| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Remote Zugriff auf meinen Computer?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.05.2015, 19:18
| #1 |
 |  Remote Zugriff auf meinen Computer? Hallo, Ich habe mir ein Programm runtergeladen was von meinem AV-Programm (Avast) nicht als schädlich angezeigt wurde, das ich dann geöffnet hatte und es erschien ein Error, nach wiederholten versuchen hab ich es abgebrochen. Ich habe immer wieder gemerkt das der Prozess im Hintergrund doch noch weitergelaufen ist und habe diesen beendet! Nun habe ich mir nix weiter schlimmes gedacht. Als ich mir ein Video angeguckt hatte habe ich gemerkt das sich meine Maus bewegt, dies habe ich mir ein paar Sekunden angeguckt doch habe dann meinen PC heruntergefahren und den Router neugestartet. Nach ein Paar Minuten habe ich meinen Computer wieder angeschaltet und öffnete den Task-Manager dort lief wieder der Prozess, ich meine mit einem anderem Namen doch dem gleichem Icon. Dort war mir klar, das sich das Programm beim starten des PC's startet. Da auf dem PC Win 8.1 läuft bin ich im Task-Manager unter Autostart gegangen, dort fand ich auch das Programm wieder und ich deaktivierte es erstmal. Ich hab den DateiPfad geöffnet und die Datei befand sich in dem %appdata% Verzeichnis in einem Ordner mit einer zufälligen Zeichenkette. Diesen Ordner habe ich dann auch gelöscht. Ich habe dann nochmal in der Registry nachgeguckt, habe doch nix gefunden da meines Erachtens das Programm ja sonst auch mehr Rechte gebraucht hätte. Wie es aussieht hat das auch schon geholfen, doch dort bin ich nicht 100%tig sicher, deshalb wollte ich hier mal fragen. Ich würde sagen ich habe mehr Ahnung als die meisten, kann aber noch viel lernen wie z.B. nicht mehr sowas runterzuladen. Vielleicht könnt ihr mir ja sagen ob dort noch mehr hintersteckt oder ob das einfache entfernen ausgereicht hat. Nicht das jetzt dort noch ein KeyLogger drin steckt  Das besagte Programm: hxxp://rghost.net/7MBxfHjjr Ich hoffe ihr versteht mein Problem, bei Fragen stehe ich gerne zur Verfügung. |
|
15.05.2015, 20:19
| #2 |
| /// TB-Ausbilder   |  Remote Zugriff auf meinen Computer? Hallo zInvalid
__________________ Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
 Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg. Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen. Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist. Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8 User mit Rechtsklick "als Administrator starten". So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
15.05.2015, 20:49
| #3 |
| | Remote Zugriff auf meinen Computer? Alles klar,
__________________Ich denke ich habe alles soweit gemacht! Die Logs habe ich jetzt nicht so hier reingeschrieben, weil es meiner Meinung nach zu unübersichtlich ist, falls es aber so besser ist kann ich das noch machen. |
|
15.05.2015, 21:18
| #4 |
| /// TB-Ausbilder | Remote Zugriff auf meinen Computer? Dafür hatte ich geschrieben: So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Daher meine Bitte, die Logfiles wie beschrieben, posten.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
15.05.2015, 23:53
| #5 |
| | Remote Zugriff auf meinen Computer? Alles klar  FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 02 Ran by Robin (administrator) on INVALID on 15-05-2015 21:30:27 Running from C:\Users\Robin\Desktop Loaded Profiles: Robin (Available profiles: Robin) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\afwServ.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Nero AG) D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (VMware, Inc.) D:\VMWare\vmware-authd.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Avast Software) D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) D:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () D:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech Inc.) D:\Program Files\Logitech Gaming Software\LCore.exe (Spotify Ltd) C:\Users\Robin\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE (Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe (ROCCAT GmbH Co., Ltd.) D:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\avastui.exe (Mozilla Corporation) D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Twitter) D:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 16\SteganosHotKeyService.exe (Twitter) D:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 16\fredirstarter.exe (VMware, Inc.) D:\VMWare\vmware-tray.exe (Joyent, Inc) C:\Users\Robin\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe (Twitter) D:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ROCCAT GmbH) D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitor.exe (ROCCAT GmbH) D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitorW.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (VMware, Inc.) D:\VMWare\vmware.exe (VMware, Inc.) D:\VMWare\vmware-unity-helper.exe (VMware, Inc.) D:\VMWare\x64\vmware-vmx.exe (VMware, Inc.) D:\VMWare\vprintproxy.exe (Microsoft Corporation) C:\Windows\splwow64.exe () C:\Users\Robin\Downloads\Defogger.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => D:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 16\SteganosHotKeyService.exe [102400 2014-10-29] (Steganos Software GmbH) HKLM-x32\...\Run: [SSS16 Chrome Autofill Relay] => C:\Program Files (x86)\Steganos Privacy Suite 16\passwordmanagercom.exe [481232 2014-10-29] (Steganos Software GmbH) HKLM-x32\...\Run: [SSS16 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 16\fredirstarter.exe [17920 2014-10-29] (Steganos Software GmbH) HKLM-x32\...\Run: [vmware-tray.exe] => D:\VMWare\vmware-tray.exe [114368 2015-02-06] (VMware, Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation) HKLM-x32\...\Run: [RoccatTyon] => D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitor.EXE [557056 2015-01-12] (ROCCAT GmbH) HKLM-x32\...\Run: [RoccatTyonW] => D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitorW.EXE [557056 2015-01-12] (ROCCAT GmbH) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,userinit.exe, HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [Spotify Web Helper] => C:\Users\Robin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-23] (Spotify Ltd) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [SSS16_Suite] => C:\Program Files (x86)\Steganos Privacy Suite 16\Suite.exe [2714032 2014-10-29] (Steganos Software GmbH) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [SSS16 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 16\SteganosBrowserMonitor.exe [74240 2014-10-29] (Steganos Software GmbH) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [Spotify] => C:\Users\Robin\AppData\Roaming\Spotify\Spotify.exe [7168568 2015-04-23] (Spotify Ltd) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6590888 2015-05-08] (Steganos Software GmbH) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\MountPoints2: {aa910471-dc82-11e4-8286-ac9e17edb1ca} - "G:\startme.exe" HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) IFEO\ultiman.exe: [Debugger] cmd.exe IFEO\utilman.exe: [Debugger] c:\windows\system32\cmd.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-05-05] ShortcutTarget: Roccat Talk.lnk -> D:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.) Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2015-01-31] ShortcutTarget: Mozilla Thunderbird.lnk -> D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TweetDeck.lnk [2015-01-31] ShortcutTarget: TweetDeck.lnk -> D:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe (Twitter) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) AutoConfigURL: [S-1-5-21-1346697615-2911746051-3580550801-1001] => hxxp://127.0.0.1:8445/okf.pac HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-20] (Avast Software s.r.o.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-20] (Avast Software s.r.o.) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation) Hosts: 79.161.244.113 ayylmao911.no-ip.biz Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469 FF Homepage: hxxp://www.google.com FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-22] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> D:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> D:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-22] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Extension: YouTube Unblocker - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\youtubeunblocker@unblocker.yt [2015-04-15] FF Extension: Ciuvo Price Comparison - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\extension@ciuvo.com.xpi [2015-04-15] FF Extension: MEGA EXTENSION - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\firefox@mega.co.nz.xpi [2015-04-15] FF Extension: NoScript - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-04-15] FF Extension: Adblock Plus - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-15] FF Extension: OkayFreedom - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2015-05-11] FF Extension: Greasemonkey - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-22] FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 16\spmplugin3 FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 16\spmplugin3 [2015-02-19] FF HKLM-x32\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2015-04-07] StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-21] CHR Extension: (Google Docs) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-21] CHR Extension: (Google Drive) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-21] CHR Extension: (MEGA) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-03-23] CHR Extension: (YouTube) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-21] CHR Extension: (Adblock Plus) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-17] CHR Extension: (Google Search) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-21] CHR Extension: (Tampermonkey) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-05-11] CHR Extension: (Google Sheets) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-21] CHR Extension: (Bookmark Manager) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23] CHR Extension: (Avast Online Security) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-21] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-23] CHR Extension: (Google Wallet) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-23] CHR Extension: (Gmail) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-21] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17] Opera: ======= StartMenuInternet: (HKLM) OperaStable - D:\Program Files (x86)\Opera\Launcher.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2014-01-28] () S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.) R2 avast! Firewall; D:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-09] (Avast Software s.r.o.) R3 AvastVBoxSvc; D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-09] (Avast Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-05] () S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [237864 2015-03-06] (EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) S3 Futuremark SystemInfo Service; D:\Program Files\Futuremark\FMSISvc.exe [614624 2015-02-09] (Futuremark) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation) R2 HTCMonitorService; D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG) R2 MBAMScheduler; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation) R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [330168 2015-05-08] (Steganos Software GmbH) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed] R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-01-30] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-02-05] () S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH) R2 VMAuthdService; D:\VMWare\vmware-authd.exe [87744 2015-02-06] (VMware, Inc.) S3 VMwareHostd; D:\VMWare\vmware-hostd.exe [12730048 2015-02-06] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-09] (Avast Software s.r.o.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-09] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-09] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] () S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider) R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-15] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) S3 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-04-09] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R1 SLEE_19_DRIVER; C:\WINDOWS\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Remus - ArchiCrypt - ) S3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider) R2 VBoxAswDrv; D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-09] (Avast Software) R3 VHidXInput; C:\Windows\System32\drivers\VXInput.sys [7424 2014-08-13] (Windows (R) Win 7 DDK provider) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 WinDivert1.1; D:\Program Files\KMSpico\WinDivert.sys [35376 2015-01-28] (Basil Projects) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation) S3 cpuz138; \??\C:\WINDOWS\TEMP\cpuz138\cpuz138_x64.sys [X] S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X] S4 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-15 21:30 - 2015-05-15 21:30 - 00027567 _____ () C:\Users\Robin\Desktop\FRST.txt 2015-05-15 21:29 - 2015-05-15 21:29 - 02106368 _____ (Farbar) C:\Users\Robin\Downloads\FRST64.exe 2015-05-15 21:29 - 2015-05-15 21:29 - 00000472 _____ () C:\Users\Robin\Downloads\defogger_disable.log 2015-05-15 21:29 - 2015-05-15 21:29 - 00000000 ____D () C:\Users\Robin\Desktop\FRST-OlderVersion 2015-05-15 21:29 - 2015-05-15 21:29 - 00000000 _____ () C:\Users\Robin\defogger_reenable 2015-05-15 21:28 - 2015-05-15 21:28 - 00050477 _____ () C:\Users\Robin\Downloads\Defogger.exe 2015-05-15 20:24 - 2015-05-15 20:24 - 00001828 _____ () C:\WINDOWS\PFRO.log 2015-05-15 20:24 - 2015-05-15 20:24 - 00000348 _____ () C:\WINDOWS\setupact.log 2015-05-15 20:24 - 2015-05-15 20:24 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-05-15 19:49 - 2015-05-15 20:24 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-05-15 19:49 - 2015-05-15 19:49 - 00000829 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-15 19:49 - 2015-05-15 19:49 - 00000829 _____ () C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-15 19:49 - 2015-05-15 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-15 19:49 - 2015-05-15 19:49 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-15 19:49 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-05-15 19:49 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-05-15 19:49 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-05-15 19:48 - 2015-05-15 19:49 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Robin\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-15 19:36 - 2015-05-15 19:36 - 00000112 _____ () C:\WINDOWS\system32\snetcfg.log 2015-05-15 14:50 - 2015-05-15 14:50 - 21552180 _____ () C:\Users\Robin\Downloads\spigot-1.8.3-R0.1-SNAPSHOT-latest(2).jar 2015-05-15 01:06 - 2015-05-15 01:06 - 00000000 ____D () C:\Users\Robin\DownloadsR3CSS 2015-05-15 00:26 - 2015-05-15 00:26 - 02592768 _____ () C:\Users\Robin\Downloads\502022.exe 2015-05-15 00:18 - 2015-05-15 00:18 - 00038912 _____ () C:\Users\Robin\Downloads\ESP3_[www.unknowncheats.me]_.dll 2015-05-14 15:39 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-14 15:39 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-14 13:59 - 2015-05-14 13:59 - 01508908 _____ () C:\Users\Robin\Downloads\gamehacker01.apk 2015-05-13 19:07 - 2015-05-13 19:07 - 96647698 _____ () C:\Users\Robin\Downloads\DNJKXCsadyuift6743wyre.rar 2015-05-13 16:48 - 2015-05-13 16:48 - 00000887 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk 2015-05-13 16:48 - 2015-05-13 16:48 - 00000887 _____ () C:\ProgramData\Desktop\FileZilla Client.lnk 2015-05-13 16:48 - 2015-05-13 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-05-13 16:47 - 2015-05-13 16:47 - 06420600 _____ (Tim Kosse) C:\Users\Robin\Downloads\FileZilla_3.10.3_win64-setup [1].exe 2015-05-13 13:44 - 2015-05-13 13:44 - 00009769 _____ () C:\Users\Robin\Downloads\MoreHearts_V2.1.2.jar 2015-05-13 13:14 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-05-13 13:14 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-05-13 13:14 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-05-13 13:14 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-05-13 13:14 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-05-13 13:14 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-05-13 13:14 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-05-13 13:14 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-05-13 13:14 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-05-13 13:14 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-05-13 13:14 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-05-13 13:14 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2015-05-13 13:14 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-05-13 13:14 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-05-13 13:14 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-05-13 13:14 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-05-13 13:14 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-05-13 13:14 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-05-13 13:14 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-05-13 13:14 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-05-13 13:14 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-05-13 13:14 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-05-13 13:14 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-05-13 13:14 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-05-13 13:14 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-05-13 13:14 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-05-13 13:14 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-05-13 13:14 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-05-13 13:14 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-05-13 13:14 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-05-13 13:14 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-05-13 13:14 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-05-13 13:14 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-05-13 13:14 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-05-13 13:14 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-05-13 13:14 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-05-13 13:14 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-05-13 13:14 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-05-13 13:14 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-05-13 13:14 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-05-13 13:14 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-05-13 13:14 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-05-13 13:14 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-05-13 13:14 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-05-13 13:14 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-05-13 13:14 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-05-13 13:14 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-05-13 13:14 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-05-13 13:14 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2015-05-13 13:14 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll 2015-05-13 13:14 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll 2015-05-13 13:14 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2015-05-13 13:14 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2015-05-13 13:14 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2015-05-13 13:14 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2015-05-13 13:14 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-05-13 13:14 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-05-13 13:14 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-05-13 13:14 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-05-13 13:14 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2015-05-13 13:14 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-05-13 13:14 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2015-05-13 13:14 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2015-05-13 13:14 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys 2015-05-13 13:14 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-05-13 13:14 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-05-13 13:14 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2015-05-13 13:14 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe 2015-05-13 13:14 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe 2015-05-13 13:14 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2015-05-13 13:14 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll 2015-05-13 13:14 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2015-05-13 13:14 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll 2015-05-13 13:14 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-05-13 13:14 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2015-05-13 13:14 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2015-05-13 13:14 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2015-05-13 13:14 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-05-12 23:32 - 2015-05-12 23:32 - 00000809 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-05-12 23:32 - 2015-05-12 23:32 - 00000809 _____ () C:\ProgramData\Desktop\VLC media player.lnk 2015-05-12 23:32 - 2015-05-12 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-05-12 23:31 - 2015-05-12 23:31 - 28849904 _____ () C:\Users\Robin\Downloads\vlc-2.2.1-win32.exe 2015-05-12 20:52 - 2015-05-12 20:54 - 00008037 _____ () C:\Users\Robin\Desktop\pexback.txt 2015-05-12 19:49 - 2015-05-12 19:49 - 00062738 _____ () C:\Users\Robin\Downloads\Signs.jar 2015-05-12 16:06 - 2015-05-12 16:06 - 00005668 _____ () C:\Users\Robin\Downloads\TPC.jar 2015-05-11 20:28 - 2015-05-15 20:36 - 01306313 _____ () C:\WINDOWS\WindowsUpdate.log 2015-05-11 20:04 - 2015-05-11 20:04 - 00001152 _____ () C:\Users\Public\Desktop\OkayFreedom.lnk 2015-05-11 20:04 - 2015-05-11 20:04 - 00001152 _____ () C:\ProgramData\Desktop\OkayFreedom.lnk 2015-05-11 18:05 - 2015-05-11 18:05 - 00295492 _____ () C:\Users\Robin\Downloads\Vault(1).jar 2015-05-10 18:03 - 2015-05-10 18:03 - 00161622 _____ () C:\Users\Robin\Downloads\Bedwars.jar 2015-05-10 17:26 - 2015-05-11 18:14 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\BRvmkth8tn 2015-05-10 17:26 - 2015-05-10 22:26 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\6483B38F-21FD-4E83-933B-7960BAE72B93 2015-05-10 17:15 - 2015-05-10 17:36 - 00000000 ____D () C:\Users\Robin\Desktop\LELO 2015-05-10 16:18 - 2015-05-10 16:18 - 00320143 _____ () C:\Users\Robin\Downloads\Multiverse-Inventories-2.5.jar 2015-05-10 14:03 - 2015-05-10 14:03 - 00072774 _____ () C:\Users\Robin\Downloads\ClickWarp_v1.3.5.jar 2015-05-10 13:15 - 2015-05-10 13:15 - 00069814 _____ () C:\Users\Robin\Downloads\NametagEdit(1).jar 2015-05-10 12:55 - 2015-05-10 12:55 - 00018694 _____ () C:\Users\Robin\Downloads\Votifier.jar 2015-05-09 23:47 - 2015-05-09 23:48 - 00000000 ____D () C:\Users\Robin\AppData\Local\Arma 3 Launcher 2015-05-09 23:24 - 2015-05-09 23:24 - 00069814 _____ () C:\Users\Robin\Downloads\NametagEdit.jar 2015-05-09 23:00 - 2015-05-09 23:00 - 00141230 _____ () C:\Users\Robin\Downloads\Jobs(1).jar 2015-05-09 22:48 - 2015-05-09 22:48 - 00337004 _____ () C:\Users\Robin\Downloads\Vault-1.4.1.jar 2015-05-09 22:23 - 2015-05-09 22:23 - 00994563 _____ () C:\Users\Robin\Downloads\Citizens(1).jar 2015-05-09 21:51 - 2015-05-09 21:51 - 00080090 _____ () C:\Users\Robin\Downloads\ucars.jar 2015-05-09 21:49 - 2015-05-09 21:49 - 00557989 _____ () C:\Users\Robin\Downloads\pvparena-1.0.jar 2015-05-09 21:49 - 2015-05-09 21:49 - 00064499 _____ () C:\Users\Robin\Downloads\RewardMe.jar 2015-05-09 21:46 - 2015-05-09 21:46 - 00388562 _____ () C:\Users\Robin\Downloads\MobArena.jar 2015-05-09 21:45 - 2015-05-09 21:45 - 00043355 _____ () C:\Users\Robin\Downloads\Lift.jar 2015-05-09 21:44 - 2015-05-09 21:44 - 00045577 _____ () C:\Users\Robin\Downloads\JumpBlocks.jar 2015-05-09 21:43 - 2015-05-09 22:58 - 00144443 _____ () C:\Users\Robin\Downloads\Jobs.jar 2015-05-09 21:41 - 2015-05-09 21:41 - 00023155 _____ () C:\Users\Robin\Downloads\InfiniteDispensersAndDroppers.jar 2015-05-09 21:40 - 2015-05-09 21:40 - 00020826 _____ () C:\Users\Robin\Downloads\HolographicDisplaysPatch.jar 2015-05-09 21:39 - 2015-05-09 21:39 - 00005600 _____ () C:\Users\Robin\Downloads\GiftBox.jar 2015-05-09 21:37 - 2015-05-09 21:37 - 00087914 _____ () C:\Users\Robin\Downloads\FoundDiamonds.jar 2015-05-09 21:36 - 2015-05-09 21:36 - 00030467 _____ () C:\Users\Robin\Downloads\EXPBank.jar 2015-05-09 21:34 - 2015-05-09 21:34 - 00999688 _____ () C:\Users\Robin\Downloads\EchoPet-v2.5.0.jar 2015-05-09 21:34 - 2015-05-09 21:34 - 00061365 _____ () C:\Users\Robin\Downloads\EasyJetpack-1.3.jar 2015-05-09 21:33 - 2015-05-09 21:33 - 00005484 _____ () C:\Users\Robin\Downloads\ClearChat.jar 2015-05-09 21:27 - 2015-05-09 21:27 - 00464787 _____ () C:\Users\Robin\Downloads\LWC(1).jar 2015-05-09 20:32 - 2015-05-09 20:32 - 00796070 _____ () C:\Users\Robin\Downloads\BanManager.jar 2015-05-09 20:24 - 2015-05-09 20:24 - 00021939 _____ () C:\Users\Robin\Downloads\1.8NameTags.jar 2015-05-09 19:55 - 2015-05-09 19:55 - 00142677 _____ () C:\Users\Robin\Downloads\BlockHunt_v0.2.0_BETA_B5.jar 2015-05-09 19:54 - 2015-05-09 19:54 - 00236210 _____ () C:\Users\Robin\Downloads\LibsDisguises.jar 2015-05-09 19:38 - 2015-05-09 19:38 - 00061445 _____ () C:\Users\Robin\Downloads\DolphinSpleef.jar 2015-05-09 19:24 - 2015-05-09 19:26 - 00040697 _____ () C:\Users\Robin\Downloads\KillCounter.jar 2015-05-09 19:01 - 2015-05-09 19:01 - 00384921 _____ () C:\Users\Robin\Downloads\CustomSpawners.jar 2015-05-09 19:00 - 2015-05-09 19:01 - 00959115 _____ () C:\Users\Robin\Downloads\Citizens.jar 2015-05-09 18:49 - 2015-05-09 18:49 - 00778914 _____ () C:\Users\Robin\Downloads\NoCheatPlus(3).jar 2015-05-09 18:48 - 2015-05-09 18:48 - 00079410 _____ () C:\Users\Robin\Downloads\TagAPI(1).jar 2015-05-09 18:38 - 2015-05-09 18:38 - 00156171 _____ () C:\Users\Robin\Downloads\SurvivalGamesPlus.jar 2015-05-09 18:36 - 2015-05-09 18:36 - 00128587 _____ () C:\Users\Robin\Downloads\PortableHorses.jar 2015-05-09 18:36 - 2015-05-09 18:36 - 00052259 _____ () C:\Users\Robin\Downloads\LagMeter.jar 2015-05-09 18:34 - 2015-05-09 18:34 - 00078240 _____ () C:\Users\Robin\Downloads\HealthBar.jar 2015-05-09 18:33 - 2015-05-09 18:33 - 00008495 _____ () C:\Users\Robin\Downloads\iControlU.jar 2015-05-09 18:31 - 2015-05-09 18:31 - 01315785 _____ () C:\Users\Robin\Downloads\ProtocolLib-3.4.0.jar 2015-05-09 17:12 - 2015-05-09 17:14 - 00000000 ____D () C:\Users\Robin\Desktop\McCracked 2015-05-09 00:25 - 2015-05-09 00:25 - 00449896 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys 2015-05-09 00:25 - 2015-05-09 00:25 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe 2015-05-09 00:25 - 2015-05-09 00:25 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr 2015-05-07 20:21 - 2015-05-07 20:21 - 21552180 _____ () C:\Users\Robin\Downloads\spigot-1.8.3-R0.1-SNAPSHOT-latest(1).jar 2015-05-07 20:11 - 2015-05-07 20:12 - 00391418 _____ () C:\Users\Robin\Downloads\craftconomy3-3.1.6.jar 2015-05-07 19:55 - 2015-05-07 19:55 - 02804018 _____ () C:\Users\Robin\Downloads\craftconomy3-3.2.2-20150426.141214-9.jar 2015-05-07 17:27 - 2015-05-07 17:27 - 02803105 _____ () C:\Users\Robin\Downloads\craftconomy3-3.2.1.jar 2015-05-07 17:19 - 2015-05-07 17:19 - 00034852 _____ () C:\Users\Robin\Downloads\mwmoney.jar 2015-05-06 19:16 - 2015-05-06 19:16 - 00325807 _____ () C:\Users\Robin\Downloads\Multiverse-Core-2.4(1).jar 2015-05-06 19:01 - 2015-05-06 19:01 - 00079986 _____ () C:\Users\Robin\Downloads\ChatEx(2).jar 2015-05-06 18:43 - 2015-05-06 18:43 - 00724333 _____ () C:\Users\Robin\Downloads\PermissionsEx-1.23.2.jar 2015-05-06 18:20 - 2015-05-06 18:20 - 00934263 _____ () C:\Users\Robin\Downloads\OptiFine_1.8.3_HD_U_D3.jar 2015-05-06 18:04 - 2015-05-06 18:05 - 09601387 _____ () C:\Users\Robin\Downloads\world.rar 2015-05-06 17:58 - 2015-05-06 17:58 - 21550052 _____ () C:\Users\Robin\Downloads\spigot-1.8.3-R0.1-SNAPSHOT-latest.jar 2015-05-06 17:57 - 2015-05-06 17:57 - 00849775 _____ () C:\Users\Robin\Downloads\spigot-api-1.8.3-R0.1-SNAPSHOT-latest.jar 2015-05-06 16:26 - 2015-05-06 16:26 - 00166222 _____ () C:\Users\Robin\Downloads\iConomy(2).jar 2015-05-06 13:31 - 2015-05-06 13:32 - 00000000 ____D () C:\Users\Robin\Desktop\MeynPvP 2015-05-05 22:51 - 2015-05-12 23:32 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\vlc 2015-05-05 15:55 - 2015-05-05 15:55 - 00003572 _____ () C:\Users\Robin\Downloads\easystack.jar 2015-05-05 14:44 - 2015-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT 2015-05-04 21:27 - 2015-04-27 12:55 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2015-05-04 21:27 - 2015-04-27 12:55 - 00207272 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2015-05-04 21:27 - 2015-04-27 12:55 - 00206760 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2015-05-04 21:26 - 2015-05-04 21:26 - 31239592 _____ (Oracle Corporation) C:\Users\Robin\Downloads\jre-7u80-windows-x64.exe 2015-05-04 20:43 - 2015-05-04 20:43 - 00087222 _____ () C:\Users\Robin\Downloads\SimpleBroadcast.jar 2015-05-04 20:30 - 2015-05-04 20:30 - 20610577 _____ () C:\Users\Robin\Downloads\spigot-1.7.10-SNAPSHOT-b1657.jar 2015-05-03 22:18 - 2015-05-03 22:19 - 19503694 _____ () C:\Users\Public\spigot1659.jar 2015-05-03 21:56 - 2015-05-03 21:56 - 00003192 _____ () C:\Users\Robin\Downloads\permissions (2).yml 2015-05-03 19:06 - 2015-05-03 19:06 - 00035573 _____ () C:\Users\Robin\Downloads\ChatLib_v1.2.jar 2015-05-02 16:32 - 2015-05-02 16:32 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Software Tool 2015-05-01 01:01 - 2015-05-01 01:01 - 00125403 _____ () C:\Users\Robin\Downloads\SAPPlugin-0.9.35-SNAPSHOT.jar 2015-04-30 16:35 - 2015-04-30 17:20 - 00000000 ____D () C:\Users\Robin\.zenmap 2015-04-30 16:35 - 2015-04-30 16:35 - 00000000 ____D () C:\Program Files\WinPcap 2015-04-30 16:34 - 2015-04-30 16:34 - 27111830 _____ (Insecure.org) C:\Users\Robin\Downloads\nmap-6.47-setup.exe 2015-04-28 22:02 - 2015-04-28 22:04 - 00000000 ____D () C:\Users\Robin\Desktop\JTS3ServerMod_5.4.2 2015-04-27 20:58 - 2015-01-24 16:46 - 01568433 _____ () C:\Users\Public\worldedit-bukkit-6.0.jar 2015-04-27 20:58 - 2015-01-20 20:25 - 01309613 _____ () C:\Users\Public\worldguard-6.0.0-beta-05.jar 2015-04-27 14:22 - 2015-04-27 14:22 - 00003362 _____ () C:\Users\Robin\Downloads\RunAs.jar 2015-04-27 13:05 - 2015-04-27 13:05 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\JetBrains 2015-04-27 13:04 - 2015-04-27 13:04 - 00000727 _____ () C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 14.1.2.lnk 2015-04-27 13:04 - 2015-04-27 13:04 - 00000727 _____ () C:\ProgramData\Desktop\IntelliJ IDEA Community Edition 14.1.2.lnk 2015-04-27 13:04 - 2015-04-27 13:04 - 00000000 ____D () C:\Users\Robin\.IdeaIC14 2015-04-27 13:04 - 2015-04-27 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains 2015-04-27 13:03 - 2015-04-27 13:03 - 204364624 _____ () C:\Users\Robin\Downloads\ideaIC-14.1.2.exe 2015-04-27 12:55 - 2015-05-04 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-04-27 12:55 - 2015-04-27 12:55 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2015-04-27 12:49 - 2015-04-27 12:49 - 189180832 _____ (Oracle Corporation) C:\Users\Robin\Downloads\jdk-8u45-windows-x64.exe 2015-04-27 12:47 - 2015-04-27 12:47 - 00000000 _____ () C:\WINDOWS\system32\RENE4BD.tmp 2015-04-27 11:55 - 2015-04-27 11:51 - 00218502 _____ () C:\Users\Public\fanciful-0.3.3-20150330.224758-1.jar 2015-04-27 11:37 - 2015-04-27 11:37 - 00010677 _____ () C:\Users\Robin\Downloads\JSONWriter.java 2015-04-26 14:47 - 2015-04-26 14:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2015-04-25 22:46 - 2015-04-25 22:46 - 00040732 _____ () C:\Users\Robin\Downloads\Hack4Fun.jar 2015-04-25 18:47 - 2015-04-25 18:47 - 00467904 _____ () C:\Users\Robin\Downloads\XBCDv107.exe 2015-04-25 18:47 - 2015-04-25 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XBCD 2015-04-25 18:40 - 2015-04-25 18:40 - 00000000 ____D () C:\Users\Robin\AppData\Local\Skyrim 2015-04-25 11:58 - 2015-04-25 11:58 - 00000000 ____D () C:\Users\Robin\Desktop\GTA Garage Editor By SonOfABeach v1.03 2015-04-24 22:30 - 2015-04-24 22:30 - 00000000 ____D () C:\WINDOWS\Sun 2015-04-24 22:13 - 2015-04-24 22:13 - 00004315 _____ () C:\Users\Robin\Downloads\Funktion.java 2015-04-24 20:25 - 2015-04-24 20:25 - 00002062 _____ () C:\Users\Robin\Downloads\BetterReloadjar.jar 2015-04-24 18:26 - 2015-04-25 00:25 - 00000000 ____D () C:\Users\Robin\Desktop\GTAOTunaEditor 2015-04-24 13:40 - 2015-04-24 13:40 - 06484352 _____ (Piriform Ltd) C:\Users\Robin\Downloads\ccsetup505.exe 2015-04-24 00:04 - 2015-05-07 23:11 - 00000000 ____D () C:\Users\Robin\Desktop\print 2015-04-23 18:53 - 2015-04-23 18:53 - 00000904 _____ () C:\Users\Robin\Desktop\µTorrent.lnk 2015-04-23 18:53 - 2015-04-23 18:53 - 00000884 _____ () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-04-23 18:36 - 2015-04-23 18:36 - 01744976 _____ (BitTorrent Inc.) C:\Users\Robin\Downloads\uTorrent.exe 2015-04-23 17:56 - 2015-05-15 21:30 - 00000000 ____D () C:\FRST 2015-04-23 17:56 - 2015-05-15 21:29 - 02106368 _____ (Farbar) C:\Users\Robin\Desktop\FRST64.exe 2015-04-23 16:13 - 2015-04-23 16:17 - 00000000 ____D () C:\AdwCleaner 2015-04-23 16:13 - 2015-04-23 16:13 - 02217984 _____ () C:\Users\Robin\Downloads\adwcleaner_4.201.exe 2015-04-22 22:53 - 2015-04-22 22:53 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\tor 2015-04-22 21:00 - 2015-05-12 14:09 - 00000080 _____ () C:\Users\Robin\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦 2015-04-22 19:50 - 2015-04-22 20:28 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\YaTQA 2015-04-22 19:49 - 2015-04-22 19:49 - 01262420 _____ () C:\Users\Robin\Downloads\YaTQA_setup.exe 2015-04-22 19:49 - 2015-04-22 19:49 - 00000712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk 2015-04-22 18:44 - 2015-04-22 20:12 - 00000290 _____ () C:\Users\Robin\Documents\TeamSpeakRechte.txt 2015-04-21 17:02 - 2015-04-21 17:02 - 00231376 _____ (TrueCrypt Foundation) C:\WINDOWS\system32\Drivers\truecrypt.sys 2015-04-21 17:01 - 2015-04-21 17:01 - 03466248 _____ (TrueCrypt Foundation) C:\Users\Robin\Downloads\truecrypt_setup_7.1a.exe 2015-04-21 16:59 - 2015-04-21 16:59 - 00008163 _____ () C:\Users\Robin\Downloads\sempervideo-amazon-de.xml 2015-04-20 19:45 - 2015-04-20 19:45 - 00000000 ____D () C:\Users\Robin\AppData\Local\Overwolf 2015-04-19 16:10 - 2015-04-19 16:10 - 00000540 _____ () C:\Users\Public\Desktop\Fraps.lnk 2015-04-19 16:10 - 2015-04-19 16:10 - 00000540 _____ () C:\ProgramData\Desktop\Fraps.lnk 2015-04-19 16:10 - 2015-04-19 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-04-18 19:09 - 2015-04-18 19:09 - 00052514 _____ () C:\Users\Robin\Downloads\minecraftjoinbot.rar 2015-04-18 18:10 - 2015-04-18 18:10 - 00000000 ____D () C:\Users\Robin\Desktop\JavaDoc GameLIB 2015-04-16 23:22 - 2015-04-16 23:22 - 00000000 ____D () C:\WINDOWS\system32\appraiser 2015-04-16 23:16 - 2015-04-16 23:19 - 00000249 _____ () C:\WINDOWS\w32dasm8.ini 2015-04-16 23:11 - 2015-04-16 23:13 - 00000000 ____D () C:\Users\Robin\Desktop\W32Dasm8 & Hiew 2015-04-16 22:53 - 2015-04-22 21:24 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\mathegrafix 2015-04-16 22:53 - 2015-04-16 23:01 - 00000000 ____D () C:\Users\Robin\Desktop\odbg110 2015-04-16 22:46 - 2015-04-16 22:46 - 00000715 _____ () C:\Users\Public\Desktop\MatheGrafix 10.lnk 2015-04-16 22:46 - 2015-04-16 22:46 - 00000715 _____ () C:\ProgramData\Desktop\MatheGrafix 10.lnk 2015-04-16 22:46 - 2015-04-16 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MatheGrafix 2015-04-16 18:33 - 2015-04-16 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-04-16 17:11 - 2015-04-16 17:11 - 01355672 _____ (MurGee.com ) C:\Users\Robin\Downloads\setup(1).exe 2015-04-15 14:17 - 2015-04-15 14:17 - 00000000 ____D () C:\Users\Robin\Desktop\Alte Firefox-Daten 2015-04-15 13:46 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-04-15 13:46 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-04-15 13:46 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2015-04-15 13:46 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-04-15 13:46 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll 2015-04-15 13:46 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2015-04-15 13:46 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2015-04-15 13:46 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2015-04-15 13:46 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe 2015-04-15 13:46 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe 2015-04-15 13:46 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2015-04-15 13:46 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2015-04-15 13:45 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2015-04-15 13:45 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2015-04-15 13:45 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2015-04-15 13:44 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2015-04-15 13:44 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll 2015-04-15 13:44 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll 2015-04-15 13:44 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2015-04-15 13:43 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-04-15 13:43 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-04-15 13:43 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-04-15 13:43 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-04-15 13:43 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-04-15 13:43 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-04-15 13:43 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-04-15 13:43 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-04-15 13:43 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2015-04-15 13:43 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-04-15 13:43 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2015-04-15 13:43 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2015-04-15 13:43 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2015-04-15 13:43 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-04-15 13:43 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-04-15 13:43 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-04-15 13:43 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2015-04-15 13:43 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-04-15 13:43 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-04-15 13:43 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-04-15 13:43 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-04-15 13:43 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-04-15 13:43 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-04-15 13:43 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-04-15 13:43 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-04-15 13:43 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2098-01-01 01:59 - 2015-03-21 15:31 - 02598568 _____ () C:\Users\Robin\Downloads\libg.so 2015-05-15 21:29 - 2015-01-22 04:06 - 00000000 ____D () C:\Users\Robin 2015-05-15 21:24 - 2015-01-23 22:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Skype 2015-05-15 21:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-05-15 21:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp 2015-05-15 21:01 - 2015-01-03 14:15 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\VMware 2015-05-15 21:01 - 2015-01-03 14:15 - 00000000 ____D () C:\Users\Robin\AppData\Local\VMware 2015-05-15 20:41 - 2015-01-22 04:13 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1346697615-2911746051-3580550801-1001 2015-05-15 20:33 - 2015-01-08 16:09 - 00000000 ____D () C:\Users\Robin\AppData\Local\Eclipse 2015-05-15 20:30 - 2015-01-22 04:06 - 01785100 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-05-15 20:30 - 2013-09-05 15:07 - 00767024 _____ () C:\WINDOWS\system32\perfh007.dat 2015-05-15 20:30 - 2013-09-05 15:07 - 00160370 _____ () C:\WINDOWS\system32\perfc007.dat 2015-05-15 20:25 - 2015-02-14 20:40 - 00000000 ____D () C:\Users\Robin\AppData\Local\Spotify 2015-05-15 20:25 - 2015-02-14 20:37 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Spotify 2015-05-15 20:25 - 2015-01-22 04:10 - 00000000 __RDO () C:\Users\Robin\SkyDrive 2015-05-15 20:25 - 2014-12-25 05:33 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Steganos VPN 2015-05-15 20:24 - 2015-02-11 02:22 - 00000000 ____D () C:\Users\Robin\AppData\Local\HTC MediaHub 2015-05-15 20:24 - 2015-01-22 16:28 - 00000000 ____D () C:\ProgramData\VMware 2015-05-15 20:24 - 2015-01-22 04:00 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-05-15 20:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Globalization 2015-05-15 20:24 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-05-15 19:36 - 2015-02-01 11:05 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang 2015-05-15 19:34 - 2014-12-27 17:23 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\uTorrent 2015-05-15 18:54 - 2015-01-06 23:28 - 00000000 ____D () C:\Users\Robin\Desktop\jd-gui-0.3.6.windows 2015-05-15 15:27 - 2015-02-06 01:19 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\.minecraft 2015-05-15 14:07 - 2013-08-22 16:44 - 05177488 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-05-15 02:11 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2015-05-15 02:10 - 2014-12-25 21:47 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\OBS 2015-05-15 02:00 - 2015-01-22 04:11 - 00000000 ____D () C:\Users\Robin\AppData\Local\Adobe 2015-05-14 22:25 - 2015-03-10 03:12 - 00000600 _____ () C:\Users\Robin\AppData\Roaming\winscp.rnd 2015-05-14 16:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2015-05-14 15:40 - 2015-01-22 05:45 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-14 15:40 - 2015-01-21 20:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-05-14 15:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-05-14 15:40 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-05-14 15:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2015-05-14 15:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers 2015-05-14 15:38 - 2015-01-22 04:24 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-05-14 15:36 - 2015-01-22 04:24 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-05-14 15:35 - 2013-08-22 15:25 - 00000167 _____ () C:\WINDOWS\win.ini 2015-05-14 15:34 - 2014-12-25 05:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\FileZilla 2015-05-14 14:09 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries 2015-05-13 18:45 - 2015-03-18 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-05-13 18:45 - 2015-03-18 17:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-13 18:45 - 2015-02-27 01:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-05-13 18:43 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-12 12:13 - 2014-12-25 05:55 - 00001399 _____ () C:\Users\Robin\Desktop\xaddo.txt 2015-05-11 22:01 - 2014-12-28 10:40 - 00000000 ____D () C:\Users\Robin\Desktop\Öffnen 2015-05-11 20:04 - 2015-02-10 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom 2015-05-11 20:04 - 2015-01-24 00:27 - 00000000 ____D () C:\Program Files (x86)\OkayFreedom 2015-05-11 19:53 - 2015-01-27 16:36 - 00000000 ____D () C:\Users\Robin\AppData\Local\CrashDumps 2015-05-11 15:41 - 2015-01-22 04:07 - 00000000 ____D () C:\Users\Robin\AppData\Local\Packages 2015-05-09 23:50 - 2015-02-14 05:16 - 00000000 ____D () C:\Users\Robin\AppData\Local\Arma 3 2015-05-09 00:25 - 2015-01-22 04:55 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-05-07 23:58 - 2015-01-22 05:14 - 00000000 ____D () C:\ProgramData\Origin 2015-05-07 22:51 - 2015-04-01 01:09 - 00000000 ____D () C:\Users\Robin\Desktop\BungeeTest 2015-05-05 19:59 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-05-05 19:59 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-05 14:48 - 2014-12-25 20:32 - 00000000 ____D () C:\Users\Robin\Desktop\ROCCAT 2015-05-05 14:44 - 2015-01-22 04:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-05-05 14:34 - 2015-01-22 05:06 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-04 21:27 - 2015-01-22 05:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-05-03 14:31 - 2015-01-22 22:58 - 00000000 ____D () C:\Users\Robin\Desktop\[www.OldSchoolHack.de]_Titanium v0.01 2015-05-01 01:41 - 2014-12-25 06:01 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Origin 2015-04-30 22:50 - 2015-01-22 20:58 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\TeamViewer 2015-04-29 16:13 - 2015-01-23 22:55 - 00000000 ____D () C:\ProgramData\Skype 2015-04-29 15:36 - 2015-03-17 00:07 - 00022063 _____ () C:\Users\Robin\Documents\Acc.txt 2015-04-27 12:52 - 2015-01-22 04:51 - 00000000 ____D () C:\ProgramData\Oracle 2015-04-25 18:39 - 2015-01-03 13:36 - 00000000 ____D () C:\Users\Robin\Documents\My Games 2015-04-24 13:41 - 2015-01-30 00:12 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-04-24 13:41 - 2015-01-30 00:12 - 00000841 _____ () C:\ProgramData\Desktop\CCleaner.lnk 2015-04-24 13:41 - 2015-01-30 00:12 - 00000000 ____D () C:\Program Files\CCleaner 2015-04-23 18:21 - 2015-02-14 04:57 - 00000000 ____D () C:\Users\Robin\AppData\Local\NVIDIA 2015-04-23 18:18 - 2015-01-22 04:00 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-04-23 18:18 - 2014-12-25 14:00 - 00000000 ____D () C:\Users\Robin\AppData\Local\NVIDIA Corporation 2015-04-23 16:17 - 2015-01-22 05:38 - 00000000 ____D () C:\WINDOWS\system32\log 2015-04-23 15:46 - 2015-03-25 14:45 - 00022613 _____ () C:\Users\Robin\Downloads\FTPPasswordKracker.zip 2015-04-23 15:46 - 2015-01-20 19:22 - 15455032 _____ () C:\Users\Robin\Downloads\Hard DDOS Server Free.(1).zip 2015-04-23 15:46 - 2015-01-20 18:21 - 15455032 _____ () C:\Users\Robin\Downloads\Hard DDOS Server Free..zip 2015-04-23 15:44 - 2015-01-20 20:30 - 00001870 _____ () C:\Users\Robin\Downloads\ACC2014KG(Updated).rar 2015-04-23 15:16 - 2015-02-05 17:11 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2015-04-20 00:38 - 2015-02-18 23:22 - 00007653 _____ () C:\Users\Robin\AppData\Local\Resmon.ResmonCfg 2015-04-17 19:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports 2015-04-17 13:40 - 2015-04-14 01:35 - 00000000 ____D () C:\Program Files\Rockstar Games 2015-04-17 13:40 - 2015-04-14 01:35 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2015-04-17 13:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat 2015-04-16 23:22 - 2015-03-30 14:40 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2015-04-15 19:17 - 2015-04-11 22:57 - 00000000 ____D () C:\Users\Robin\Desktop\[www.OldSchoolHack.de]_BF4 Multihack by xtreme2010 v1.5 2015-04-15 19:09 - 2015-01-23 20:15 - 00226680 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe 2015-04-15 19:09 - 2015-01-23 20:15 - 00214392 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2015-04-15 13:40 - 2014-12-25 05:33 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Steganos ==================== Files in the root of some directories ======= 2015-02-04 22:30 - 2015-02-04 23:17 - 0000132 _____ () C:\Users\Robin\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-02-18 14:23 - 2015-02-18 14:30 - 0000132 _____ () C:\Users\Robin\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen 2015-01-20 21:09 - 2015-01-20 21:14 - 98731008 _____ (MAGIX AG) C:\Users\Robin\AppData\Roaming\Video_Pro_X.exe 2015-03-10 03:12 - 2015-05-14 22:25 - 0000600 _____ () C:\Users\Robin\AppData\Roaming\winscp.rnd 2015-01-23 23:32 - 2015-01-23 23:32 - 10124389 _____ () C:\Users\Robin\AppData\Roaming\xulrunner.zip 2015-04-07 13:15 - 2015-04-07 13:15 - 0385602 _____ () C:\Users\Robin\AppData\Local\5D515C96_stp.CIS 2015-04-07 13:15 - 2015-04-07 13:15 - 0000220 _____ () C:\Users\Robin\AppData\Local\5D515C96_stp.CIS.part 2015-02-04 23:01 - 2015-02-04 23:01 - 0001456 _____ () C:\Users\Robin\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-02-03 15:41 - 2015-02-03 15:45 - 0001636 _____ () C:\Users\Robin\AppData\Local\Cracklock.settings 2015-04-06 19:40 - 2015-04-06 19:40 - 28579392 _____ (Sony Mobile Communications ) C:\Users\Robin\AppData\Local\pcc.exe 2015-04-14 16:46 - 2015-04-14 16:46 - 0008288 ____H () C:\Users\Robin\AppData\Local\Plugin.dat 2014-12-28 04:59 - 2015-03-09 13:09 - 0000600 _____ () C:\Users\Robin\AppData\Local\PUTTY.RND 2014-12-30 08:28 - 2014-12-30 08:28 - 0001568 _____ () C:\Users\Robin\AppData\Local\recently-used.xbel 2015-02-18 23:22 - 2015-04-20 00:38 - 0007653 _____ () C:\Users\Robin\AppData\Local\Resmon.ResmonCfg 2015-01-22 04:00 - 2015-01-22 04:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP: ==================== C:\Users\Robin\AppData\Local\Temp\jansi-64-git-Spigot-ea179b3-6e0120a-9048144003402991223.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-11 23:25 ==================== End Of Log ============================ --- --- --- --- --- --- GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-15 21:39:27
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003b Crucial_CT256MX100SSD1 rev.MU01 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\Robin\AppData\Local\Temp\pgldrpow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff960000d1900 15 bytes [00, 57, F4, 01, 40, 8F, 6E, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff960000d1910 11 bytes [00, 41, FC, FF, 00, 79, C7, ...]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtReplyWaitReceivePort 00007ffed7a91270 5 bytes JMP 00007fff57bc0460
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryObject 00007ffed7a912c0 1 byte JMP 00007fff57bc0450
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryObject + 2 00007ffed7a912c2 3 bytes {JMP 0xffffffff8012f190}
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenProcess 00007ffed7a91420 5 bytes JMP 00007fff57bc0370
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtReplyWaitReceivePortEx 00007ffed7a91470 5 bytes JMP 00007fff57bc0470
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtTerminateProcess 00007ffed7a91480 5 bytes JMP 00007fff57bc03e0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenSection 00007ffed7a91530 5 bytes JMP 00007fff57bc0320
