13:02 - 00000000 __RDO C:\Users\Arn\SkyDrive
2015-06-26 14:46 - 2014-11-01 13:30 - 00084898 _____ C:\Windows\setupact.log
2015-06-26 14:46 - 2014-05-17 12:38 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-26 14:46 - 2014-03-22 04:21 - 00099321 _____ C:\Users\Arn\AppData\Local\BTServer.log
2015-06-26 14:46 - 2014-01-06 11:38 - 00000025 ___SH C:\Windows\SysWOW64\ReadTag.ini
2015-06-26 14:46 - 2013-11-09 09:22 - 00055602 _____ C:\Windows\PFRO.log
2015-06-26 14:46 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-26 14:45 - 2014-01-06 11:27 - 01459949 _____ C:\Windows\WindowsUpdate.log
2015-06-26 14:13 - 2014-01-06 11:26 - 00000000 ____D C:\ProgramData\Realtek
2015-06-26 14:08 - 2014-04-18 18:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-26 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-26 13:23 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-25 15:23 - 2014-12-02 09:34 - 00000000 __SHD C:\Users\Arn\AppData\Local\EmieBrowserModeList
2015-06-25 15:23 - 2014-05-10 16:24 - 00000000 __SHD C:\Users\Arn\AppData\Local\EmieUserList
2015-06-25 15:23 - 2014-05-10 16:24 - 00000000 __SHD C:\Users\Arn\AppData\Local\EmieSiteList
2015-06-24 20:21 - 2014-07-31 17:39 - 00000000 ____D C:\Users\Arn\AppData\Roaming\vlc
2015-06-24 17:20 - 2014-04-05 15:11 - 00000000 ____D C:\ProgramData\Origin
2015-06-24 16:08 - 2014-04-18 18:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 15:56 - 2014-04-05 15:11 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-23 17:23 - 2015-05-18 16:50 - 00000000 ____D C:\Users\Arn\AppData\Roaming\Audacity
2015-06-21 22:20 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 14:33 - 2014-12-10 16:42 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-19 14:33 - 2014-07-10 15:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-19 14:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-19 13:25 - 2014-03-22 11:37 - 00000000 ____D C:\Windows\system32\MRT
2015-06-19 13:23 - 2014-03-22 11:36 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-18 16:57 - 2014-04-05 15:56 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-06-18 16:57 - 2014-04-05 15:56 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-06-18 16:32 - 2014-04-10 16:23 - 00000000 ____D C:\Users\Arn\AppData\Roaming\TS3Client
2015-06-17 20:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 07:30 - 2014-04-05 15:48 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-06-13 19:38 - 2014-10-16 11:31 - 00000000 ____D C:\Users\Arn\AppData\Local\Adobe
2015-06-13 14:56 - 2014-03-21 21:08 - 00000000 ___RD C:\Users\Arn\Desktop\Programme
2015-06-13 14:05 - 2014-09-04 18:55 - 00000000 ____D C:\Users\Arn\AppData\Roaming\FlowStone
2015-06-12 19:56 - 2015-05-18 17:00 - 00000000 ____D C:\Users\Arn\Desktop\Samples
2015-06-12 08:38 - 2014-04-20 20:15 - 00000000 ____D C:\Users\Arn\AppData\Local\gtk-2.0
2015-06-12 08:38 - 2014-03-22 11:14 - 00000000 ____D C:\Users\Arn\.gimp-2.8
2015-06-11 20:17 - 2014-10-16 12:34 - 00000000 ____D C:\Users\Arn\AppData\Local\Battle.net
2015-06-09 18:39 - 2014-09-29 18:35 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2015-06-06 15:41 - 2014-05-17 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-06 15:41 - 2014-05-17 12:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-05 21:02 - 2013-11-09 10:15 - 00587578 _____ C:\Windows\DirectX.log
2015-06-05 07:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-03 15:38 - 2014-05-10 17:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-01 16:54 - 2014-04-05 15:13 - 00000000 ____D C:\Users\Arn\AppData\Roaming\Origin
2015-05-31 20:13 - 2014-04-06 14:15 - 00000000 ____D C:\ProgramData\Skype
2015-05-31 20:12 - 2014-04-06 14:15 - 00000000 ____D C:\Users\Arn\AppData\Roaming\Skype
2015-05-31 17:22 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-05-31 16:46 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\Offline Web Pages
2015-05-31 16:45 - 2014-04-25 18:40 - 00000000 ____D C:\Windows\Minidump
2015-05-31 12:01 - 2014-12-18 11:46 - 00000085 _____ C:\Windows\wininit.ini
2015-05-31 12:01 - 2014-03-25 10:17 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-29 16:02 - 2014-06-27 11:28 - 00000000 ____D C:\Program Files\CCleaner
2015-05-28 09:04 - 2014-09-21 09:59 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-05-28 09:04 - 2014-05-17 12:37 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 09:04 - 2014-05-17 12:36 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-05-17 12:36 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-05-17 12:36 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-05-17 12:38 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2014-05-17 12:38 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2014-05-17 12:38 - 04408727 _____ C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2014-03-27 18:38 - 2014-03-21 22:45 - 0012005 _____ () C:\Users\Arn\AppData\Roaming\alsoft.ini
2014-03-22 04:21 - 2015-06-26 14:46 - 0099321 _____ () C:\Users\Arn\AppData\Local\BTServer.log
2015-06-12 08:38 - 2015-06-12 08:38 - 0005165 _____ () C:\Users\Arn\AppData\Local\recently-used.xbel
2014-03-25 08:05 - 2014-05-08 20:07 - 0007609 _____ () C:\Users\Arn\AppData\Local\resmon.resmoncfg
2014-04-06 16:13 - 2014-04-06 16:13 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-11-09 09:40 - 2013-11-09 09:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Arn\AppData\Local\Temp\Quarantine.exe
C:\Users\Arn\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-23 18:10

==================== End of log ============================

schrauber 27.06.2015 08:22

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

mr.lowcut 19.07.2015 08:33
Hallo,
hat nun etwas länger gedauert als geplant. Ich habe mittlerweile mehrfach mit Bitfender mein System gescannt und konnte den Fund nun doch beheben, seit dem ist wieder alles in Ordnung auf meinem Rechner.
Ich bedanke mich trotzdem für deine Unterstützung und werde euch natürlich weiterempfehlen, wenn sich Mal wieder ein unlößbares Problem auftut. :):)

Grüße mr.lowcut

schrauber 19.07.2015 14:57
Die Kontrollscans wären trotzdem von Vorteil.


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:43 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19