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00007ffed7a91560 5 bytes JMP 00007fff57bc03b0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtDuplicateObject 00007ffed7a91580 5 bytes JMP 00007fff57bc0390
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenEvent 00007ffed7a915c0 5 bytes JMP 00007fff57bc02e0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateEvent 00007ffed7a91640 1 byte JMP 00007fff57bc02d0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateEvent + 2 00007ffed7a91642 3 bytes {JMP 0xffffffff8012ec90}
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateSection 00007ffed7a91660 5 bytes JMP 00007fff57bc0310
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateThread 00007ffed7a916a0 5 bytes JMP 00007fff57bc03c0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtTerminateThread 00007ffed7a916f0 5 bytes JMP 00007fff57bc03f0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtAddBootEntry 00007ffed7a91850 5 bytes JMP 00007fff57bc0230
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtAlpcSendWaitReceivePort 00007ffed7a91a40 5 bytes JMP 00007fff57bc0480
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtAssignProcessToJobObject 00007ffed7a91a70 5 bytes JMP 00007fff57bc03a0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateEventPair 00007ffed7a91b90 5 bytes JMP 00007fff57bc02f0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateIoCompletion 00007ffed7a91bb0 5 bytes JMP 00007fff57bc0350
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateMutant 00007ffed7a91c20 5 bytes JMP 00007fff57bc0290
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateSemaphore 00007ffed7a91cb0 5 bytes JMP 00007fff57bc02b0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateThreadEx 00007ffed7a91cd0 5 bytes JMP 00007fff57bc03d0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateTimer 00007ffed7a91ce0 5 bytes JMP 00007fff57bc0330
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtDebugActiveProcess 00007ffed7a91d90 5 bytes JMP 00007fff57bc0410
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtDeleteBootEntry 00007ffed7a91dc0 5 bytes JMP 00007fff57bc0240
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtLoadDriver 00007ffed7a920e0 5 bytes JMP 00007fff57bc01e0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtModifyBootEntry 00007ffed7a921a0 5 bytes JMP 00007fff57bc0250
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtNotifyChangeKey 00007ffed7a921d0 5 bytes JMP 00007fff57bc0490
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtNotifyChangeMultipleKeys 00007ffed7a921e0 5 bytes JMP 00007fff57bc04a0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenEventPair 00007ffed7a92210 5 bytes JMP 00007fff57bc0300
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenIoCompletion 00007ffed7a92220 5 bytes JMP 00007fff57bc0360
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenMutant 00007ffed7a92280 5 bytes JMP 00007fff57bc02a0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenSemaphore 00007ffed7a922d0 5 bytes JMP 00007fff57bc02c0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenThread 00007ffed7a92300 5 bytes JMP 00007fff57bc0380
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenTimer 00007ffed7a92310 5 bytes JMP 00007fff57bc0340
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueueApcThreadEx 00007ffed7a92620 5 bytes JMP 00007fff57bc0440
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetBootEntryOrder 00007ffed7a92820 5 bytes JMP 00007fff57bc0260
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetBootOptions 00007ffed7a92830 5 bytes JMP 00007fff57bc0270
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetContextThread 00007ffed7a92850 5 bytes JMP 00007fff57bc0400
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetSystemInformation 00007ffed7a92a30 5 bytes JMP 00007fff57bc01f0
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetSystemPowerState 00007ffed7a92a40 5 bytes JMP 00007fff57bc0210
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtShutdownSystem 00007ffed7a92ad0 5 bytes JMP 00007fff57bc0200
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSuspendProcess 00007ffed7a92b40 5 bytes JMP 00007fff57bc0420
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSuspendThread 00007ffed7a92b50 5 bytes JMP 00007fff57bc0430
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSystemDebugControl 00007ffed7a92b60 5 bytes JMP 00007fff57bc0220
.text C:\WINDOWS\system32\AUDIODG.EXE[9044] C:\WINDOWS\SYSTEM32\ntdll.dll!NtVdmControl 00007ffed7a92c70 5 bytes JMP 00007fff57bc0280
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [688:712] fffff960008a72d0
Thread C:\WINDOWS\system32\csrss.exe [688:764] fffff960008a72d0
---- Processes - GMER 2.1 ----
Library C:\Users\Robin\Desktop\FRST64.exe (*** suspicious ***) @ C:\Users\Robin\Desktop\FRST64.exe [8460] 00007ff62c380000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -2048185778
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Type 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Tag 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@ImagePath \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@DisplayName MBAMSwissArmy
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@Group FSFilter Activity Monitor
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy@WOW64 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances@DefaultInstance MBAMSwissArmy Instance
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances\MBAMSwissArmy Instance
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy\Instances\MBAMSwissArmy Instance@Flags 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 3567
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 1080
Reg HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters\Interfaces\{5BED5F8C-49FF-406A-BD76-DBC59A0395C1}@Dhcpv6MaxLeaseExpireTime 1431721965
Reg HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters\Interfaces\{5BED5F8C-49FF-406A-BD76-DBC59A0395C1}@Dhcpv6LeaseObtainedTime 1431716565
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\iexplore@Count 4
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\UnreadMail\*****@gmx.de@MessageCount 1
---- EOF - GMER 2.1 ----
Wusste nicht das, das hier schon alles schön unterteilt und in so einem Fenster dargestellt wird, sonst hätte ich das natürlich sofort gemacht! |
|
15.05.2015, 23:54
| #6 |
| | Remote Zugriff auf meinen Computer? FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2015 02
Ran by Robin at 2015-05-15 21:30:48
Running from C:\Users\Robin\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1346697615-2911746051-3580550801-500 - Administrator - Disabled)
Gast (S-1-5-21-1346697615-2911746051-3580550801-501 - Limited - Disabled)
Robin (S-1-5-21-1346697615-2911746051-3580550801-1001 - Administrator - Enabled) => C:\Users\Robin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{7330098c-3669-4f39-9e82-4221d489db39}) (Version: 1.4.828.0 - Futuremark)
3DMark (Version: 1.4.828.0 - Futuremark) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader 9 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
AlienFX For Tyon (HKLM-x32\...\InstallShield_{8FB6F9D4-D158-4D0B-B108-1839F6BE30BD}) (Version: 1.02.005 - Roccat GmbH)
AlienFX For Tyon (Version: 1.02.005 - Roccat GmbH) Hidden
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.7.8.1 - ASUSTek COMPUTER INC.) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield Heroes (HKLM-x32\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions)
Battlefield™ Hardline-Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Camtasia Studio 8 (HKLM-x32\...\{6BED66AA-1DC6-474B-AC70-205CC3A68A39}) (Version: 8.4.4.1859 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Cracklock 3.9.44 (HKLM-x32\...\Cracklock_is1) (Version: 3.9.44 - William Blum)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.4.83.1010 - Electronic Arts Inc.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
DriverEasy 4.9.0 (HKLM\...\DriverEasy_is1) (Version: 4.9.0.0 - Easeware)
DriverTools 1.0 (HKLM-x32\...\DriverTools) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Druckerdeinstallation für EPSON Universal Print Driver (HKLM\...\EPSON Universal Print Driver) (Version: - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON WF-2540 Series (HKLM\...\EPSON WF-2540 Series) (Version: - SEIKO EPSON Corporation)
DVS Video Downloader Addon for Mozilla Firefox version 4.3.4.17 (HKLM-x32\...\DVS Video Downloader Addon for Mozilla Firefox_is1) (Version: 4.3.4.17 - DVDVideoSoft Ltd.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio version 6.5.0.324 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.324 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{A7E0E8D0-2E06-428A-8A8A-83BFF0B4DFE6}) (Version: 4.34.498.0 - Futuremark)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
IntelliJ IDEA Community Edition 14.1.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 14.1.2) (Version: 141.713.2 - JetBrains s.r.o.)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.25 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Life is Feudal: Your Own (HKLM-x32\...\Steam App 290080) (Version: - Bitbox Ltd.)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MatheGrafix 10 (Version 10.3) (HKLM-x32\...\MatheGrafix 10_is1) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM-x32\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Firefox 37.0.2 (x86 de) (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
NBTExplorer (HKLM-x32\...\{7FDA6483-6CA9-4A9E-AED2-B8E894B159F0}) (Version: 2.7.5.0 - Justin Aquadro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.5.4 - Steganos Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.7 - Ihr Firmenname)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0014 - Roccat GmbH)
ROCCAT Tyon Mouse Driver (HKLM-x32\...\{27A9CD4B-AF7E-46FB-A7B5-AB549EB45C15}) (Version: - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Seilbahn Simulator 2014 (HKLM-x32\...\Seilbahn Simulator 2014) (Version: 1.0.4.232 - Z-Software GmbH)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steganos Privacy Suite 16 (HKLM-x32\...\{E5190609-65B6-40F7-9BC0-0DF56975EE41}) (Version: 16.1 - Steganos Software GmbH)
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
TERA (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\teraenmasse) (Version: - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
TweetDeck (HKLM-x32\...\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}) (Version: 3.3.7 - Twitter)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 11.1.0 - VMware, Inc)
VMware Workstation (Version: 11.1.0 - VMware, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSCP 5.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7 - Martin Prikryl)
Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, hxxp://www.wireshark.org)
World of Tanks (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2015-05-11 16:24 - 00000037 ____N C:\WINDOWS\system32\Drivers\etc\hosts
79.161.244.113 ayylmao911.no-ip.biz
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1313B26E-C538-4AD8-A78B-E49791352944} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {16228590-66D3-4635-9F92-82728F710DFB} - System32\Tasks\Opera scheduled Autoupdate 1421869461 => D:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software)
Task: {1BEB9A1A-292F-40D1-9CDB-DA1FEBFE66DE} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {25AC6909-5277-46F9-8262-45684D511132} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {281187D5-BB92-44B7-AEA0-53434F1A4CEE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {3A3C6020-B264-4848-8F9F-8DB5ECE58E3A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*****@LIVE.DE => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {487ECA99-5EC0-4796-9D98-1FA71C694F65} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {57FE33D9-1B04-4FF3-8448-29CD38E59D4B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5B3BBDA9-2F4B-4D34-9484-235FA15A5234} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {8396BE6B-828F-4BFB-AA6E-E0713CA4567C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-14] (Microsoft Corporation)
Task: {909FE887-9AEE-451D-B8CF-09FA14535F0D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {9128CA98-2E13-4A49-B221-E08C3D818B3E} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-09] (Avast Software s.r.o.)
Task: {98A9C564-BFD8-48B0-A581-D0DE63B33AD1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {D17A457D-216C-4C6C-BF74-6D883EB0DF1B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {DA6226B7-D6EA-46F7-97CE-1E87DE3A833F} - System32\Tasks\WINshell Event Notification => C:\Users\Robin\AppData\Local\Temp\SBCint2.exe <==== ATTENTION
Task: {FDF3D584-2913-4783-8267-28AAD7C2156C} - System32\Tasks\{38654DDD-3016-4641-B86E-10D605FA989E} => pcalua.exe -a C:\Users\Robin\AppData\Local\Temp\Temp1_GPUTweak_2_7_5_0.zip\GPUTweak_2_7_5_0.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-01-22 04:00 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-18 17:43 - 2014-01-28 05:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-01-23 20:15 - 2015-02-05 23:28 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-08-27 17:02 - 2014-08-27 17:02 - 00226656 _____ () C:\Program Files (x86)\Steganos Privacy Suite 16\ShellExtension.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () D:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-12-18 16:27 - 2014-12-18 16:27 - 00821600 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () D:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () D:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () D:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () D:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-15 21:28 - 2015-05-15 21:28 - 00050477 _____ () C:\Users\Robin\Downloads\Defogger.exe
2015-05-09 00:25 - 2015-05-09 00:25 - 00104400 _____ () D:\Program Files\AVAST Software\Avast\log.dll
2015-05-09 00:25 - 2015-05-09 00:25 - 00081728 _____ () D:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-15 14:08 - 2015-05-15 14:08 - 02929664 _____ () D:\Program Files\AVAST Software\Avast\defs\15051500\algo.dll
2015-05-15 20:24 - 2015-05-15 20:24 - 02929664 _____ () D:\Program Files\AVAST Software\Avast\defs\15051501\algo.dll
2015-03-18 17:43 - 2015-05-15 20:24 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-03-18 17:43 - 2012-05-08 09:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-12-18 16:25 - 2014-12-18 16:25 - 00031080 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00607376 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00059752 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00036216 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00080248 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 16:29 - 2014-12-18 16:29 - 00129376 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 16:31 - 2014-12-18 16:31 - 00223592 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-02-06 19:40 - 2015-02-06 19:40 - 01301696 _____ () D:\VMWare\libxml2.dll
2015-03-31 15:31 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-17 17:55 - 2015-03-17 17:55 - 40540672 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-02 16:43 - 2015-04-02 16:43 - 03348592 _____ () D:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-04-02 16:43 - 2015-04-02 16:43 - 00158832 _____ () D:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-04-02 16:43 - 2015-04-02 16:43 - 00023152 _____ () D:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-04-25 15:08 - 2015-04-25 15:08 - 00008704 _____ () C:\Users\Robin\AppData\Roaming\Thunderbird\Profiles\ywt3d8ua.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2013-11-01 11:47 - 2013-11-01 11:47 - 36625920 _____ () D:\Program Files (x86)\Twitter\TweetDeck\libcef.dll
2013-11-01 11:47 - 2013-11-01 11:47 - 00861184 _____ () D:\Program Files (x86)\Twitter\TweetDeck\ffmpegsumo.dll
2013-11-01 11:47 - 2013-11-01 11:47 - 00880640 _____ () D:\Program Files (x86)\Twitter\TweetDeck\libglesv2.dll
2013-11-01 11:47 - 2013-11-01 11:47 - 00102400 _____ () D:\Program Files (x86)\Twitter\TweetDeck\libegl.dll
2015-05-05 14:44 - 2014-05-11 15:26 - 00061440 _____ () D:\Program Files (x86)\ROCCAT\Tyon Mouse\hiddriver.dll
2015-05-05 14:44 - 2014-05-31 22:08 - 00061440 _____ () D:\Program Files (x86)\ROCCAT\Tyon Mouse\hiddriverW.dll
2015-02-06 19:40 - 2015-02-06 19:40 - 00366784 _____ () D:\VMWare\libldap_r.dll
2015-02-06 19:40 - 2015-02-06 19:40 - 00123072 _____ () D:\VMWare\liblber.dll
2015-02-06 19:40 - 2015-02-06 19:40 - 00070336 _____ () D:\VMWare\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Robin\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Robin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Robin\AppData\Local\Kn8SNkKS80PNR:35c7lFq2yO0s0TonDQRiLMrO1
AlternateDataStreams: C:\Users\Robin\AppData\Local\Temporary Internet Files:iSfAOiHs7JyByDYnXWf9m
AlternateDataStreams: C:\Users\Robin\AppData\Local\TVIzMmlBs2Lt:G5ucNonqpJr0FArT7K0kg
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Robin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\524e4cd3f2259edf11990619d487a210_large.png
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "SSS16 Chrome Autofill Relay"
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\StartupApproved\StartupFolder: => "PvW6oJvidyW7.lnk"
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\StartupApproved\Run: => "SSS16_Suite"
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\StartupApproved\Run: => "SSS16 Browser Monitor"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{C3D9781C-F1DB-4BD8-8873-8E33F865D3C2}C:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{89ED2797-815D-45B4-B489-BC360DEA4CF2}C:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{10A30E61-2413-41E8-8520-FA43B35D8772}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D49C3561-B91C-4462-9A73-703108070C64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2DE48BF3-91F5-4673-8962-907E67879FB8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C956FFD3-467E-448F-BE89-C7168E58B161}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DCAA91FF-B5AD-462E-A98B-424DD2865D71}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{382C56E0-7E19-4B7E-AFD8-4EED9394A938}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{371BF590-6440-4BCD-AB8C-3A85A389C176}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7815EE2B-8D89-406A-ADD7-602D819D4341}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DE8997BB-097F-4319-9E73-A45FD9D69A4D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F5DE36C2-027D-4E52-886F-3A4E019C12AF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{3180C1D9-90AC-40BB-A402-15D65EBEC340}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CF0EAEB7-0FBD-447D-8B93-00A877370959}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D185DB01-ED9B-4F1D-833A-69A9700FA739}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CA7D204A-D402-4A38-BC58-A6F91AD5883D}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8B45EBAE-6663-4E91-B3BC-C91A84E252CE}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1251899D-FE86-4F49-8DC9-815799965C22}D:\program files\android\android studio\bin\studio64.exe] => (Allow) D:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{F55EE90B-ACC8-4F03-9385-A76E87FCCD2A}D:\program files\android\android studio\bin\studio64.exe] => (Allow) D:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{0B45BA5F-5C8B-491C-8E29-3BA0EE40402D}C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3CBA4EC1-6854-4232-B6DD-82B731B8AA0D}C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{349670BC-2EBF-470B-80FA-130F053FE7F5}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CEC01357-954D-4446-AA55-DCC2712F928A}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A08FCA04-6D0B-4333-886D-0CE8108154D7}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{78ACECDB-F66B-4D1A-BACE-2D380E2BBC9D}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ACA6D6ED-7F13-4F4D-8C28-2CAA91863E68}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{59C02393-A2C3-4CE6-A3EB-5EC533F674F6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{2C9DAF3C-28DD-494D-B4A7-6CDDB056BF21}D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{676529EB-FA72-4546-9CAD-27CE0F8EE1DD}D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{583A44BC-703A-4CBC-AE33-F53517A6DC7F}D:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) D:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{51A71268-C041-4BF6-86EC-01F9F6D97C4F}D:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) D:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{88F3A3C0-ECF0-4246-84EF-8C6CB3CC4ED2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A79F813-C258-4824-802B-B903F9A8BCED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F15B095F-3785-45C4-9575-6456639D781A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{DFC8DF4E-5919-45A2-BB88-D6CECDCDD3B8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2134BAF4-B977-4547-86B5-95D324D59581}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{219621F3-16C0-4CCB-A8EC-8E28696956C6}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{9137BD1C-F31D-4A08-9244-7ECEC2AC3022}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{75967A31-9F09-44A5-905B-DC42DF36287C}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{126C818E-04E1-4022-BC9D-56D7D534101B}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{F76039F0-19AD-4738-ABD9-915245ACC44A}] => (Allow) LPort=8317
FirewallRules: [{77D147AE-EAC8-44C9-90F5-651F7F8988B0}] => (Allow) D:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{F01FEE96-FCE1-4D7F-89B8-0D89D975A90A}] => (Allow) D:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{2973F256-FBB6-41C3-9D98-AD43023CC2C5}] => (Allow) D:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{0C9846DB-4445-46A4-8566-67AFAE9229CA}] => (Allow) D:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{C50BB743-1A11-4543-8D60-5001C73D87E3}] => (Allow) D:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{F0E421AF-9F75-4569-8D22-C1A7D11AD33F}] => (Allow) D:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{66FC5826-9FD4-4CD8-96A9-16490DE7323E}] => (Allow) LPort=1689
FirewallRules: [{7455E8C0-050B-4700-9C75-568D47EB6D0F}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{631408CD-9840-48D5-AF92-F47DF1EDCD31}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{616E1A8D-AC91-4602-8500-E8A13CA3F65F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6C0D1886-22E7-4448-AB49-76EFC678D665}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{67888DD5-B394-4A1F-A545-AB733C466397}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E9ACA4FA-74D3-47CD-A43B-F0A229208699}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B785E8F7-D99C-4E57-83B8-4C028ED91A20}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{9A79F6FE-726D-408F-AC14-F77DF0CC020B}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{C66CDA0A-4091-45E6-B80F-7F3E36A02D3B}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{A6754897-2953-4B6C-96C9-A9581BBEE82C}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{D8FAE957-CD05-4AEF-BA34-A4268FDE7051}] => (Allow) D:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{D567E156-129A-4604-9144-F339B3DCC785}] => (Allow) D:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{63E1BDD9-B1A9-46B4-AA69-BFAFF93BEB4D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{029088AD-854C-4E2F-B2CA-13D9567876B8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{FD2EB53C-884C-48EB-A39A-5B66CDCDCE8A}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{367B63DF-172E-4F79-9CCE-4698543A5134}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AC002819-4175-4591-9C98-20D937DFA40F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C4286E71-DD44-40B9-B909-618D026032E2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{098A3BD1-406E-47AA-82B9-4D69A0F7EBAF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{019EED66-4968-4227-AC85-CCA58C285C0E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E3B6950E-1BDF-4946-BFC6-592A08927635}] => (Allow) D:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{B9E84CBF-CC0C-4DD9-9EDC-D1008B480BB8}] => (Allow) D:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{795050CC-A83A-4189-B2C7-C490E377645E}] => (Allow) D:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{00EFB275-8DB0-41D5-ACD2-887AFAACE82F}] => (Allow) D:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{1B322BC6-24E1-40FC-93A5-4DD4125D1795}] => (Allow) D:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{1A7AE6DB-F6E7-4E41-AF72-F0BB005F54C9}] => (Allow) D:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{8C93B361-8C4B-4BB7-9109-42F52C34DAD3}] => (Allow) D:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{255C34DD-6CD8-4C0C-9C59-5CC2DFA29604}] => (Allow) LPort=1689
FirewallRules: [{56459614-0648-4E56-B9BF-E9D8A739C345}] => (Allow) D:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{4C4CCC0F-041F-4E70-9850-1279E5D8DD42}] => (Allow) D:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [TCP Query User{3931B34A-8734-457C-928B-E107D84C5FF1}D:\program files\java\jdk1.8.0_25\bin\java.exe] => (Allow) D:\program files\java\jdk1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{324A563C-C505-4FD9-B5C9-E4154B1F6668}D:\program files\java\jdk1.8.0_25\bin\java.exe] => (Allow) D:\program files\java\jdk1.8.0_25\bin\java.exe
FirewallRules: [TCP Query User{D871231F-52A5-4863-9901-080E5FCB413A}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{7245B1EC-80B7-4DA7-973C-540A13A04C23}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [{331F415C-E9A4-4353-A3F7-0F5ACF4AB25D}] => (Allow) D:\Program Files (x86)\Seilbahn Simulator 2014\seilbahn.exe
FirewallRules: [{8E4E5A0D-569C-4E15-B7C6-C73F1D7F4C2C}] => (Allow) LPort=1688
FirewallRules: [{56C92A45-7654-4585-B6FF-C2AB8D8FD033}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{7150056F-BEE7-4C60-BE34-51C97F78F466}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{97A50DA8-B635-4F06-9172-F34941FF54F8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{CCEDCCE9-84FA-43D2-8B50-EADC3BCDA3FC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{EEF64062-6CF3-4AEC-8D4C-0B6BE10DA976}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72F5CC55-A199-4DA1-87BC-9EA4BF369CAA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9D4CC86C-5EE0-417F-B666-6BE5003EFC1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{690F46EB-B5AA-4C05-841F-21142B79478A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BD423C04-6123-4DCE-9D42-29D21490A2A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3E33C8DA-6868-4F88-B22B-CC66FD349BDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{AC95E5D0-15C2-443B-8718-98681068300C}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{830841EC-289F-43F2-B704-9514DA5509A5}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{551D37B0-B60C-4C02-A61D-41FE6CF6CC61}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{4F1CDB9D-1EA4-4A44-9238-2F1B014EF964}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{DBB834E3-B448-49ED-85F7-C0BE7DAF606D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{83F1649F-63F1-4DBA-9603-F0FE7FA67AC2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{D9F289EA-24DE-4EA2-B492-D2976E154B5D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{AD209B48-2AE5-48F5-81FE-58779A1EBE46}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{1C2E7CFE-EC7C-4DF4-AE27-204866E1881E}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{63D57C9F-072F-4F4A-9D89-9941977A7A20}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{FB22F062-0D1F-401E-99DF-6E627B567ACF}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{497986AB-A574-447F-B6B0-3831AB185B07}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{B5311AB5-1A42-4E37-AE2D-DF892871908D}D:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe
FirewallRules: [UDP Query User{A8A0D184-7BE5-4C73-9FAF-B15E64189E98}D:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe
FirewallRules: [{302925D5-3E2C-47AB-B646-AFB4F4F7BC8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BF5BDE1E-77BC-468A-B0AB-6A8A02F093C7}] => (Allow) LPort=2869
FirewallRules: [{A1A4EDAE-A544-4FED-89E0-1BB66E5F1137}] => (Allow) LPort=1900
FirewallRules: [{D6E56CE1-8A0F-4C7D-86A3-CB24D7B5B813}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7CF4E353-F796-4F43-84B0-40E6EEEFDE9A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{BFD2E59F-A587-4796-B434-A2B645FDA09E}] => (Block) %ProgramFiles% (x86)\Steganos Privacy Suite 16\Suite.exe
FirewallRules: [{B9DBEAF8-5F82-407E-924B-520BF3317625}] => (Block) %ProgramFiles% (x86)\Steganos Privacy Suite 16\Suite.exe
FirewallRules: [{B359AB5D-D46D-495C-B532-90F791F49115}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{0B204101-5149-4E42-B657-F82446716645}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [TCP Query User{50FFAC92-A41F-4FBB-B8F3-D8E22B86FEB8}D:\games\call of duty 2\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{8F6F8D97-75CE-41C4-91DE-E33E619EC323}D:\games\call of duty 2\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{37B94992-56C5-4E81-AEEF-BDC36A97A2E0}D:\program files\logitech gaming software\lcore.exe] => (Allow) D:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{FBC432CA-99FE-45F1-A3D2-D62B7CF4DA0E}D:\program files\logitech gaming software\lcore.exe] => (Allow) D:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{9A33BD83-C0EB-4DE6-8544-A42C1F7B0EA5}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{F0C54FC4-6906-465D-8EBD-D98068E7751B}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{C83727FC-0537-4BAA-B92F-9A11562A4222}D:\program files (x86)\eclipse\eclipse.exe] => (Allow) D:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [UDP Query User{D1E62D36-5E0E-42D9-969B-2AD50E533A55}D:\program files (x86)\eclipse\eclipse.exe] => (Allow) D:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [{A1E59FA5-3151-4EF3-8028-DDF852A7E360}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{D99A615F-C2A9-4504-8E5D-6E2D089C523D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [TCP Query User{3231A6E7-EFAE-4559-9C67-5D1E140A00CB}D:\program files\logitech gaming software\lcore.exe] => (Allow) D:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{3229A433-B4F6-44EA-80BC-EC110C8B2068}D:\program files\logitech gaming software\lcore.exe] => (Allow) D:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{C60603C3-BCC0-4F3D-98C9-33EB220AFDF7}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{C2994ABC-5B7C-4983-AEFC-3E9DE8C370F0}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{B57A7F84-440C-4803-86D0-45EB5A461C31}C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{BB018175-2856-4D05-BDFD-71DE66B18997}C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{D7B33E8C-1B99-4433-8B20-328B4FEA4A31}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{10B33304-4A9D-4160-B412-42B7854827AB}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [{BFC85AA3-F5C4-46B6-AEFD-B869E56F4517}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{F8614B0C-51DF-4D04-A6E3-279A7761126B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{23569305-FAA3-4B77-B518-658A47D6A33F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{20BFCC01-A362-4F5A-B6EB-FE38E3EC64CF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{D60448B3-34B1-4856-8110-BA75BDC94C5C}C:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{50BCE108-0CEB-495D-B98D-1EB35E8B0AF8}C:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{A0136E51-EC4E-49EF-BBBD-CD0BFB5A855E}D:\program files (x86)\eclipse\eclipse.exe] => (Allow) D:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [UDP Query User{ECC4BC66-6507-4550-958E-70488CA70FD9}D:\program files (x86)\eclipse\eclipse.exe] => (Allow) D:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [TCP Query User{C4586228-1483-474D-88B3-8F3D5C51BD3B}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{3A19C1A8-2643-40EB-9C66-979AB36E432E}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{A5ACB55C-BEE7-4DFF-8D2D-8A6D89CB7EB7}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{D54815A0-7BD2-4039-A370-0FD30C7A3114}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{92390445-3F69-4833-B95A-8CAF3D7C3EE8}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{46B756D3-0035-40E9-8691-505D63979D60}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{61E5D1EB-601C-46AC-BD42-A9B233762298}] => (Allow) D:\VMWare\vmware-authd.exe
FirewallRules: [{0B8DA663-E0C5-44D9-9B76-55D07820F4C8}] => (Allow) D:\VMWare\vmware-authd.exe
FirewallRules: [{D9CE8353-500A-43A3-813F-56EBA39E3728}] => (Allow) D:\VMWare\vmware-hostd.exe
FirewallRules: [{A32FE0BA-E15D-477E-B4FB-67B729D8E348}] => (Allow) D:\VMWare\vmware-hostd.exe
FirewallRules: [TCP Query User{48004ABA-A0A3-492F-9D30-4A97877DE240}C:\program files\java\jre1.8.0_40\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\java.exe
FirewallRules: [UDP Query User{B8A8E2EF-A96E-4F8E-BAC5-DC561826F696}C:\program files\java\jre1.8.0_40\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\java.exe
FirewallRules: [{AE3327C2-2E37-41B1-B223-AF93F72E4567}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2566949C-00CE-4A45-9417-68D6C28CFADF}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{83AB1E83-D97D-47CD-B4F5-28F8972309FF}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2837A983-7F04-47A6-A1CB-14DF45DB3C81}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{E8796002-51B6-4FEC-9FE2-E1F26D8EDF0C}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{45F3E8A5-5247-4D7C-B7C3-F35B165C32FB}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B286F957-792D-4289-9EAF-D882DA04530E}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7F5E7DC6-A79B-4147-9524-E1F54509D620}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6CCE9428-9819-4EB3-B579-6432BDE882AE}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D3A8C183-0A2E-44E9-85B2-C2993646251B}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04BBBB2A-30B1-4DA0-B7FF-2AE90EA41C0D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{E3090A9D-8EFC-475A-8705-2810B9263478}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F6032297-41DD-4555-9C27-D1DFA828FECE}] => (Allow) D:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{AB8DFFFA-A1E6-4636-B9FB-E19507A2D9C1}] => (Allow) D:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{77F88E78-B103-4564-928B-42D57D2006A2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4448DCDF-A62B-46E4-B9F1-00B573D16217}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{88767EF3-2C54-4600-855D-A4C70F907DB8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{10E5B9DB-6C46-4E9E-8DCC-8E8618ED08F3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{8669F262-DFC9-42AB-BFB9-C5EFDE6CB72D}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{D83C2ABD-7F50-42FD-A022-7C430AA7038A}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{BE2EBF41-654F-4DCB-A648-50A86DA1BA95}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{4879F9A6-65C3-407E-AE00-E05551ABABD9}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{6FEC00A4-0B0C-4C5B-95D4-02DB76728B32}] => (Allow) C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DBF9EFD6-E266-4524-918B-6E6F7AB01F7A}] => (Allow) C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E5835C0B-42A3-4C00-8127-72094C2D8319}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{B03C23CC-23F6-4FD8-A289-D432EBD26E65}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{BC0AD5FF-C121-45B1-B5B8-FEA6A5EB1A0F}D:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) D:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{C0C060CB-3C03-4BA1-A2C3-4D1AC243ABA4}D:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) D:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{3E3A35CE-2DBA-4A2B-90F8-77982AA19004}D:\program files (x86)\jetbrains\intellij idea community edition 14.1.2\bin\idea.exe] => (Allow) D:\program files (x86)\jetbrains\intellij idea community edition 14.1.2\bin\idea.exe
FirewallRules: [UDP Query User{77C17DFE-983B-47C0-8479-60BABFEED058}D:\program files (x86)\jetbrains\intellij idea community edition 14.1.2\bin\idea.exe] => (Allow) D:\program files (x86)\jetbrains\intellij idea community edition 14.1.2\bin\idea.exe
FirewallRules: [TCP Query User{AA64BBD8-995A-45FE-8162-297E730301E8}D:\program files (x86)\nmap\nmap.exe] => (Allow) D:\program files (x86)\nmap\nmap.exe
FirewallRules: [UDP Query User{92C20523-D8BA-47BE-8F1E-EB672BDFB26B}D:\program files (x86)\nmap\nmap.exe] => (Allow) D:\program files (x86)\nmap\nmap.exe
FirewallRules: [TCP Query User{22A01B71-F968-4CA8-ACF2-9ABF35FC9233}D:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) D:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{76EF4CE1-0CB9-4781-8D4E-F45F00339FB4}D:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) D:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{3452B5AF-C671-4736-A36B-D986FE46DCA2}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3ECE448E-20FC-421E-940A-CD08E87AD426}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{59B45D51-AC99-4BC9-9967-3940E2684563}] => (Allow) C:\Users\Robin\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
FirewallRules: [{F12124A2-D1D5-4B56-8FC8-E0A78E027F22}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{93BD11E9-F3B6-4C6B-9373-4968D3FEB0B6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{10E77280-0D8E-41B3-93EA-5C0E63B2A356}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/15/2015 09:30:39 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/15/2015 09:30:38 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/15/2015 09:29:39 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/15/2015 09:29:38 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/15/2015 09:28:40 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/15/2015 09:25:39 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung Fehler in der Wiederherstellungsphase. beendet.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/15/2015 09:25:39 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Fehler-ID 1邐10 in der Wiederherstellungsphase von Windows Search. Bitte starten Sie den Dienst erneut. Wenn dieser Fehler weiterhin besteht, führen Sie eine Neuerstellung des Index aus.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/15/2015 09:11:39 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung Fehler in der Wiederherstellungsphase. beendet.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/15/2015 09:11:39 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Fehler-ID 1邐10 in der Wiederherstellungsphase von Windows Search. Bitte starten Sie den Dienst erneut. Wenn dieser Fehler weiterhin besteht, führen Sie eine Neuerstellung des Index aus.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/15/2015 09:04:40 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung Fehler in der Wiederherstellungsphase. beendet.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
System errors:
=============
Error: (05/15/2015 09:30:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 136 Mal passiert.
Error: (05/15/2015 09:30:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Error: (05/15/2015 09:30:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 135 Mal passiert.
Error: (05/15/2015 09:30:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Error: (05/15/2015 09:29:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 134 Mal passiert.
Error: (05/15/2015 09:29:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Error: (05/15/2015 09:29:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 133 Mal passiert.
Error: (05/15/2015 09:29:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Error: (05/15/2015 09:28:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 132 Mal passiert.
Error: (05/15/2015 09:28:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Microsoft Office Sessions:
=========================
Error: (05/15/2015 09:30:39 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/15/2015 09:30:38 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/15/2015 09:29:39 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/15/2015 09:29:38 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/15/2015 09:28:40 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/15/2015 09:25:39 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
Fehler in der Wiederherstellungsphase.
Error: (05/15/2015 09:25:39 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
1邐10
Error: (05/15/2015 09:11:39 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
Fehler in der Wiederherstellungsphase.
Error: (05/15/2015 09:11:39 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
1邐10
Error: (05/15/2015 09:04:40 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
Fehler in der Wiederherstellungsphase.
CodeIntegrity Errors:
===================================
Date: 2015-05-09 00:42:27.517
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:27.325
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:27.130
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.945
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.747
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.185
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.005
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:25.827
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 85%
Total physical RAM: 8135.08 MB
Available physical RAM: 1143.82 MB
Total Pagefile: 13255.08 MB
Available Pagefile: 5257.97 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:226.03 GB) (Free:97.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:425.71 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 068D7676)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=226 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C8E34EA2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
16.05.2015, 12:01
| #7 | |
| /// TB-Ausbilder | Remote Zugriff auf meinen Computer?Zitat:
Supportunterbrechung Lesestoff:Cracks und Keygens Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert. Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, da wir ein solches Vorgehen nicht unterstützen. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
16.05.2015, 17:26
| #8 |
| | Remote Zugriff auf meinen Computer? Oh ja mit CrackLock hatte ich mal gearbeitet habe ich anscheinend nicht entfernt und KMS sollte schon lange net mehr aufm PC sein gut zu wissen. Habe beides entfernt hier die neuen Logs: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by Robin (administrator) on INVALID on 16-05-2015 18:22:03
Running from C:\Users\Robin\Desktop\FRST
Loaded Profiles: Robin (Available profiles: Robin)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(VMware, Inc.) D:\VMWare\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Avast Software) D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) D:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\Robin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
(ROCCAT GmbH Co., Ltd.) D:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Twitter) D:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe
(Twitter) D:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe
(Joyent, Inc) C:\Users\Robin\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 16\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 16\fredirstarter.exe
(Twitter) D:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe
(VMware, Inc.) D:\VMWare\vmware-tray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ROCCAT GmbH) D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitor.exe
(ROCCAT GmbH) D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitorW.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
() D:\Program Files (x86)\eclipse\eclipse.exe
(Oracle Corporation) D:\Program Files\Java\jre1.8.0_45\bin\javaw.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Oracle Corporation) C:\Users\Robin\AppData\Roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
(Oracle Corporation) C:\Users\Robin\AppData\Roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => D:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 16\SteganosHotKeyService.exe [102400 2014-10-29] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS16 Chrome Autofill Relay] => C:\Program Files (x86)\Steganos Privacy Suite 16\passwordmanagercom.exe [481232 2014-10-29] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS16 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 16\fredirstarter.exe [17920 2014-10-29] (Steganos Software GmbH)
HKLM-x32\...\Run: [vmware-tray.exe] => D:\VMWare\vmware-tray.exe [114368 2015-02-06] (VMware, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM-x32\...\Run: [RoccatTyon] => D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitor.EXE [557056 2015-01-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatTyonW] => D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitorW.EXE [557056 2015-01-12] (ROCCAT GmbH)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,userinit.exe,
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [Spotify Web Helper] => C:\Users\Robin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-23] (Spotify Ltd)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [SSS16_Suite] => C:\Program Files (x86)\Steganos Privacy Suite 16\Suite.exe [2714032 2014-10-29] (Steganos Software GmbH)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [SSS16 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 16\SteganosBrowserMonitor.exe [74240 2014-10-29] (Steganos Software GmbH)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [Spotify] => C:\Users\Robin\AppData\Roaming\Spotify\Spotify.exe [7168568 2015-04-23] (Spotify Ltd)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6590888 2015-05-08] (Steganos Software GmbH)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\MountPoints2: {aa910471-dc82-11e4-8286-ac9e17edb1ca} - "G:\startme.exe"
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
IFEO\ultiman.exe: [Debugger] cmd.exe
IFEO\utilman.exe: [Debugger] c:\windows\system32\cmd.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-05-05]
ShortcutTarget: Roccat Talk.lnk -> D:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2015-01-31]
ShortcutTarget: Mozilla Thunderbird.lnk -> D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TweetDeck.lnk [2015-01-31]
ShortcutTarget: TweetDeck.lnk -> D:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe (Twitter)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-1346697615-2911746051-3580550801-1001] => hxxp://127.0.0.1:8445/okf.pac
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-20] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-20] (Avast Software s.r.o.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Hosts: 79.161.244.113 ayylmao911.no-ip.biz
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-22] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> D:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> D:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-22] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: YouTube Unblocker - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\youtubeunblocker@unblocker.yt [2015-04-15]
FF Extension: Ciuvo Price Comparison - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\extension@ciuvo.com.xpi [2015-04-15]
FF Extension: MEGA EXTENSION - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\firefox@mega.co.nz.xpi [2015-04-15]
FF Extension: NoScript - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-04-15]
FF Extension: Adblock Plus - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-15]
FF Extension: OkayFreedom - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2015-05-11]
FF Extension: Greasemonkey - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-22]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 16\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 16\spmplugin3 [2015-02-19]
FF HKLM-x32\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2015-04-07]
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-21]
CHR Extension: (Google Docs) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-21]
CHR Extension: (Google Drive) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-21]
CHR Extension: (MEGA) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-03-23]
CHR Extension: (YouTube) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-21]
CHR Extension: (Adblock Plus) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-17]
CHR Extension: (Google Search) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-21]
CHR Extension: (Tampermonkey) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-05-11]
CHR Extension: (Google Sheets) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-21]
CHR Extension: (Bookmark Manager) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
CHR Extension: (Avast Online Security) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-23]
CHR Extension: (Google Wallet) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-23]
CHR Extension: (Gmail) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - D:\Program Files (x86)\Opera\Launcher.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2014-01-28] ()
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)
R2 avast! Firewall; D:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-09] (Avast Software s.r.o.)
R3 AvastVBoxSvc; D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-09] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-05] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [237864 2015-03-06] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 Futuremark SystemInfo Service; D:\Program Files\Futuremark\FMSISvc.exe [614624 2015-02-09] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HTCMonitorService; D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S2 MBAMScheduler; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [330168 2015-05-08] (Steganos Software GmbH)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-01-30] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-02-05] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 VMAuthdService; D:\VMWare\vmware-authd.exe [87744 2015-02-06] (VMware, Inc.)
S3 VMwareHostd; D:\VMWare\vmware-hostd.exe [12730048 2015-02-06] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-09] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-04-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SLEE_19_DRIVER; C:\WINDOWS\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Remus - ArchiCrypt - )
S3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-09] (Avast Software)
R3 VHidXInput; C:\Windows\System32\drivers\VXInput.sys [7424 2014-08-13] (Windows (R) Win 7 DDK provider)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 cpuz138; \??\C:\WINDOWS\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]
S4 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]
S3 WinDivert1.1; \??\D:\Program Files\KMSpico\WinDivert.sys [X]
U3 pgldrpow; \??\C:\Users\Robin\AppData\Local\Temp\pgldrpow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-16 01:26 - 2015-05-16 01:26 - 00052586 _____ () C:\Users\Robin\Downloads\840-271043-IPResolver.rar
2015-05-15 21:33 - 2015-05-15 21:33 - 00380416 _____ () C:\Users\Robin\Downloads\Gmer-19357.exe
2015-05-15 21:32 - 2015-05-16 18:22 - 00000000 ____D () C:\Users\Robin\Desktop\FRST
2015-05-15 21:29 - 2015-05-15 21:29 - 02106368 _____ (Farbar) C:\Users\Robin\Downloads\FRST64.exe
2015-05-15 21:29 - 2015-05-15 21:29 - 00000000 ____D () C:\Users\Robin\Desktop\FRST-OlderVersion
2015-05-15 20:24 - 2015-05-16 13:15 - 00000580 _____ () C:\WINDOWS\setupact.log
2015-05-15 20:24 - 2015-05-15 20:24 - 00001828 _____ () C:\WINDOWS\PFRO.log
2015-05-15 20:24 - 2015-05-15 20:24 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-15 19:49 - 2015-05-15 20:24 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-15 19:49 - 2015-05-15 19:49 - 00000829 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-15 19:49 - 2015-05-15 19:49 - 00000829 _____ () C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-15 19:49 - 2015-05-15 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-15 19:49 - 2015-05-15 19:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-15 19:49 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-05-15 19:49 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-15 19:49 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-15 19:48 - 2015-05-15 19:49 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Robin\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-15 19:36 - 2015-05-15 19:36 - 00000112 _____ () C:\WINDOWS\system32\snetcfg.log
2015-05-15 14:50 - 2015-05-15 14:50 - 21552180 _____ () C:\Users\Robin\Downloads\spigot-1.8.3-R0.1-SNAPSHOT-latest(2).jar
2015-05-15 01:06 - 2015-05-15 01:06 - 00000000 ____D () C:\Users\Robin\DownloadsR3CSS
2015-05-15 00:26 - 2015-05-15 00:26 - 02592768 _____ () C:\Users\Robin\Downloads\502022.exe
2015-05-15 00:18 - 2015-05-15 00:18 - 00038912 _____ () C:\Users\Robin\Downloads\ESP3_[www.unknowncheats.me]_.dll
2015-05-14 15:39 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 15:39 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 13:59 - 2015-05-14 13:59 - 01508908 _____ () C:\Users\Robin\Downloads\gamehacker01.apk
2015-05-13 19:07 - 2015-05-13 19:07 - 96647698 _____ () C:\Users\Robin\Downloads\DNJKXCsadyuift6743wyre.rar
2015-05-13 16:48 - 2015-05-13 16:48 - 00000887 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-05-13 16:48 - 2015-05-13 16:48 - 00000887 _____ () C:\ProgramData\Desktop\FileZilla Client.lnk
2015-05-13 16:48 - 2015-05-13 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-05-13 16:47 - 2015-05-13 16:47 - 06420600 _____ (Tim Kosse) C:\Users\Robin\Downloads\FileZilla_3.10.3_win64-setup [1].exe
2015-05-13 13:44 - 2015-05-13 13:44 - 00009769 _____ () C:\Users\Robin\Downloads\MoreHearts_V2.1.2.jar
2015-05-13 13:14 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 13:14 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 13:14 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 13:14 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 13:14 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 13:14 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 13:14 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 13:14 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 13:14 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 13:14 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 13:14 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 13:14 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 13:14 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 13:14 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 13:14 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 13:14 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 13:14 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 13:14 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 13:14 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 13:14 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 13:14 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 13:14 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 13:14 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 13:14 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 13:14 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 13:14 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 13:14 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 13:14 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 13:14 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 13:14 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 13:14 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 13:14 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 13:14 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 13:14 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 13:14 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 13:14 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 13:14 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 13:14 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 13:14 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 13:14 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 13:14 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 13:14 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 13:14 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 13:14 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 13:14 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 13:14 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 13:14 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 13:14 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 13:14 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 13:14 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 13:14 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 13:14 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 13:14 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 13:14 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 13:14 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 13:14 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 13:14 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 13:14 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 13:14 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 13:14 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 13:14 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 13:14 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 13:14 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 13:14 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 13:14 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 13:14 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 13:14 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 13:14 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 13:14 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 13:14 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 13:14 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 13:14 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 13:14 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 13:14 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 13:14 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 13:14 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 13:14 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 13:14 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-12 23:32 - 2015-05-12 23:32 - 00000809 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-12 23:32 - 2015-05-12 23:32 - 00000809 _____ () C:\ProgramData\Desktop\VLC media player.lnk
2015-05-12 23:32 - 2015-05-12 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-05-12 23:31 - 2015-05-12 23:31 - 28849904 _____ () C:\Users\Robin\Downloads\vlc-2.2.1-win32.exe
2015-05-12 20:52 - 2015-05-12 20:54 - 00008037 _____ () C:\Users\Robin\Desktop\pexback.txt
2015-05-12 19:49 - 2015-05-12 19:49 - 00062738 _____ () C:\Users\Robin\Downloads\Signs.jar
2015-05-12 16:06 - 2015-05-12 16:06 - 00005668 _____ () C:\Users\Robin\Downloads\TPC.jar
2015-05-11 20:28 - 2015-05-16 18:08 - 01689710 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-11 20:04 - 2015-05-11 20:04 - 00001152 _____ () C:\Users\Public\Desktop\OkayFreedom.lnk
2015-05-11 20:04 - 2015-05-11 20:04 - 00001152 _____ () C:\ProgramData\Desktop\OkayFreedom.lnk
2015-05-11 18:05 - 2015-05-11 18:05 - 00295492 _____ () C:\Users\Robin\Downloads\Vault(1).jar
2015-05-10 18:03 - 2015-05-10 18:03 - 00161622 _____ () C:\Users\Robin\Downloads\Bedwars.jar
2015-05-10 17:26 - 2015-05-11 18:14 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\BRvmkth8tn
2015-05-10 17:26 - 2015-05-10 22:26 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\6483B38F-21FD-4E83-933B-7960BAE72B93
2015-05-10 17:15 - 2015-05-10 17:36 - 00000000 ____D () C:\Users\Robin\Desktop\LELO
2015-05-10 16:18 - 2015-05-10 16:18 - 00320143 _____ () C:\Users\Robin\Downloads\Multiverse-Inventories-2.5.jar
2015-05-10 14:03 - 2015-05-10 14:03 - 00072774 _____ () C:\Users\Robin\Downloads\ClickWarp_v1.3.5.jar
2015-05-10 13:15 - 2015-05-10 13:15 - 00069814 _____ () C:\Users\Robin\Downloads\NametagEdit(1).jar
2015-05-10 12:55 - 2015-05-10 12:55 - 00018694 _____ () C:\Users\Robin\Downloads\Votifier.jar
2015-05-09 23:47 - 2015-05-09 23:48 - 00000000 ____D () C:\Users\Robin\AppData\Local\Arma 3 Launcher
2015-05-09 23:24 - 2015-05-09 23:24 - 00069814 _____ () C:\Users\Robin\Downloads\NametagEdit.jar
2015-05-09 23:00 - 2015-05-09 23:00 - 00141230 _____ () C:\Users\Robin\Downloads\Jobs(1).jar
2015-05-09 22:48 - 2015-05-09 22:48 - 00337004 _____ () C:\Users\Robin\Downloads\Vault-1.4.1.jar
2015-05-09 22:23 - 2015-05-09 22:23 - 00994563 _____ () C:\Users\Robin\Downloads\Citizens(1).jar
2015-05-09 21:51 - 2015-05-09 21:51 - 00080090 _____ () C:\Users\Robin\Downloads\ucars.jar
2015-05-09 21:49 - 2015-05-09 21:49 - 00557989 _____ () C:\Users\Robin\Downloads\pvparena-1.0.jar
2015-05-09 21:49 - 2015-05-09 21:49 - 00064499 _____ () C:\Users\Robin\Downloads\RewardMe.jar
2015-05-09 21:46 - 2015-05-09 21:46 - 00388562 _____ () C:\Users\Robin\Downloads\MobArena.jar
2015-05-09 21:45 - 2015-05-09 21:45 - 00043355 _____ () C:\Users\Robin\Downloads\Lift.jar
2015-05-09 21:44 - 2015-05-09 21:44 - 00045577 _____ () C:\Users\Robin\Downloads\JumpBlocks.jar
2015-05-09 21:43 - 2015-05-09 22:58 - 00144443 _____ () C:\Users\Robin\Downloads\Jobs.jar
2015-05-09 21:41 - 2015-05-09 21:41 - 00023155 _____ () C:\Users\Robin\Downloads\InfiniteDispensersAndDroppers.jar
2015-05-09 21:40 - 2015-05-09 21:40 - 00020826 _____ () C:\Users\Robin\Downloads\HolographicDisplaysPatch.jar
2015-05-09 21:39 - 2015-05-09 21:39 - 00005600 _____ () C:\Users\Robin\Downloads\GiftBox.jar
2015-05-09 21:37 - 2015-05-09 21:37 - 00087914 _____ () C:\Users\Robin\Downloads\FoundDiamonds.jar
2015-05-09 21:36 - 2015-05-09 21:36 - 00030467 _____ () C:\Users\Robin\Downloads\EXPBank.jar
2015-05-09 21:34 - 2015-05-09 21:34 - 00999688 _____ () C:\Users\Robin\Downloads\EchoPet-v2.5.0.jar
2015-05-09 21:34 - 2015-05-09 21:34 - 00061365 _____ () C:\Users\Robin\Downloads\EasyJetpack-1.3.jar
2015-05-09 21:33 - 2015-05-09 21:33 - 00005484 _____ () C:\Users\Robin\Downloads\ClearChat.jar
2015-05-09 21:27 - 2015-05-09 21:27 - 00464787 _____ () C:\Users\Robin\Downloads\LWC(1).jar
2015-05-09 20:32 - 2015-05-09 20:32 - 00796070 _____ () C:\Users\Robin\Downloads\BanManager.jar
2015-05-09 20:24 - 2015-05-09 20:24 - 00021939 _____ () C:\Users\Robin\Downloads\1.8NameTags.jar
2015-05-09 19:55 - 2015-05-09 19:55 - 00142677 _____ () C:\Users\Robin\Downloads\BlockHunt_v0.2.0_BETA_B5.jar
2015-05-09 19:54 - 2015-05-09 19:54 - 00236210 _____ () C:\Users\Robin\Downloads\LibsDisguises.jar
2015-05-09 19:38 - 2015-05-09 19:38 - 00061445 _____ () C:\Users\Robin\Downloads\DolphinSpleef.jar
2015-05-09 19:24 - 2015-05-09 19:26 - 00040697 _____ () C:\Users\Robin\Downloads\KillCounter.jar
2015-05-09 19:01 - 2015-05-09 19:01 - 00384921 _____ () C:\Users\Robin\Downloads\CustomSpawners.jar
2015-05-09 19:00 - 2015-05-09 19:01 - 00959115 _____ () C:\Users\Robin\Downloads\Citizens.jar
2015-05-09 18:49 - 2015-05-09 18:49 - 00778914 _____ () C:\Users\Robin\Downloads\NoCheatPlus(3).jar
2015-05-09 18:48 - 2015-05-09 18:48 - 00079410 _____ () C:\Users\Robin\Downloads\TagAPI(1).jar
2015-05-09 18:38 - 2015-05-09 18:38 - 00156171 _____ () C:\Users\Robin\Downloads\SurvivalGamesPlus.jar
2015-05-09 18:36 - 2015-05-09 18:36 - 00128587 _____ () C:\Users\Robin\Downloads\PortableHorses.jar
2015-05-09 18:36 - 2015-05-09 18:36 - 00052259 _____ () C:\Users\Robin\Downloads\LagMeter.jar
2015-05-09 18:34 - 2015-05-09 18:34 - 00078240 _____ () C:\Users\Robin\Downloads\HealthBar.jar
2015-05-09 18:33 - 2015-05-09 18:33 - 00008495 _____ () C:\Users\Robin\Downloads\iControlU.jar
2015-05-09 18:31 - 2015-05-09 18:31 - 01315785 _____ () C:\Users\Robin\Downloads\ProtocolLib-3.4.0.jar
2015-05-09 17:12 - 2015-05-09 17:14 - 00000000 ____D () C:\Users\Robin\Desktop\McCracked
2015-05-09 00:25 - 2015-05-09 00:25 - 00449896 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-05-09 00:25 - 2015-05-09 00:25 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-05-09 00:25 - 2015-05-09 00:25 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-05-07 20:21 - 2015-05-07 20:21 - 21552180 _____ () C:\Users\Robin\Downloads\spigot-1.8.3-R0.1-SNAPSHOT-latest(1).jar
2015-05-07 20:11 - 2015-05-07 20:12 - 00391418 _____ () C:\Users\Robin\Downloads\craftconomy3-3.1.6.jar
2015-05-07 19:55 - 2015-05-07 19:55 - 02804018 _____ () C:\Users\Robin\Downloads\craftconomy3-3.2.2-20150426.141214-9.jar
2015-05-07 17:27 - 2015-05-07 17:27 - 02803105 _____ () C:\Users\Robin\Downloads\craftconomy3-3.2.1.jar
2015-05-07 17:19 - 2015-05-07 17:19 - 00034852 _____ () C:\Users\Robin\Downloads\mwmoney.jar
2015-05-06 19:16 - 2015-05-06 19:16 - 00325807 _____ () C:\Users\Robin\Downloads\Multiverse-Core-2.4(1).jar
2015-05-06 19:01 - 2015-05-06 19:01 - 00079986 _____ () C:\Users\Robin\Downloads\ChatEx(2).jar
2015-05-06 18:43 - 2015-05-06 18:43 - 00724333 _____ () C:\Users\Robin\Downloads\PermissionsEx-1.23.2.jar
2015-05-06 18:20 - 2015-05-06 18:20 - 00934263 _____ () C:\Users\Robin\Downloads\OptiFine_1.8.3_HD_U_D3.jar
2015-05-06 18:04 - 2015-05-06 18:05 - 09601387 _____ () C:\Users\Robin\Downloads\world.rar
2015-05-06 17:58 - 2015-05-06 17:58 - 21550052 _____ () C:\Users\Robin\Downloads\spigot-1.8.3-R0.1-SNAPSHOT-latest.jar
2015-05-06 17:57 - 2015-05-06 17:57 - 00849775 _____ () C:\Users\Robin\Downloads\spigot-api-1.8.3-R0.1-SNAPSHOT-latest.jar
2015-05-06 16:26 - 2015-05-06 16:26 - 00166222 _____ () C:\Users\Robin\Downloads\iConomy(2).jar
2015-05-06 13:31 - 2015-05-06 13:32 - 00000000 ____D () C:\Users\Robin\Desktop\MeynPvP
2015-05-05 22:51 - 2015-05-12 23:32 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\vlc
2015-05-05 15:55 - 2015-05-05 15:55 - 00003572 _____ () C:\Users\Robin\Downloads\easystack.jar
2015-05-05 14:44 - 2015-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
2015-05-04 21:27 - 2015-04-27 12:55 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-05-04 21:27 - 2015-04-27 12:55 - 00207272 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-05-04 21:27 - 2015-04-27 12:55 - 00206760 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-05-04 21:26 - 2015-05-04 21:26 - 31239592 _____ (Oracle Corporation) C:\Users\Robin\Downloads\jre-7u80-windows-x64.exe
2015-05-04 20:43 - 2015-05-04 20:43 - 00087222 _____ () C:\Users\Robin\Downloads\SimpleBroadcast.jar
2015-05-04 20:30 - 2015-05-04 20:30 - 20610577 _____ () C:\Users\Robin\Downloads\spigot-1.7.10-SNAPSHOT-b1657.jar
2015-05-03 22:18 - 2015-05-03 22:19 - 19503694 _____ () C:\Users\Public\spigot1659.jar
2015-05-03 21:56 - 2015-05-03 21:56 - 00003192 _____ () C:\Users\Robin\Downloads\permissions (2).yml
2015-05-03 19:06 - 2015-05-03 19:06 - 00035573 _____ () C:\Users\Robin\Downloads\ChatLib_v1.2.jar
2015-05-02 16:32 - 2015-05-02 16:32 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Software Tool
2015-05-01 01:01 - 2015-05-01 01:01 - 00125403 _____ () C:\Users\Robin\Downloads\SAPPlugin-0.9.35-SNAPSHOT.jar
2015-04-30 16:35 - 2015-04-30 17:20 - 00000000 ____D () C:\Users\Robin\.zenmap
2015-04-30 16:35 - 2015-04-30 16:35 - 00000000 ____D () C:\Program Files\WinPcap
2015-04-30 16:34 - 2015-04-30 16:34 - 27111830 _____ (Insecure.org) C:\Users\Robin\Downloads\nmap-6.47-setup.exe
2015-04-28 22:02 - 2015-04-28 22:04 - 00000000 ____D () C:\Users\Robin\Desktop\JTS3ServerMod_5.4.2
2015-04-27 20:58 - 2015-01-24 16:46 - 01568433 _____ () C:\Users\Public\worldedit-bukkit-6.0.jar
2015-04-27 20:58 - 2015-01-20 20:25 - 01309613 _____ () C:\Users\Public\worldguard-6.0.0-beta-05.jar
2015-04-27 14:22 - 2015-04-27 14:22 - 00003362 _____ () C:\Users\Robin\Downloads\RunAs.jar
2015-04-27 13:05 - 2015-04-27 13:05 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\JetBrains
2015-04-27 13:04 - 2015-04-27 13:04 - 00000727 _____ () C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 14.1.2.lnk
2015-04-27 13:04 - 2015-04-27 13:04 - 00000727 _____ () C:\ProgramData\Desktop\IntelliJ IDEA Community Edition 14.1.2.lnk
2015-04-27 13:04 - 2015-04-27 13:04 - 00000000 ____D () C:\Users\Robin\.IdeaIC14
2015-04-27 13:04 - 2015-04-27 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2015-04-27 13:03 - 2015-04-27 13:03 - 204364624 _____ () C:\Users\Robin\Downloads\ideaIC-14.1.2.exe
2015-04-27 12:55 - 2015-05-04 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-27 12:55 - 2015-04-27 12:55 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-04-27 12:49 - 2015-04-27 12:49 - 189180832 _____ (Oracle Corporation) C:\Users\Robin\Downloads\jdk-8u45-windows-x64.exe
2015-04-27 12:47 - 2015-04-27 12:47 - 00000000 _____ () C:\WINDOWS\system32\RENE4BD.tmp
2015-04-27 11:55 - 2015-04-27 11:51 - 00218502 _____ () C:\Users\Public\fanciful-0.3.3-20150330.224758-1.jar
2015-04-27 11:37 - 2015-04-27 11:37 - 00010677 _____ () C:\Users\Robin\Downloads\JSONWriter.java
2015-04-26 14:47 - 2015-04-26 14:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-04-25 22:46 - 2015-04-25 22:46 - 00040732 _____ () C:\Users\Robin\Downloads\Hack4Fun.jar
2015-04-25 18:47 - 2015-04-25 18:47 - 00467904 _____ () C:\Users\Robin\Downloads\XBCDv107.exe
2015-04-25 18:47 - 2015-04-25 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XBCD
2015-04-25 18:40 - 2015-04-25 18:40 - 00000000 ____D () C:\Users\Robin\AppData\Local\Skyrim
2015-04-25 11:58 - 2015-04-25 11:58 - 00000000 ____D () C:\Users\Robin\Desktop\GTA Garage Editor By SonOfABeach v1.03
2015-04-24 22:30 - 2015-04-24 22:30 - 00000000 ____D () C:\WINDOWS\Sun
2015-04-24 22:13 - 2015-04-24 22:13 - 00004315 _____ () C:\Users\Robin\Downloads\Funktion.java
2015-04-24 20:25 - 2015-04-24 20:25 - 00002062 _____ () C:\Users\Robin\Downloads\BetterReloadjar.jar
2015-04-24 18:26 - 2015-04-25 00:25 - 00000000 ____D () C:\Users\Robin\Desktop\GTAOTunaEditor
2015-04-24 13:40 - 2015-04-24 13:40 - 06484352 _____ (Piriform Ltd) C:\Users\Robin\Downloads\ccsetup505.exe
2015-04-24 00:04 - 2015-05-07 23:11 - 00000000 ____D () C:\Users\Robin\Desktop\print
2015-04-23 18:53 - 2015-04-23 18:53 - 00000904 _____ () C:\Users\Robin\Desktop\µTorrent.lnk
2015-04-23 18:53 - 2015-04-23 18:53 - 00000884 _____ () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-04-23 18:36 - 2015-04-23 18:36 - 01744976 _____ (BitTorrent Inc.) C:\Users\Robin\Downloads\uTorrent.exe
2015-04-23 17:56 - 2015-05-16 18:22 - 00000000 ____D () C:\FRST
2015-04-23 16:13 - 2015-04-23 16:17 - 00000000 ____D () C:\AdwCleaner
2015-04-23 16:13 - 2015-04-23 16:13 - 02217984 _____ () C:\Users\Robin\Downloads\adwcleaner_4.201.exe
2015-04-22 22:53 - 2015-04-22 22:53 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\tor
2015-04-22 21:00 - 2015-05-16 15:57 - 00000080 _____ () C:\Users\Robin\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-04-22 19:50 - 2015-04-22 20:28 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\YaTQA
2015-04-22 19:49 - 2015-04-22 19:49 - 01262420 _____ () C:\Users\Robin\Downloads\YaTQA_setup.exe
2015-04-22 19:49 - 2015-04-22 19:49 - 00000712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk
2015-04-22 18:44 - 2015-04-22 20:12 - 00000290 _____ () C:\Users\Robin\Documents\TeamSpeakRechte.txt
2015-04-21 17:02 - 2015-04-21 17:02 - 00231376 _____ (TrueCrypt Foundation) C:\WINDOWS\system32\Drivers\truecrypt.sys
2015-04-21 17:01 - 2015-04-21 17:01 - 03466248 _____ (TrueCrypt Foundation) C:\Users\Robin\Downloads\truecrypt_setup_7.1a.exe
2015-04-21 16:59 - 2015-04-21 16:59 - 00008163 _____ () C:\Users\Robin\Downloads\sempervideo-amazon-de.xml
2015-04-20 19:45 - 2015-04-20 19:45 - 00000000 ____D () C:\Users\Robin\AppData\Local\Overwolf
2015-04-19 16:10 - 2015-04-19 16:10 - 00000540 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-04-19 16:10 - 2015-04-19 16:10 - 00000540 _____ () C:\ProgramData\Desktop\Fraps.lnk
2015-04-19 16:10 - 2015-04-19 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-04-18 19:09 - 2015-04-18 19:09 - 00052514 _____ () C:\Users\Robin\Downloads\minecraftjoinbot.rar
2015-04-18 18:10 - 2015-04-18 18:10 - 00000000 ____D () C:\Users\Robin\Desktop\JavaDoc GameLIB
2015-04-16 23:22 - 2015-04-16 23:22 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-16 23:16 - 2015-04-16 23:19 - 00000249 _____ () C:\WINDOWS\w32dasm8.ini
2015-04-16 23:11 - 2015-04-16 23:13 - 00000000 ____D () C:\Users\Robin\Desktop\W32Dasm8 & Hiew
2015-04-16 22:53 - 2015-04-22 21:24 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\mathegrafix
2015-04-16 22:53 - 2015-04-16 23:01 - 00000000 ____D () C:\Users\Robin\Desktop\odbg110
2015-04-16 22:46 - 2015-04-16 22:46 - 00000715 _____ () C:\Users\Public\Desktop\MatheGrafix 10.lnk
2015-04-16 22:46 - 2015-04-16 22:46 - 00000715 _____ () C:\ProgramData\Desktop\MatheGrafix 10.lnk
2015-04-16 22:46 - 2015-04-16 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MatheGrafix
2015-04-16 18:33 - 2015-04-16 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-16 17:11 - 2015-04-16 17:11 - 01355672 _____ (MurGee.com ) C:\Users\Robin\Downloads\setup(1).exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2098-01-01 01:59 - 2015-03-21 15:31 - 02598568 _____ () C:\Users\Robin\Downloads\libg.so
2015-05-16 18:17 - 2015-01-23 22:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Skype
2015-05-16 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-16 17:34 - 2015-02-06 01:19 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\.minecraft
2015-05-16 17:26 - 2015-01-08 16:09 - 00000000 ____D () C:\Users\Robin\AppData\Local\Eclipse
2015-05-16 15:03 - 2014-12-25 05:49 - 00000000 ____D () C:\Users\Robin\AppData\Local\ftblauncher
2015-05-16 15:00 - 2015-03-04 18:54 - 06628862 _____ () C:\Users\Robin\Downloads\FTB_Launcher.exe
2015-05-16 15:00 - 2015-01-14 20:35 - 04697768 _____ () C:\Users\Robin\Desktop\TechnicLauncher.exe
2015-05-16 15:00 - 2014-12-25 05:49 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\ftblauncher
2015-05-16 14:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-05-16 13:17 - 2015-02-14 20:40 - 00000000 ____D () C:\Users\Robin\AppData\Local\Spotify
2015-05-16 13:17 - 2015-02-14 20:37 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Spotify
2015-05-16 13:17 - 2015-01-22 04:10 - 00000000 ___DO () C:\Users\Robin\SkyDrive
2015-05-16 13:17 - 2014-12-25 05:33 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Steganos VPN
2015-05-16 02:00 - 2015-01-22 04:11 - 00000000 ____D () C:\Users\Robin\AppData\Local\Adobe
2015-05-15 21:49 - 2015-01-22 04:06 - 00000000 ____D () C:\Users\Robin
2015-05-15 21:31 - 2015-01-03 14:15 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\VMware
2015-05-15 21:31 - 2015-01-03 14:15 - 00000000 ____D () C:\Users\Robin\AppData\Local\VMware
2015-05-15 20:41 - 2015-01-22 04:13 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1346697615-2911746051-3580550801-1001
2015-05-15 20:30 - 2015-01-22 04:06 - 01785100 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-15 20:30 - 2013-09-05 15:07 - 00767024 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-15 20:30 - 2013-09-05 15:07 - 00160370 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-15 20:24 - 2015-02-11 02:22 - 00000000 ____D () C:\Users\Robin\AppData\Local\HTC MediaHub
2015-05-15 20:24 - 2015-01-22 16:28 - 00000000 ____D () C:\ProgramData\VMware
2015-05-15 20:24 - 2015-01-22 04:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-15 20:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Globalization
2015-05-15 20:24 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-15 19:36 - 2015-02-01 11:05 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang
2015-05-15 19:34 - 2014-12-27 17:23 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\uTorrent
2015-05-15 18:54 - 2015-01-06 23:28 - 00000000 ____D () C:\Users\Robin\Desktop\jd-gui-0.3.6.windows
2015-05-15 14:07 - 2013-08-22 16:44 - 05177488 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-15 02:11 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-15 02:10 - 2014-12-25 21:47 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\OBS
2015-05-14 22:25 - 2015-03-10 03:12 - 00000600 _____ () C:\Users\Robin\AppData\Roaming\winscp.rnd
2015-05-14 16:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-14 15:40 - 2015-01-22 05:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-14 15:40 - 2015-01-21 20:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-14 15:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-14 15:40 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-14 15:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-14 15:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-14 15:38 - 2015-01-22 04:24 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-14 15:36 - 2015-01-22 04:24 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-14 15:35 - 2013-08-22 15:25 - 00000167 _____ () C:\WINDOWS\win.ini
2015-05-14 15:34 - 2014-12-25 05:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\FileZilla
2015-05-14 14:09 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-13 18:45 - 2015-03-18 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 18:45 - 2015-03-18 17:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 18:45 - 2015-02-27 01:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 18:43 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 12:13 - 2014-12-25 05:55 - 00001399 _____ () C:\Users\Robin\Desktop\xaddo.txt
2015-05-11 22:01 - 2014-12-28 10:40 - 00000000 ____D () C:\Users\Robin\Desktop\Öffnen
2015-05-11 20:04 - 2015-02-10 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2015-05-11 20:04 - 2015-01-24 00:27 - 00000000 ____D () C:\Program Files (x86)\OkayFreedom
2015-05-11 19:53 - 2015-01-27 16:36 - 00000000 ____D () C:\Users\Robin\AppData\Local\CrashDumps
2015-05-11 15:41 - 2015-01-22 04:07 - 00000000 ____D () C:\Users\Robin\AppData\Local\Packages
2015-05-09 23:50 - 2015-02-14 05:16 - 00000000 ____D () C:\Users\Robin\AppData\Local\Arma 3
2015-05-09 00:25 - 2015-01-22 04:55 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-05-09 00:25 - 2015-01-22 04:53 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-05-09 00:25 - 2015-01-22 04:53 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-05-09 00:25 - 2015-01-22 04:53 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-05-09 00:25 - 2015-01-22 04:53 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-05-09 00:25 - 2015-01-22 04:53 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-05-09 00:25 - 2015-01-22 04:53 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-05-09 00:25 - 2015-01-22 04:53 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-05-09 00:25 - 2015-01-22 04:53 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-05-09 00:25 - 2015-01-22 04:53 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-05-07 23:58 - 2015-01-22 05:14 - 00000000 ____D () C:\ProgramData\Origin
2015-05-07 22:51 - 2015-04-01 01:09 - 00000000 ____D () C:\Users\Robin\Desktop\BungeeTest
2015-05-05 19:59 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-05 14:48 - 2014-12-25 20:32 - 00000000 ____D () C:\Users\Robin\Desktop\ROCCAT
2015-05-05 14:44 - 2015-01-22 04:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-05 14:34 - 2015-01-22 05:06 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-04 21:27 - 2015-01-22 05:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-05-03 14:31 - 2015-01-22 22:58 - 00000000 ____D () C:\Users\Robin\Desktop\[www.OldSchoolHack.de]_Titanium v0.01
2015-05-01 01:41 - 2014-12-25 06:01 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Origin
2015-04-30 22:50 - 2015-01-22 20:58 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\TeamViewer
2015-04-29 16:13 - 2015-01-23 22:55 - 00000000 ____D () C:\ProgramData\Skype
2015-04-29 15:36 - 2015-03-17 00:07 - 00022063 _____ () C:\Users\Robin\Documents\Acc.txt
2015-04-27 12:52 - 2015-01-22 04:51 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-25 18:39 - 2015-01-03 13:36 - 00000000 ____D () C:\Users\Robin\Documents\My Games
2015-04-24 13:41 - 2015-01-30 00:12 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-24 13:41 - 2015-01-30 00:12 - 00000841 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2015-04-24 13:41 - 2015-01-30 00:12 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-23 18:21 - 2015-02-14 04:57 - 00000000 ____D () C:\Users\Robin\AppData\Local\NVIDIA
2015-04-23 18:18 - 2015-01-22 04:00 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-23 18:18 - 2014-12-25 14:00 - 00000000 ____D () C:\Users\Robin\AppData\Local\NVIDIA Corporation
2015-04-23 16:17 - 2015-01-22 05:38 - 00000000 ____D () C:\WINDOWS\system32\log
2015-04-23 15:46 - 2015-03-25 14:45 - 00022613 _____ () C:\Users\Robin\Downloads\FTPPasswordKracker.zip
2015-04-23 15:46 - 2015-01-20 19:22 - 15455032 _____ () C:\Users\Robin\Downloads\Hard DDOS Server Free.(1).zip
2015-04-23 15:46 - 2015-01-20 18:21 - 15455032 _____ () C:\Users\Robin\Downloads\Hard DDOS Server Free..zip
2015-04-23 15:44 - 2015-01-20 20:30 - 00001870 _____ () C:\Users\Robin\Downloads\ACC2014KG(Updated).rar
2015-04-23 15:16 - 2015-02-05 17:11 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-04-20 00:38 - 2015-02-18 23:22 - 00007653 _____ () C:\Users\Robin\AppData\Local\Resmon.ResmonCfg
2015-04-17 19:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-04-17 13:40 - 2015-04-14 01:35 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-04-17 13:40 - 2015-04-14 01:35 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-04-17 13:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-16 23:22 - 2015-03-30 14:40 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
==================== Files in the root of some directories =======
2015-02-04 22:30 - 2015-02-04 23:17 - 0000132 _____ () C:\Users\Robin\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-02-18 14:23 - 2015-02-18 14:30 - 0000132 _____ () C:\Users\Robin\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2015-01-20 21:09 - 2015-01-20 21:14 - 98731008 _____ (MAGIX AG) C:\Users\Robin\AppData\Roaming\Video_Pro_X.exe
2015-03-10 03:12 - 2015-05-14 22:25 - 0000600 _____ () C:\Users\Robin\AppData\Roaming\winscp.rnd
2015-01-23 23:32 - 2015-01-23 23:32 - 10124389 _____ () C:\Users\Robin\AppData\Roaming\xulrunner.zip
2015-04-07 13:15 - 2015-04-07 13:15 - 0385602 _____ () C:\Users\Robin\AppData\Local\5D515C96_stp.CIS
2015-04-07 13:15 - 2015-04-07 13:15 - 0000220 _____ () C:\Users\Robin\AppData\Local\5D515C96_stp.CIS.part
2015-02-04 23:01 - 2015-02-04 23:01 - 0001456 _____ () C:\Users\Robin\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-04-06 19:40 - 2015-04-06 19:40 - 28579392 _____ (Sony Mobile Communications ) C:\Users\Robin\AppData\Local\pcc.exe
2015-04-14 16:46 - 2015-04-14 16:46 - 0008288 ____H () C:\Users\Robin\AppData\Local\Plugin.dat
2014-12-28 04:59 - 2015-03-09 13:09 - 0000600 _____ () C:\Users\Robin\AppData\Local\PUTTY.RND
2014-12-30 08:28 - 2014-12-30 08:28 - 0001568 _____ () C:\Users\Robin\AppData\Local\recently-used.xbel
2015-02-18 23:22 - 2015-04-20 00:38 - 0007653 _____ () C:\Users\Robin\AppData\Local\Resmon.ResmonCfg
2015-01-22 04:00 - 2015-01-22 04:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Robin\AppData\Local\Temp\jansi-64-git-Spigot-d0d1d87-15e81cf-3819724496512095667.dll
C:\Users\Robin\AppData\Local\Temp\jansi-64-git-Spigot-ea179b3-6e0120a-9048144003402991223.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-11 23:25
==================== End Of Log ============================
|
|
16.05.2015, 17:27
| #9 |
| | Remote Zugriff auf meinen Computer? FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Robin at 2015-05-16 18:22:21
Running from C:\Users\Robin\Desktop\FRST
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1346697615-2911746051-3580550801-500 - Administrator - Disabled)
Gast (S-1-5-21-1346697615-2911746051-3580550801-501 - Limited - Disabled)
Robin (S-1-5-21-1346697615-2911746051-3580550801-1001 - Administrator - Enabled) => C:\Users\Robin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{7330098c-3669-4f39-9e82-4221d489db39}) (Version: 1.4.828.0 - Futuremark)
3DMark (Version: 1.4.828.0 - Futuremark) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader 9 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
AlienFX For Tyon (HKLM-x32\...\InstallShield_{8FB6F9D4-D158-4D0B-B108-1839F6BE30BD}) (Version: 1.02.005 - Roccat GmbH)
AlienFX For Tyon (Version: 1.02.005 - Roccat GmbH) Hidden
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.7.8.1 - ASUSTek COMPUTER INC.) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield Heroes (HKLM-x32\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions)
Battlefield™ Hardline-Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Camtasia Studio 8 (HKLM-x32\...\{6BED66AA-1DC6-474B-AC70-205CC3A68A39}) (Version: 8.4.4.1859 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.4.83.1010 - Electronic Arts Inc.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
DriverEasy 4.9.0 (HKLM\...\DriverEasy_is1) (Version: 4.9.0.0 - Easeware)
DriverTools 1.0 (HKLM-x32\...\DriverTools) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Druckerdeinstallation für EPSON Universal Print Driver (HKLM\...\EPSON Universal Print Driver) (Version: - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON WF-2540 Series (HKLM\...\EPSON WF-2540 Series) (Version: - SEIKO EPSON Corporation)
DVS Video Downloader Addon for Mozilla Firefox version 4.3.4.17 (HKLM-x32\...\DVS Video Downloader Addon for Mozilla Firefox_is1) (Version: 4.3.4.17 - DVDVideoSoft Ltd.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio version 6.5.0.324 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.324 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{A7E0E8D0-2E06-428A-8A8A-83BFF0B4DFE6}) (Version: 4.34.498.0 - Futuremark)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
IntelliJ IDEA Community Edition 14.1.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 14.1.2) (Version: 141.713.2 - JetBrains s.r.o.)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.25 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Life is Feudal: Your Own (HKLM-x32\...\Steam App 290080) (Version: - Bitbox Ltd.)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MatheGrafix 10 (Version 10.3) (HKLM-x32\...\MatheGrafix 10_is1) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM-x32\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Firefox 37.0.2 (x86 de) (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
NBTExplorer (HKLM-x32\...\{7FDA6483-6CA9-4A9E-AED2-B8E894B159F0}) (Version: 2.7.5.0 - Justin Aquadro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.5.4 - Steganos Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Opera Stable 27.0.1689.69 (HKLM-x32\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.7 - Ihr Firmenname)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0014 - Roccat GmbH)
ROCCAT Tyon Mouse Driver (HKLM-x32\...\{27A9CD4B-AF7E-46FB-A7B5-AB549EB45C15}) (Version: - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Seilbahn Simulator 2014 (HKLM-x32\...\Seilbahn Simulator 2014) (Version: 1.0.4.232 - Z-Software GmbH)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steganos Privacy Suite 16 (HKLM-x32\...\{E5190609-65B6-40F7-9BC0-0DF56975EE41}) (Version: 16.1 - Steganos Software GmbH)
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
TERA (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\teraenmasse) (Version: - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
TweetDeck (HKLM-x32\...\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}) (Version: 3.3.7 - Twitter)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 11.1.0 - VMware, Inc)
VMware Workstation (Version: 11.1.0 - VMware, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSCP 5.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7 - Martin Prikryl)
Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, hxxp://www.wireshark.org)
World of Tanks (HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2015-05-11 16:24 - 00000037 ____N C:\WINDOWS\system32\Drivers\etc\hosts
79.161.244.113 ayylmao911.no-ip.biz
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1313B26E-C538-4AD8-A78B-E49791352944} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {16228590-66D3-4635-9F92-82728F710DFB} - System32\Tasks\Opera scheduled Autoupdate 1421869461 => D:\Program Files (x86)\Opera\launcher.exe [2015-02-10] (Opera Software)
Task: {1BEB9A1A-292F-40D1-9CDB-DA1FEBFE66DE} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {25AC6909-5277-46F9-8262-45684D511132} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {281187D5-BB92-44B7-AEA0-53434F1A4CEE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {3A3C6020-B264-4848-8F9F-8DB5ECE58E3A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Rob099@LIVE.DE => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {487ECA99-5EC0-4796-9D98-1FA71C694F65} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {57FE33D9-1B04-4FF3-8448-29CD38E59D4B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5B3BBDA9-2F4B-4D34-9484-235FA15A5234} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-21] (Google Inc.)
Task: {909FE887-9AEE-451D-B8CF-09FA14535F0D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {9128CA98-2E13-4A49-B221-E08C3D818B3E} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-09] (Avast Software s.r.o.)
Task: {98A9C564-BFD8-48B0-A581-D0DE63B33AD1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {D17A457D-216C-4C6C-BF74-6D883EB0DF1B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {D93F067B-73DC-4001-9865-585924D5970A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-14] (Microsoft Corporation)
Task: {DA6226B7-D6EA-46F7-97CE-1E87DE3A833F} - System32\Tasks\WINshell Event Notification => C:\Users\Robin\AppData\Local\Temp\SBCint2.exe <==== ATTENTION
Task: {FDF3D584-2913-4783-8267-28AAD7C2156C} - System32\Tasks\{38654DDD-3016-4641-B86E-10D605FA989E} => pcalua.exe -a C:\Users\Robin\AppData\Local\Temp\Temp1_GPUTweak_2_7_5_0.zip\GPUTweak_2_7_5_0.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-03-18 17:43 - 2014-01-28 05:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-01-23 20:15 - 2015-02-05 23:28 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-01-22 04:00 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-29 12:25 - 2015-03-29 12:25 - 00043480 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2014-08-27 17:02 - 2014-08-27 17:02 - 00226656 _____ () C:\Program Files (x86)\Steganos Privacy Suite 16\ShellExtension.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () D:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () D:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () D:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () D:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () D:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () D:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () D:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00102344 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00108488 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 15:46 - 2014-08-04 15:46 - 00563656 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-04-07 16:22 - 2014-04-27 18:55 - 00137587 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\libtslove.dll
2014-08-04 15:46 - 2014-08-04 15:46 - 00579016 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () D:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2015-03-01 02:07 - 2015-02-19 04:26 - 00320728 _____ () D:\Program Files (x86)\eclipse\eclipse.exe
2015-03-01 02:07 - 2015-02-04 11:25 - 00057856 _____ () D:\Program Files (x86)\eclipse\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20150204-1316\eclipse_1608.dll
2015-03-01 02:12 - 2015-03-01 02:12 - 00055296 _____ () D:\Program Files (x86)\eclipse\configuration\org.eclipse.osgi\73\0\.cp\os\win32\x86_64\localfile_1_0_0.dll
2015-03-01 02:08 - 2015-03-01 02:08 - 00044032 _____ () D:\Program Files (x86)\eclipse\configuration\org.eclipse.osgi\76\0\.cp\jWinHttp-1.0.0.dll
2015-05-16 17:32 - 2015-05-16 17:32 - 00310272 _____ () C:\Users\Robin\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_HD_B5\1.7.10-OptiFine_HD_B5-natives-76103010880161\lwjgl64.dll
2015-05-16 17:32 - 2015-05-16 17:32 - 00653832 _____ () C:\Users\Robin\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_HD_B5\1.7.10-OptiFine_HD_B5-natives-76103010880161\avutil-ttv-51.dll
2015-05-16 17:32 - 2015-05-16 17:32 - 00361103 _____ () C:\Users\Robin\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_HD_B5\1.7.10-OptiFine_HD_B5-natives-76103010880161\swresample-ttv-0.dll
2015-05-16 17:32 - 2015-05-16 17:32 - 00688161 _____ () C:\Users\Robin\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_HD_B5\1.7.10-OptiFine_HD_B5-natives-76103010880161\libmp3lame-ttv.dll
2015-05-16 17:32 - 2015-05-16 17:32 - 01127424 _____ () C:\Users\Robin\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_HD_B5\1.7.10-OptiFine_HD_B5-natives-76103010880161\twitchsdk.dll
2015-05-16 17:32 - 2015-05-16 17:32 - 00382464 _____ () C:\Users\Robin\AppData\Roaming\.minecraft\versions\1.7.10-OptiFine_HD_B5\1.7.10-OptiFine_HD_B5-natives-76103010880161\OpenAL64.dll
2015-05-09 00:25 - 2015-05-09 00:25 - 00104400 _____ () D:\Program Files\AVAST Software\Avast\log.dll
2015-05-09 00:25 - 2015-05-09 00:25 - 00081728 _____ () D:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-15 14:08 - 2015-05-15 14:08 - 02929664 _____ () D:\Program Files\AVAST Software\Avast\defs\15051500\algo.dll
2015-05-16 15:03 - 2015-05-16 15:03 - 02929664 _____ () D:\Program Files\AVAST Software\Avast\defs\15051600\algo.dll
2015-03-18 17:43 - 2015-05-15 20:24 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-03-18 17:43 - 2012-05-08 09:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-12-18 16:25 - 2014-12-18 16:25 - 00031080 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00607376 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00059752 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00036216 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00080248 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 16:29 - 2014-12-18 16:29 - 00129376 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 16:31 - 2014-12-18 16:31 - 00223592 _____ () D:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-02-06 19:40 - 2015-02-06 19:40 - 01301696 _____ () D:\VMWare\libxml2.dll
2015-03-31 15:31 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-17 17:55 - 2015-03-17 17:55 - 40540672 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-02 16:43 - 2015-04-02 16:43 - 03348592 _____ () D:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-04-02 16:43 - 2015-04-02 16:43 - 00158832 _____ () D:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-04-02 16:43 - 2015-04-02 16:43 - 00023152 _____ () D:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-04-25 15:08 - 2015-04-25 15:08 - 00008704 _____ () C:\Users\Robin\AppData\Roaming\Thunderbird\Profiles\ywt3d8ua.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2013-11-01 11:47 - 2013-11-01 11:47 - 36625920 _____ () D:\Program Files (x86)\Twitter\TweetDeck\libcef.dll
2013-11-01 11:47 - 2013-11-01 11:47 - 00861184 _____ () D:\Program Files (x86)\Twitter\TweetDeck\ffmpegsumo.dll
2013-11-01 11:47 - 2013-11-01 11:47 - 00880640 _____ () D:\Program Files (x86)\Twitter\TweetDeck\libglesv2.dll
2013-11-01 11:47 - 2013-11-01 11:47 - 00102400 _____ () D:\Program Files (x86)\Twitter\TweetDeck\libegl.dll
2015-05-05 14:44 - 2014-05-11 15:26 - 00061440 _____ () D:\Program Files (x86)\ROCCAT\Tyon Mouse\hiddriver.dll
2015-05-05 14:44 - 2014-05-31 22:08 - 00061440 _____ () D:\Program Files (x86)\ROCCAT\Tyon Mouse\hiddriverW.dll
2015-05-14 14:10 - 2015-04-16 19:40 - 00776192 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-05-14 14:10 - 2015-04-23 04:16 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll
2015-05-16 15:53 - 2015-05-15 03:58 - 02396352 _____ () D:\Program Files (x86)\Steam\video.dll
2015-05-14 14:10 - 2015-04-23 04:16 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2015-05-14 14:10 - 2015-04-23 04:16 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2015-02-17 14:38 - 2014-12-01 23:31 - 02396672 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2015-02-17 14:38 - 2014-12-01 23:31 - 00479744 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2015-02-17 14:38 - 2014-12-01 23:31 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2015-02-17 14:38 - 2014-12-01 23:31 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2015-02-17 14:38 - 2014-12-01 23:31 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-16 15:53 - 2015-05-15 03:57 - 00703168 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-05-14 14:10 - 2015-05-11 21:01 - 36302728 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-14 14:10 - 2015-05-11 21:01 - 08958344 _____ () D:\Program Files (x86)\Steam\bin\pdf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Robin\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Robin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Robin\AppData\Local\Kn8SNkKS80PNR:35c7lFq2yO0s0TonDQRiLMrO1
AlternateDataStreams: C:\Users\Robin\AppData\Local\Temporary Internet Files:iSfAOiHs7JyByDYnXWf9m
AlternateDataStreams: C:\Users\Robin\AppData\Local\TVIzMmlBs2Lt:G5ucNonqpJr0FArT7K0kg
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Robin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\524e4cd3f2259edf11990619d487a210_large.png
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "SSS16 Chrome Autofill Relay"
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\StartupApproved\StartupFolder: => "PvW6oJvidyW7.lnk"
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\StartupApproved\Run: => "SSS16_Suite"
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\StartupApproved\Run: => "SSS16 Browser Monitor"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{C3D9781C-F1DB-4BD8-8873-8E33F865D3C2}C:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{89ED2797-815D-45B4-B489-BC360DEA4CF2}C:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{10A30E61-2413-41E8-8520-FA43B35D8772}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D49C3561-B91C-4462-9A73-703108070C64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2DE48BF3-91F5-4673-8962-907E67879FB8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C956FFD3-467E-448F-BE89-C7168E58B161}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DCAA91FF-B5AD-462E-A98B-424DD2865D71}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{382C56E0-7E19-4B7E-AFD8-4EED9394A938}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{371BF590-6440-4BCD-AB8C-3A85A389C176}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7815EE2B-8D89-406A-ADD7-602D819D4341}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DE8997BB-097F-4319-9E73-A45FD9D69A4D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F5DE36C2-027D-4E52-886F-3A4E019C12AF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{3180C1D9-90AC-40BB-A402-15D65EBEC340}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CF0EAEB7-0FBD-447D-8B93-00A877370959}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D185DB01-ED9B-4F1D-833A-69A9700FA739}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CA7D204A-D402-4A38-BC58-A6F91AD5883D}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8B45EBAE-6663-4E91-B3BC-C91A84E252CE}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1251899D-FE86-4F49-8DC9-815799965C22}D:\program files\android\android studio\bin\studio64.exe] => (Allow) D:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{F55EE90B-ACC8-4F03-9385-A76E87FCCD2A}D:\program files\android\android studio\bin\studio64.exe] => (Allow) D:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{0B45BA5F-5C8B-491C-8E29-3BA0EE40402D}C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3CBA4EC1-6854-4232-B6DD-82B731B8AA0D}C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{349670BC-2EBF-470B-80FA-130F053FE7F5}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CEC01357-954D-4446-AA55-DCC2712F928A}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A08FCA04-6D0B-4333-886D-0CE8108154D7}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{78ACECDB-F66B-4D1A-BACE-2D380E2BBC9D}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ACA6D6ED-7F13-4F4D-8C28-2CAA91863E68}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{59C02393-A2C3-4CE6-A3EB-5EC533F674F6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{2C9DAF3C-28DD-494D-B4A7-6CDDB056BF21}D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{676529EB-FA72-4546-9CAD-27CE0F8EE1DD}D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{583A44BC-703A-4CBC-AE33-F53517A6DC7F}D:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) D:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{51A71268-C041-4BF6-86EC-01F9F6D97C4F}D:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) D:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{88F3A3C0-ECF0-4246-84EF-8C6CB3CC4ED2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A79F813-C258-4824-802B-B903F9A8BCED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F15B095F-3785-45C4-9575-6456639D781A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{DFC8DF4E-5919-45A2-BB88-D6CECDCDD3B8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2134BAF4-B977-4547-86B5-95D324D59581}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{219621F3-16C0-4CCB-A8EC-8E28696956C6}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{9137BD1C-F31D-4A08-9244-7ECEC2AC3022}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{75967A31-9F09-44A5-905B-DC42DF36287C}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{126C818E-04E1-4022-BC9D-56D7D534101B}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{F76039F0-19AD-4738-ABD9-915245ACC44A}] => (Allow) LPort=8317
FirewallRules: [{7455E8C0-050B-4700-9C75-568D47EB6D0F}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{631408CD-9840-48D5-AF92-F47DF1EDCD31}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{616E1A8D-AC91-4602-8500-E8A13CA3F65F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6C0D1886-22E7-4448-AB49-76EFC678D665}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{67888DD5-B394-4A1F-A545-AB733C466397}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E9ACA4FA-74D3-47CD-A43B-F0A229208699}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B785E8F7-D99C-4E57-83B8-4C028ED91A20}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{9A79F6FE-726D-408F-AC14-F77DF0CC020B}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{C66CDA0A-4091-45E6-B80F-7F3E36A02D3B}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{A6754897-2953-4B6C-96C9-A9581BBEE82C}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{63E1BDD9-B1A9-46B4-AA69-BFAFF93BEB4D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{029088AD-854C-4E2F-B2CA-13D9567876B8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{FD2EB53C-884C-48EB-A39A-5B66CDCDCE8A}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{367B63DF-172E-4F79-9CCE-4698543A5134}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AC002819-4175-4591-9C98-20D937DFA40F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C4286E71-DD44-40B9-B909-618D026032E2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{098A3BD1-406E-47AA-82B9-4D69A0F7EBAF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{019EED66-4968-4227-AC85-CCA58C285C0E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E3B6950E-1BDF-4946-BFC6-592A08927635}] => (Allow) D:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{B9E84CBF-CC0C-4DD9-9EDC-D1008B480BB8}] => (Allow) D:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{795050CC-A83A-4189-B2C7-C490E377645E}] => (Allow) D:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{00EFB275-8DB0-41D5-ACD2-887AFAACE82F}] => (Allow) D:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{1B322BC6-24E1-40FC-93A5-4DD4125D1795}] => (Allow) D:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{1A7AE6DB-F6E7-4E41-AF72-F0BB005F54C9}] => (Allow) D:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{8C93B361-8C4B-4BB7-9109-42F52C34DAD3}] => (Allow) D:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [TCP Query User{3931B34A-8734-457C-928B-E107D84C5FF1}D:\program files\java\jdk1.8.0_25\bin\java.exe] => (Allow) D:\program files\java\jdk1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{324A563C-C505-4FD9-B5C9-E4154B1F6668}D:\program files\java\jdk1.8.0_25\bin\java.exe] => (Allow) D:\program files\java\jdk1.8.0_25\bin\java.exe
FirewallRules: [TCP Query User{D871231F-52A5-4863-9901-080E5FCB413A}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{7245B1EC-80B7-4DA7-973C-540A13A04C23}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [{331F415C-E9A4-4353-A3F7-0F5ACF4AB25D}] => (Allow) D:\Program Files (x86)\Seilbahn Simulator 2014\seilbahn.exe
FirewallRules: [{56C92A45-7654-4585-B6FF-C2AB8D8FD033}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{7150056F-BEE7-4C60-BE34-51C97F78F466}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{97A50DA8-B635-4F06-9172-F34941FF54F8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{CCEDCCE9-84FA-43D2-8B50-EADC3BCDA3FC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{EEF64062-6CF3-4AEC-8D4C-0B6BE10DA976}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72F5CC55-A199-4DA1-87BC-9EA4BF369CAA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9D4CC86C-5EE0-417F-B666-6BE5003EFC1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{690F46EB-B5AA-4C05-841F-21142B79478A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BD423C04-6123-4DCE-9D42-29D21490A2A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3E33C8DA-6868-4F88-B22B-CC66FD349BDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{AC95E5D0-15C2-443B-8718-98681068300C}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{830841EC-289F-43F2-B704-9514DA5509A5}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{551D37B0-B60C-4C02-A61D-41FE6CF6CC61}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{4F1CDB9D-1EA4-4A44-9238-2F1B014EF964}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{DBB834E3-B448-49ED-85F7-C0BE7DAF606D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{83F1649F-63F1-4DBA-9603-F0FE7FA67AC2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{D9F289EA-24DE-4EA2-B492-D2976E154B5D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{AD209B48-2AE5-48F5-81FE-58779A1EBE46}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{1C2E7CFE-EC7C-4DF4-AE27-204866E1881E}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{63D57C9F-072F-4F4A-9D89-9941977A7A20}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{FB22F062-0D1F-401E-99DF-6E627B567ACF}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{497986AB-A574-447F-B6B0-3831AB185B07}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{B5311AB5-1A42-4E37-AE2D-DF892871908D}D:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe
FirewallRules: [UDP Query User{A8A0D184-7BE5-4C73-9FAF-B15E64189E98}D:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe
FirewallRules: [{302925D5-3E2C-47AB-B646-AFB4F4F7BC8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BF5BDE1E-77BC-468A-B0AB-6A8A02F093C7}] => (Allow) LPort=2869
FirewallRules: [{A1A4EDAE-A544-4FED-89E0-1BB66E5F1137}] => (Allow) LPort=1900
FirewallRules: [{D6E56CE1-8A0F-4C7D-86A3-CB24D7B5B813}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7CF4E353-F796-4F43-84B0-40E6EEEFDE9A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{BFD2E59F-A587-4796-B434-A2B645FDA09E}] => (Block) %ProgramFiles% (x86)\Steganos Privacy Suite 16\Suite.exe
FirewallRules: [{B9DBEAF8-5F82-407E-924B-520BF3317625}] => (Block) %ProgramFiles% (x86)\Steganos Privacy Suite 16\Suite.exe
FirewallRules: [{B359AB5D-D46D-495C-B532-90F791F49115}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{0B204101-5149-4E42-B657-F82446716645}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [TCP Query User{50FFAC92-A41F-4FBB-B8F3-D8E22B86FEB8}D:\games\call of duty 2\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{8F6F8D97-75CE-41C4-91DE-E33E619EC323}D:\games\call of duty 2\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{37B94992-56C5-4E81-AEEF-BDC36A97A2E0}D:\program files\logitech gaming software\lcore.exe] => (Allow) D:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{FBC432CA-99FE-45F1-A3D2-D62B7CF4DA0E}D:\program files\logitech gaming software\lcore.exe] => (Allow) D:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{9A33BD83-C0EB-4DE6-8544-A42C1F7B0EA5}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{F0C54FC4-6906-465D-8EBD-D98068E7751B}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{C83727FC-0537-4BAA-B92F-9A11562A4222}D:\program files (x86)\eclipse\eclipse.exe] => (Allow) D:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [UDP Query User{D1E62D36-5E0E-42D9-969B-2AD50E533A55}D:\program files (x86)\eclipse\eclipse.exe] => (Allow) D:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [{A1E59FA5-3151-4EF3-8028-DDF852A7E360}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{D99A615F-C2A9-4504-8E5D-6E2D089C523D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [TCP Query User{3231A6E7-EFAE-4559-9C67-5D1E140A00CB}D:\program files\logitech gaming software\lcore.exe] => (Allow) D:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{3229A433-B4F6-44EA-80BC-EC110C8B2068}D:\program files\logitech gaming software\lcore.exe] => (Allow) D:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{C60603C3-BCC0-4F3D-98C9-33EB220AFDF7}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{C2994ABC-5B7C-4983-AEFC-3E9DE8C370F0}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{B57A7F84-440C-4803-86D0-45EB5A461C31}C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{BB018175-2856-4D05-BDFD-71DE66B18997}C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\robin\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{D7B33E8C-1B99-4433-8B20-328B4FEA4A31}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{10B33304-4A9D-4160-B412-42B7854827AB}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe
FirewallRules: [{BFC85AA3-F5C4-46B6-AEFD-B869E56F4517}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{F8614B0C-51DF-4D04-A6E3-279A7761126B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{23569305-FAA3-4B77-B518-658A47D6A33F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{20BFCC01-A362-4F5A-B6EB-FE38E3EC64CF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{D60448B3-34B1-4856-8110-BA75BDC94C5C}C:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{50BCE108-0CEB-495D-B98D-1EB35E8B0AF8}C:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{A0136E51-EC4E-49EF-BBBD-CD0BFB5A855E}D:\program files (x86)\eclipse\eclipse.exe] => (Allow) D:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [UDP Query User{ECC4BC66-6507-4550-958E-70488CA70FD9}D:\program files (x86)\eclipse\eclipse.exe] => (Allow) D:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [TCP Query User{C4586228-1483-474D-88B3-8F3D5C51BD3B}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{3A19C1A8-2643-40EB-9C66-979AB36E432E}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{A5ACB55C-BEE7-4DFF-8D2D-8A6D89CB7EB7}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{D54815A0-7BD2-4039-A370-0FD30C7A3114}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{92390445-3F69-4833-B95A-8CAF3D7C3EE8}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{46B756D3-0035-40E9-8691-505D63979D60}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{61E5D1EB-601C-46AC-BD42-A9B233762298}] => (Allow) D:\VMWare\vmware-authd.exe
FirewallRules: [{0B8DA663-E0C5-44D9-9B76-55D07820F4C8}] => (Allow) D:\VMWare\vmware-authd.exe
FirewallRules: [{D9CE8353-500A-43A3-813F-56EBA39E3728}] => (Allow) D:\VMWare\vmware-hostd.exe
FirewallRules: [{A32FE0BA-E15D-477E-B4FB-67B729D8E348}] => (Allow) D:\VMWare\vmware-hostd.exe
FirewallRules: [TCP Query User{48004ABA-A0A3-492F-9D30-4A97877DE240}C:\program files\java\jre1.8.0_40\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\java.exe
FirewallRules: [UDP Query User{B8A8E2EF-A96E-4F8E-BAC5-DC561826F696}C:\program files\java\jre1.8.0_40\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\java.exe
FirewallRules: [{AE3327C2-2E37-41B1-B223-AF93F72E4567}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2566949C-00CE-4A45-9417-68D6C28CFADF}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{83AB1E83-D97D-47CD-B4F5-28F8972309FF}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2837A983-7F04-47A6-A1CB-14DF45DB3C81}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{E8796002-51B6-4FEC-9FE2-E1F26D8EDF0C}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{45F3E8A5-5247-4D7C-B7C3-F35B165C32FB}C:\users\robin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B286F957-792D-4289-9EAF-D882DA04530E}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7F5E7DC6-A79B-4147-9524-E1F54509D620}] => (Allow) D:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6CCE9428-9819-4EB3-B579-6432BDE882AE}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D3A8C183-0A2E-44E9-85B2-C2993646251B}] => (Allow) D:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04BBBB2A-30B1-4DA0-B7FF-2AE90EA41C0D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{E3090A9D-8EFC-475A-8705-2810B9263478}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F6032297-41DD-4555-9C27-D1DFA828FECE}] => (Allow) D:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{AB8DFFFA-A1E6-4636-B9FB-E19507A2D9C1}] => (Allow) D:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{77F88E78-B103-4564-928B-42D57D2006A2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4448DCDF-A62B-46E4-B9F1-00B573D16217}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{88767EF3-2C54-4600-855D-A4C70F907DB8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{10E5B9DB-6C46-4E9E-8DCC-8E8618ED08F3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{8669F262-DFC9-42AB-BFB9-C5EFDE6CB72D}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{D83C2ABD-7F50-42FD-A022-7C430AA7038A}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{BE2EBF41-654F-4DCB-A648-50A86DA1BA95}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{4879F9A6-65C3-407E-AE00-E05551ABABD9}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{6FEC00A4-0B0C-4C5B-95D4-02DB76728B32}] => (Allow) C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DBF9EFD6-E266-4524-918B-6E6F7AB01F7A}] => (Allow) C:\Users\Robin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E5835C0B-42A3-4C00-8127-72094C2D8319}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{B03C23CC-23F6-4FD8-A289-D432EBD26E65}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{BC0AD5FF-C121-45B1-B5B8-FEA6A5EB1A0F}D:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) D:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{C0C060CB-3C03-4BA1-A2C3-4D1AC243ABA4}D:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) D:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{3E3A35CE-2DBA-4A2B-90F8-77982AA19004}D:\program files (x86)\jetbrains\intellij idea community edition 14.1.2\bin\idea.exe] => (Allow) D:\program files (x86)\jetbrains\intellij idea community edition 14.1.2\bin\idea.exe
FirewallRules: [UDP Query User{77C17DFE-983B-47C0-8479-60BABFEED058}D:\program files (x86)\jetbrains\intellij idea community edition 14.1.2\bin\idea.exe] => (Allow) D:\program files (x86)\jetbrains\intellij idea community edition 14.1.2\bin\idea.exe
FirewallRules: [TCP Query User{AA64BBD8-995A-45FE-8162-297E730301E8}D:\program files (x86)\nmap\nmap.exe] => (Allow) D:\program files (x86)\nmap\nmap.exe
FirewallRules: [UDP Query User{92C20523-D8BA-47BE-8F1E-EB672BDFB26B}D:\program files (x86)\nmap\nmap.exe] => (Allow) D:\program files (x86)\nmap\nmap.exe
FirewallRules: [TCP Query User{22A01B71-F968-4CA8-ACF2-9ABF35FC9233}D:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) D:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{76EF4CE1-0CB9-4781-8D4E-F45F00339FB4}D:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) D:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{3452B5AF-C671-4736-A36B-D986FE46DCA2}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3ECE448E-20FC-421E-940A-CD08E87AD426}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{59B45D51-AC99-4BC9-9967-3940E2684563}] => (Allow) C:\Users\Robin\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
FirewallRules: [{F12124A2-D1D5-4B56-8FC8-E0A78E027F22}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{93BD11E9-F3B6-4C6B-9373-4968D3FEB0B6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{10E77280-0D8E-41B3-93EA-5C0E63B2A356}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: AMDA00 Interface
Description: AMDA00 Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ASUSTeK Computer Inc.
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/16/2015 06:06:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/16/2015 06:05:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/16/2015 06:04:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/16/2015 06:04:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/16/2015 06:03:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/16/2015 06:03:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/16/2015 06:02:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/16/2015 06:02:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/16/2015 06:01:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
Error: (05/16/2015 06:01:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <8, 0x8007000f, Fehler bei der Suche nach der Gatherer-Anwendung: Windows>.
System errors:
=============
Error: (05/16/2015 06:21:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1528 Mal passiert.
Error: (05/16/2015 06:21:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Error: (05/16/2015 06:21:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1527 Mal passiert.
Error: (05/16/2015 06:21:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Error: (05/16/2015 06:21:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1526 Mal passiert.
Error: (05/16/2015 06:21:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Error: (05/16/2015 06:21:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1525 Mal passiert.
Error: (05/16/2015 06:21:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Error: (05/16/2015 06:21:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1524 Mal passiert.
Error: (05/16/2015 06:21:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%15
Microsoft Office Sessions:
=========================
Error: (05/16/2015 06:06:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/16/2015 06:05:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/16/2015 06:04:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/16/2015 06:04:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/16/2015 06:03:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/16/2015 06:03:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/16/2015 06:02:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/16/2015 06:02:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/16/2015 06:01:52 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
Error: (05/16/2015 06:01:50 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 80x8007000fFehler bei der Suche nach der Gatherer-Anwendung: Windows
CodeIntegrity Errors:
===================================
Date: 2015-05-09 00:42:27.517
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:27.325
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:27.130
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.945
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.747
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.185
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:26.005
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-09 00:42:25.827
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 71%
Total physical RAM: 8135.08 MB
Available physical RAM: 2299.12 MB
Total Pagefile: 13255.08 MB
Available Pagefile: 5292.34 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:226.03 GB) (Free:103.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:425.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 068D7676)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=226 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C8E34EA2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
16.05.2015, 21:13
| #10 |
| /// TB-Ausbilder | Remote Zugriff auf meinen Computer? Ok. Was ich sehe und was wir vorab klären sollten: Code:
ATTFilter IFEO\ultiman.exe: [Debugger] cmd.exe
IFEO\utilman.exe: [Debugger] c:\windows\system32\cmd.exe
AutoConfigURL: [S-1-5-21-1346697615-2911746051-3580550801-1001] => hxxp://127.0.0.1:8445/okf.pac
Ersteres ist einmal falsch und einmal richtig geschriebenes IFEO, um die Utilman.exe mit der Eingabeaufforderung zu ersetzen. Macht man, um nen "Notfalltürchen" ins System zu haben. Das 2. ist ne Autoconfig-Datei für Proxy Einträge. Ausserdem ist Teamviewer auf dem Rechner, wenn sich nem Mauszeiger bewegt könnte es ja daher kommen - evtl. Teamviewer so konfiguriert das von aussen erreichbar ? Ach den hatte ich noch vergessen : Code:
ATTFilter 79.161.244.113 ayylmao911.no-ip.biz
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
16.05.2015, 22:51
| #11 |
| | Remote Zugriff auf meinen Computer? Mir ist alles bekannt, bisauf die Auto-Config Datei für die Proxy Einträge, aber glaube das hat damit ja nix zu tun, oder? Wenn das alles ist dann glaube ich das enfernen der StartProgramme hat ausgereicht? |
|
18.05.2015, 07:55
| #12 |
| /// TB-Ausbilder | Remote Zugriff auf meinen Computer? Ok, dann fixen wir die ProxyUrl. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter AutoConfigURL: [S-1-5-21-1346697615-2911746051-3580550801-1001] => hxxp://127.0.0.1:8445/okf.pac
removeproxy:
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Downloade Dir bitte  Malwarebytes Anti-Malware
Starte noch einmal FRST.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
18.05.2015, 17:11
| #13 |
| | Remote Zugriff auf meinen Computer?Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by Robin at 2015-05-18 17:35:34 Run:1
Running from C:\Users\Robin\Desktop\FRST
Loaded Profiles: Robin (Available profiles: Robin)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
AutoConfigURL: [S-1-5-21-1346697615-2911746051-3580550801-1001] => hxxp://127.0.0.1:8445/okf.pac
removeproxy:
emptytemp:
*****************
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value deleted successfully.
========= RemoveProxy: =========
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
========= End of RemoveProxy: =========
EmptyTemp: => Removed 19.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog 17:35:44 ====
Code:
ATTFilter # AdwCleaner v4.204 - Bericht erstellt 18/05/2015 um 17:39:30
# Aktualisiert 12/05/2015 von Xplode
# Datenbank : 2015-05-12.2 [Lokal]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Robin - INVALID
# Gestarted von : C:\Users\Robin\Downloads\AdwCleaner_4.204.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : iSafeKrnlMon
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Robin\AppData\Local\DriverToolkit
Ordner Gelöscht : C:\Users\Robin\AppData\Local\StormFall
Ordner Gelöscht : C:\Users\Robin\Desktop\Browser
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v37.0.1 (x86 de)
-\\ Google Chrome v42.0.2311.152
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [2738 Bytes] - [23/04/2015 16:13:51]
AdwCleaner[R1].txt - [1150 Bytes] - [18/05/2015 17:38:49]
AdwCleaner[S0].txt - [2576 Bytes] - [23/04/2015 16:17:27]
AdwCleaner[S1].txt - [1075 Bytes] - [18/05/2015 17:39:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1134 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.2 (05.15.2015:1)
OS: Windows 8.1 x64
Ran by Robin on 18.05.2015 at 17:43:01,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1346697615-2911746051-3580550801-1001
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.05.2015 at 17:45:56,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 18.05.2015 Suchlauf-Zeit: 17:51:21 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.18.04 Rootkit Datenbank: v2015.05.16.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Robin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 423844 Verstrichene Zeit: 9 Min, 16 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02 Ran by Robin (administrator) on INVALID on 18-05-2015 18:02:35 Running from C:\Users\Robin\Desktop\Anti\FRST Loaded Profiles: Robin (Available profiles: Robin) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\afwServ.exe (TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Avast Software) D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) D:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => D:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 16\SteganosHotKeyService.exe [102400 2014-10-29] (Steganos Software GmbH) HKLM-x32\...\Run: [SSS16 Chrome Autofill Relay] => C:\Program Files (x86)\Steganos Privacy Suite 16\passwordmanagercom.exe [481232 2014-10-29] (Steganos Software GmbH) HKLM-x32\...\Run: [SSS16 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 16\fredirstarter.exe [17920 2014-10-29] (Steganos Software GmbH) HKLM-x32\...\Run: [vmware-tray.exe] => D:\VMWare\vmware-tray.exe [114368 2015-02-06] (VMware, Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation) HKLM-x32\...\Run: [RoccatTyon] => D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitor.EXE [557056 2015-01-12] (ROCCAT GmbH) HKLM-x32\...\Run: [RoccatTyonW] => D:\Program Files (x86)\ROCCAT\Tyon Mouse\TyonMonitorW.EXE [557056 2015-01-12] (ROCCAT GmbH) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,userinit.exe, HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [Spotify Web Helper] => C:\Users\Robin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-23] (Spotify Ltd) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [SSS16_Suite] => C:\Program Files (x86)\Steganos Privacy Suite 16\Suite.exe [2714032 2014-10-29] (Steganos Software GmbH) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [SSS16 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 16\SteganosBrowserMonitor.exe [74240 2014-10-29] (Steganos Software GmbH) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [Spotify] => C:\Users\Robin\AppData\Roaming\Spotify\Spotify.exe [7168568 2015-04-23] (Spotify Ltd) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6590888 2015-05-08] (Steganos Software GmbH) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\...\MountPoints2: {aa910471-dc82-11e4-8286-ac9e17edb1ca} - "G:\startme.exe" HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) IFEO\ultiman.exe: [Debugger] cmd.exe IFEO\utilman.exe: [Debugger] c:\windows\system32\cmd.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-05-05] ShortcutTarget: Roccat Talk.lnk -> D:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.) Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2015-01-31] ShortcutTarget: Mozilla Thunderbird.lnk -> D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TweetDeck.lnk [2015-01-31] ShortcutTarget: TweetDeck.lnk -> D:\Program Files (x86)\Twitter\TweetDeck\TweetDeck.exe (Twitter) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1346697615-2911746051-3580550801-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-20] (Avast Software s.r.o.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-20] (Avast Software s.r.o.) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation) Hosts: 79.161.244.113 ayylmao911.no-ip.biz Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469 FF Homepage: hxxp://www.google.com FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-22] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> D:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> D:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-22] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Extension: YouTube Unblocker - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\youtubeunblocker@unblocker.yt [2015-04-15] FF Extension: Ciuvo Price Comparison - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\extension@ciuvo.com.xpi [2015-04-15] FF Extension: MEGA EXTENSION - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\firefox@mega.co.nz.xpi [2015-04-15] FF Extension: NoScript - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-04-15] FF Extension: Adblock Plus - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-15] FF Extension: OkayFreedom - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2015-05-11] FF Extension: Greasemonkey - C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z76lb0pl.default-1429100269469\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-22] FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 16\spmplugin3 FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 16\spmplugin3 [2015-02-19] FF HKLM-x32\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2015-04-07] StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-21] CHR Extension: (Google Docs) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-21] CHR Extension: (Google Drive) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-21] CHR Extension: (MEGA) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-03-23] CHR Extension: (YouTube) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-21] CHR Extension: (Adblock Plus) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-17] CHR Extension: (Google Search) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-21] CHR Extension: (Tampermonkey) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-05-11] CHR Extension: (Google Sheets) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-21] CHR Extension: (Bookmark Manager) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23] CHR Extension: (Avast Online Security) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-21] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-23] CHR Extension: (Google Wallet) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-23] CHR Extension: (Gmail) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-21] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17] Opera: ======= StartMenuInternet: (HKLM) OperaStable - D:\Program Files (x86)\Opera\Launcher.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2014-01-28] () S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.) R2 avast! Firewall; D:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-09] (Avast Software s.r.o.) R3 AvastVBoxSvc; D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-09] (Avast Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-05] () S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [237864 2015-03-06] (EasyAntiCheat Ltd) S2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) S3 Futuremark SystemInfo Service; D:\Program Files\Futuremark\FMSISvc.exe [614624 2015-02-09] (Futuremark) S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation) S2 HTCMonitorService; D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG) R2 MBAMScheduler; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation) R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [330168 2015-05-08] (Steganos Software GmbH) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed] S2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-01-30] () S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-02-05] () S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH) S2 VMAuthdService; D:\VMWare\vmware-authd.exe [87744 2015-02-06] (VMware, Inc.) S3 VMwareHostd; D:\VMWare\vmware-hostd.exe [12730048 2015-02-06] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-09] (Avast Software s.r.o.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-09] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-09] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] () S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider) R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-18] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) S3 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-04-09] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R1 SLEE_19_DRIVER; C:\WINDOWS\Sleen1964.sys [117848 2014-10-24] (Softwareentwicklung Remus - ArchiCrypt - ) S3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider) R2 VBoxAswDrv; D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-09] (Avast Software) R3 VHidXInput; C:\Windows\System32\drivers\VXInput.sys [7424 2014-08-13] (Windows (R) Win 7 DDK provider) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation) S3 cpuz138; \??\C:\WINDOWS\TEMP\cpuz138\cpuz138_x64.sys [X] S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X] S3 WinDivert1.1; \??\D:\Program Files\KMSpico\WinDivert.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-18 17:43 - 2015-05-18 17:43 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-INVALID-Windows-8.1-(64-bit).dat 2015-05-18 17:43 - 2015-05-18 17:43 - 00000000 ____D () C:\RegBackup 2015-05-18 17:42 - 2015-05-18 17:42 - 02719698 _____ (Thisisu) C:\Users\Robin\Downloads\JRT.exe 2015-05-18 17:37 - 2015-05-18 17:51 - 00083787 _____ () C:\WINDOWS\WindowsUpdate.log 2015-05-18 17:36 - 2015-05-18 17:40 - 00000696 _____ () C:\WINDOWS\setupact.log 2015-05-18 17:36 - 2015-05-18 17:36 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-05-17 18:44 - 2015-05-17 18:36 - 21552218 _____ () C:\Users\Public\spigot-1.8.3-R0.1-SNAPSHOT.jar 2015-05-17 15:53 - 2015-05-17 15:53 - 00015404 _____ () C:\Users\Robin\Downloads\ModifyItems_by_DevNuddel.zip 2015-05-16 01:26 - 2015-05-16 01:26 - 00052586 _____ () C:\Users\Robin\Downloads\840-271043-IPResolver.rar 2015-05-15 21:32 - 2015-05-18 18:01 - 00000000 ____D () C:\Users\Robin\Desktop\Anti 2015-05-15 21:29 - 2015-05-15 21:29 - 02106368 _____ (Farbar) C:\Users\Robin\Downloads\FRST64.exe 2015-05-15 21:29 - 2015-05-15 21:29 - 00000000 ____D () C:\Users\Robin\Desktop\FRST-OlderVersion 2015-05-15 19:49 - 2015-05-18 17:51 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-05-15 19:49 - 2015-05-15 19:49 - 00000829 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-15 19:49 - 2015-05-15 19:49 - 00000829 _____ () C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-15 19:49 - 2015-05-15 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-15 19:49 - 2015-05-15 19:49 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-15 19:49 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-05-15 19:49 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-05-15 19:49 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-05-15 19:48 - 2015-05-15 19:49 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Robin\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-15 19:36 - 2015-05-15 19:36 - 00000112 _____ () C:\WINDOWS\system32\snetcfg.log 2015-05-15 14:50 - 2015-05-15 14:50 - 21552180 _____ () C:\Users\Robin\Downloads\spigot-1.8.3-R0.1-SNAPSHOT-latest(2).jar 2015-05-15 01:06 - 2015-05-15 01:06 - 00000000 ____D () C:\Users\Robin\DownloadsR3CSS 2015-05-15 00:26 - 2015-05-15 00:26 - 02592768 _____ () C:\Users\Robin\Downloads\502022.exe 2015-05-15 00:18 - 2015-05-15 00:18 - 00038912 _____ () C:\Users\Robin\Downloads\ESP3_[www.unknowncheats.me]_.dll 2015-05-14 15:39 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-14 15:39 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-14 13:59 - 2015-05-14 13:59 - 01508908 _____ () C:\Users\Robin\Downloads\gamehacker01.apk 2015-05-13 19:07 - 2015-05-13 19:07 - 96647698 _____ () C:\Users\Robin\Downloads\DNJKXCsadyuift6743wyre.rar 2015-05-13 16:48 - 2015-05-13 16:48 - 00000887 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk 2015-05-13 16:48 - 2015-05-13 16:48 - 00000887 _____ () C:\ProgramData\Desktop\FileZilla Client.lnk 2015-05-13 16:48 - 2015-05-13 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-05-13 16:47 - 2015-05-13 16:47 - 06420600 _____ (Tim Kosse) C:\Users\Robin\Downloads\FileZilla_3.10.3_win64-setup [1].exe 2015-05-13 13:44 - 2015-05-13 13:44 - 00009769 _____ () C:\Users\Robin\Downloads\MoreHearts_V2.1.2.jar 2015-05-13 13:14 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-05-13 13:14 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-05-13 13:14 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-05-13 13:14 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-05-13 13:14 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-05-13 13:14 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-05-13 13:14 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-05-13 13:14 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-05-13 13:14 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-05-13 13:14 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-05-13 13:14 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-05-13 13:14 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2015-05-13 13:14 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-05-13 13:14 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-05-13 13:14 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-05-13 13:14 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-05-13 13:14 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-05-13 13:14 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-05-13 13:14 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-05-13 13:14 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-05-13 13:14 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-05-13 13:14 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-05-13 13:14 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-05-13 13:14 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-05-13 13:14 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-05-13 13:14 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-05-13 13:14 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-05-13 13:14 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-05-13 13:14 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-05-13 13:14 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-05-13 13:14 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-05-13 13:14 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-05-13 13:14 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-05-13 13:14 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-05-13 13:14 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-05-13 13:14 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-05-13 13:14 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-05-13 13:14 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-05-13 13:14 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-05-13 13:14 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-05-13 13:14 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-05-13 13:14 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-05-13 13:14 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-05-13 13:14 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-05-13 13:14 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-05-13 13:14 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-05-13 13:14 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-05-13 13:14 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-05-13 13:14 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2015-05-13 13:14 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll 2015-05-13 13:14 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll 2015-05-13 13:14 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2015-05-13 13:14 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2015-05-13 13:14 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2015-05-13 13:14 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2015-05-13 13:14 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-05-13 13:14 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-05-13 13:14 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-05-13 13:14 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-05-13 13:14 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2015-05-13 13:14 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-05-13 13:14 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2015-05-13 13:14 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2015-05-13 13:14 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys 2015-05-13 13:14 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-05-13 13:14 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-05-13 13:14 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2015-05-13 13:14 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe 2015-05-13 13:14 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe 2015-05-13 13:14 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2015-05-13 13:14 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll 2015-05-13 13:14 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2015-05-13 13:14 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll 2015-05-13 13:14 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-05-13 13:14 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2015-05-13 13:14 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2015-05-13 13:14 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2015-05-13 13:14 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2015-05-12 23:32 - 2015-05-12 23:32 - 00000809 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-05-12 23:32 - 2015-05-12 23:32 - 00000809 _____ () C:\ProgramData\Desktop\VLC media player.lnk 2015-05-12 23:32 - 2015-05-12 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-05-12 23:31 - 2015-05-12 23:31 - 28849904 _____ () C:\Users\Robin\Downloads\vlc-2.2.1-win32.exe 2015-05-12 20:52 - 2015-05-12 20:54 - 00008037 _____ () C:\Users\Robin\Desktop\pexback.txt 2015-05-12 19:49 - 2015-05-12 19:49 - 00062738 _____ () C:\Users\Robin\Downloads\Signs.jar 2015-05-12 16:06 - 2015-05-12 16:06 - 00005668 _____ () C:\Users\Robin\Downloads\TPC.jar 2015-05-11 20:04 - 2015-05-11 20:04 - 00001152 _____ () C:\Users\Public\Desktop\OkayFreedom.lnk 2015-05-11 20:04 - 2015-05-11 20:04 - 00001152 _____ () C:\ProgramData\Desktop\OkayFreedom.lnk 2015-05-11 18:05 - 2015-05-11 18:05 - 00295492 _____ () C:\Users\Robin\Downloads\Vault(1).jar 2015-05-10 18:03 - 2015-05-10 18:03 - 00161622 _____ () C:\Users\Robin\Downloads\Bedwars.jar 2015-05-10 17:26 - 2015-05-11 18:14 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\BRvmkth8tn 2015-05-10 17:26 - 2015-05-10 22:26 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\6483B38F-21FD-4E83-933B-7960BAE72B93 2015-05-10 17:15 - 2015-05-10 17:36 - 00000000 ____D () C:\Users\Robin\Desktop\LELO 2015-05-10 16:18 - 2015-05-10 16:18 - 00320143 _____ () C:\Users\Robin\Downloads\Multiverse-Inventories-2.5.jar 2015-05-10 14:03 - 2015-05-10 14:03 - 00072774 _____ () C:\Users\Robin\Downloads\ClickWarp_v1.3.5.jar 2015-05-10 13:15 - 2015-05-10 13:15 - 00069814 _____ () C:\Users\Robin\Downloads\NametagEdit(1).jar 2015-05-10 12:55 - 2015-05-10 12:55 - 00018694 _____ () C:\Users\Robin\Downloads\Votifier.jar 2015-05-09 23:47 - 2015-05-09 23:48 - 00000000 ____D () C:\Users\Robin\AppData\Local\Arma 3 Launcher 2015-05-09 23:24 - 2015-05-09 23:24 - 00069814 _____ () C:\Users\Robin\Downloads\NametagEdit.jar 2015-05-09 23:00 - 2015-05-09 23:00 - 00141230 _____ () C:\Users\Robin\Downloads\Jobs(1).jar 2015-05-09 22:48 - 2015-05-09 22:48 - 00337004 _____ () C:\Users\Robin\Downloads\Vault-1.4.1.jar 2015-05-09 22:23 - 2015-05-09 22:23 - 00994563 _____ () C:\Users\Robin\Downloads\Citizens(1).jar 2015-05-09 21:51 - 2015-05-09 21:51 - 00080090 _____ () C:\Users\Robin\Downloads\ucars.jar 2015-05-09 21:49 - 2015-05-09 21:49 - 00557989 _____ () C:\Users\Robin\Downloads\pvparena-1.0.jar 2015-05-09 21:49 - 2015-05-09 21:49 - 00064499 _____ () C:\Users\Robin\Downloads\RewardMe.jar 2015-05-09 21:46 - 2015-05-09 21:46 - 00388562 _____ () C:\Users\Robin\Downloads\MobArena.jar 2015-05-09 21:45 - 2015-05-09 21:45 - 00043355 _____ () C:\Users\Robin\Downloads\Lift.jar 2015-05-09 21:44 - 2015-05-09 21:44 - 00045577 _____ () C:\Users\Robin\Downloads\JumpBlocks.jar 2015-05-09 21:43 - 2015-05-09 22:58 - 00144443 _____ () C:\Users\Robin\Downloads\Jobs.jar 2015-05-09 21:41 - 2015-05-09 21:41 - 00023155 _____ () C:\Users\Robin\Downloads\InfiniteDispensersAndDroppers.jar 2015-05-09 21:40 - 2015-05-09 21:40 - 00020826 _____ () C:\Users\Robin\Downloads\HolographicDisplaysPatch.jar 2015-05-09 21:39 - 2015-05-09 21:39 - 00005600 _____ () C:\Users\Robin\Downloads\GiftBox.jar 2015-05-09 21:37 - 2015-05-09 21:37 - 00087914 _____ () C:\Users\Robin\Downloads\FoundDiamonds.jar 2015-05-09 21:36 - 2015-05-09 21:36 - 00030467 _____ () C:\Users\Robin\Downloads\EXPBank.jar 2015-05-09 21:34 - 2015-05-09 21:34 - 00999688 _____ () C:\Users\Robin\Downloads\EchoPet-v2.5.0.jar 2015-05-09 21:34 - 2015-05-09 21:34 - 00061365 _____ () C:\Users\Robin\Downloads\EasyJetpack-1.3.jar 2015-05-09 21:33 - 2015-05-09 21:33 - 00005484 _____ () C:\Users\Robin\Downloads\ClearChat.jar 2015-05-09 21:27 - 2015-05-09 21:27 - 00464787 _____ () C:\Users\Robin\Downloads\LWC(1).jar 2015-05-09 20:32 - 2015-05-09 20:32 - 00796070 _____ () C:\Users\Robin\Downloads\BanManager.jar 2015-05-09 20:24 - 2015-05-09 20:24 - 00021939 _____ () C:\Users\Robin\Downloads\1.8NameTags.jar 2015-05-09 19:55 - 2015-05-09 19:55 - 00142677 _____ () C:\Users\Robin\Downloads\BlockHunt_v0.2.0_BETA_B5.jar 2015-05-09 19:54 - 2015-05-09 19:54 - 00236210 _____ () C:\Users\Robin\Downloads\LibsDisguises.jar 2015-05-09 19:38 - 2015-05-09 19:38 - 00061445 _____ () C:\Users\Robin\Downloads\DolphinSpleef.jar 2015-05-09 19:24 - 2015-05-09 19:26 - 00040697 _____ () C:\Users\Robin\Downloads\KillCounter.jar 2015-05-09 19:01 - 2015-05-09 19:01 - 00384921 _____ () C:\Users\Robin\Downloads\CustomSpawners.jar 2015-05-09 19:00 - 2015-05-09 19:01 - 00959115 _____ () C:\Users\Robin\Downloads\Citizens.jar 2015-05-09 18:49 - 2015-05-09 18:49 - 00778914 _____ () C:\Users\Robin\Downloads\NoCheatPlus(3).jar 2015-05-09 18:48 - 2015-05-09 18:48 - 00079410 _____ () C:\Users\Robin\Downloads\TagAPI(1).jar 2015-05-09 18:38 - 2015-05-09 18:38 - 00156171 _____ () C:\Users\Robin\Downloads\SurvivalGamesPlus.jar 2015-05-09 18:36 - 2015-05-09 18:36 - 00128587 _____ () C:\Users\Robin\Downloads\PortableHorses.jar 2015-05-09 18:36 - 2015-05-09 18:36 - 00052259 _____ () C:\Users\Robin\Downloads\LagMeter.jar 2015-05-09 18:34 - 2015-05-09 18:34 - 00078240 _____ () C:\Users\Robin\Downloads\HealthBar.jar 2015-05-09 18:33 - 2015-05-09 18:33 - 00008495 _____ () C:\Users\Robin\Downloads\iControlU.jar 2015-05-09 18:31 - 2015-05-09 18:31 - 01315785 _____ () C:\Users\Robin\Downloads\ProtocolLib-3.4.0.jar 2015-05-09 17:12 - 2015-05-09 17:14 - 00000000 ____D () C:\Users\Robin\Desktop\McCracked 2015-05-09 00:25 - 2015-05-09 00:25 - 00449896 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys 2015-05-09 00:25 - 2015-05-09 00:25 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe 2015-05-09 00:25 - 2015-05-09 00:25 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr 2015-05-07 20:21 - 2015-05-07 20:21 - 21552180 _____ () C:\Users\Robin\Downloads\spigot-1.8.3-R0.1-SNAPSHOT-latest(1).jar 2015-05-07 20:11 - 2015-05-07 20:12 - 00391418 _____ () C:\Users\Robin\Downloads\craftconomy3-3.1.6.jar 2015-05-07 19:55 - 2015-05-07 19:55 - 02804018 _____ () C:\Users\Robin\Downloads\craftconomy3-3.2.2-20150426.141214-9.jar 2015-05-07 17:27 - 2015-05-07 17:27 - 02803105 _____ () C:\Users\Robin\Downloads\craftconomy3-3.2.1.jar 2015-05-07 17:19 - 2015-05-07 17:19 - 00034852 _____ () C:\Users\Robin\Downloads\mwmoney.jar 2015-05-06 19:16 - 2015-05-06 19:16 - 00325807 _____ () C:\Users\Robin\Downloads\Multiverse-Core-2.4(1).jar 2015-05-06 19:01 - 2015-05-06 19:01 - 00079986 _____ () C:\Users\Robin\Downloads\ChatEx(2).jar 2015-05-06 18:43 - 2015-05-06 18:43 - 00724333 _____ () C:\Users\Robin\Downloads\PermissionsEx-1.23.2.jar 2015-05-06 18:20 - 2015-05-06 18:20 - 00934263 _____ () C:\Users\Robin\Downloads\OptiFine_1.8.3_HD_U_D3.jar 2015-05-06 18:04 - 2015-05-06 18:05 - 09601387 _____ () C:\Users\Robin\Downloads\world.rar 2015-05-06 17:58 - 2015-05-06 17:58 - 21550052 _____ () C:\Users\Robin\Downloads\spigot-1.8.3-R0.1-SNAPSHOT-latest.jar 2015-05-06 17:57 - 2015-05-06 17:57 - 00849775 _____ () C:\Users\Robin\Downloads\spigot-api-1.8.3-R0.1-SNAPSHOT-latest.jar 2015-05-06 16:26 - 2015-05-06 16:26 - 00166222 _____ () C:\Users\Robin\Downloads\iConomy(2).jar 2015-05-06 13:31 - 2015-05-06 13:32 - 00000000 ____D () C:\Users\Robin\Desktop\MeynPvP 2015-05-05 22:51 - 2015-05-12 23:32 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\vlc 2015-05-05 15:55 - 2015-05-05 15:55 - 00003572 _____ () C:\Users\Robin\Downloads\easystack.jar 2015-05-05 14:44 - 2015-05-05 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT 2015-05-04 21:27 - 2015-04-27 12:55 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2015-05-04 21:27 - 2015-04-27 12:55 - 00207272 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2015-05-04 21:27 - 2015-04-27 12:55 - 00206760 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2015-05-04 21:26 - 2015-05-04 21:26 - 31239592 _____ (Oracle Corporation) C:\Users\Robin\Downloads\jre-7u80-windows-x64.exe 2015-05-04 20:43 - 2015-05-04 20:43 - 00087222 _____ () C:\Users\Robin\Downloads\SimpleBroadcast.jar 2015-05-04 20:30 - 2015-05-04 20:30 - 20610577 _____ () C:\Users\Robin\Downloads\spigot-1.7.10-SNAPSHOT-b1657.jar 2015-05-03 22:18 - 2015-05-03 22:19 - 19503694 _____ () C:\Users\Public\spigot1659.jar 2015-05-03 21:56 - 2015-05-03 21:56 - 00003192 _____ () C:\Users\Robin\Downloads\permissions (2).yml 2015-05-03 19:06 - 2015-05-03 19:06 - 00035573 _____ () C:\Users\Robin\Downloads\ChatLib_v1.2.jar 2015-05-02 16:32 - 2015-05-02 16:32 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Software Tool 2015-05-01 01:01 - 2015-05-01 01:01 - 00125403 _____ () C:\Users\Robin\Downloads\SAPPlugin-0.9.35-SNAPSHOT.jar 2015-04-30 16:35 - 2015-04-30 17:20 - 00000000 ____D () C:\Users\Robin\.zenmap 2015-04-30 16:35 - 2015-04-30 16:35 - 00000000 ____D () C:\Program Files\WinPcap 2015-04-30 16:34 - 2015-04-30 16:34 - 27111830 _____ (Insecure.org) C:\Users\Robin\Downloads\nmap-6.47-setup.exe 2015-04-28 22:02 - 2015-04-28 22:04 - 00000000 ____D () C:\Users\Robin\Desktop\JTS3ServerMod_5.4.2 2015-04-27 20:58 - 2015-01-24 16:46 - 01568433 _____ () C:\Users\Public\worldedit-bukkit-6.0.jar 2015-04-27 20:58 - 2015-01-20 20:25 - 01309613 _____ () C:\Users\Public\worldguard-6.0.0-beta-05.jar 2015-04-27 14:22 - 2015-04-27 14:22 - 00003362 _____ () C:\Users\Robin\Downloads\RunAs.jar 2015-04-27 13:05 - 2015-04-27 13:05 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\JetBrains 2015-04-27 13:04 - 2015-04-27 13:04 - 00000727 _____ () C:\Users\Public\Desktop\IntelliJ IDEA Community Edition 14.1.2.lnk 2015-04-27 13:04 - 2015-04-27 13:04 - 00000727 _____ () C:\ProgramData\Desktop\IntelliJ IDEA Community Edition 14.1.2.lnk 2015-04-27 13:04 - 2015-04-27 13:04 - 00000000 ____D () C:\Users\Robin\.IdeaIC14 2015-04-27 13:04 - 2015-04-27 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains 2015-04-27 13:03 - 2015-04-27 13:03 - 204364624 _____ () C:\Users\Robin\Downloads\ideaIC-14.1.2.exe 2015-04-27 12:55 - 2015-05-04 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-04-27 12:55 - 2015-04-27 12:55 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2015-04-27 12:49 - 2015-04-27 12:49 - 189180832 _____ (Oracle Corporation) C:\Users\Robin\Downloads\jdk-8u45-windows-x64.exe 2015-04-27 12:47 - 2015-04-27 12:47 - 00000000 _____ () C:\WINDOWS\system32\RENE4BD.tmp 2015-04-27 11:55 - 2015-04-27 11:51 - 00218502 _____ () C:\Users\Public\fanciful-0.3.3-20150330.224758-1.jar 2015-04-27 11:37 - 2015-04-27 11:37 - 00010677 _____ () C:\Users\Robin\Downloads\JSONWriter.java 2015-04-26 14:47 - 2015-04-26 14:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2015-04-25 22:46 - 2015-04-25 22:46 - 00040732 _____ () C:\Users\Robin\Downloads\Hack4Fun.jar 2015-04-25 18:47 - 2015-04-25 18:47 - 00467904 _____ () C:\Users\Robin\Downloads\XBCDv107.exe 2015-04-25 18:47 - 2015-04-25 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XBCD 2015-04-25 18:40 - 2015-04-25 18:40 - 00000000 ____D () C:\Users\Robin\AppData\Local\Skyrim 2015-04-25 11:58 - 2015-04-25 11:58 - 00000000 ____D () C:\Users\Robin\Desktop\GTA Garage Editor By SonOfABeach v1.03 2015-04-24 22:30 - 2015-04-24 22:30 - 00000000 ____D () C:\WINDOWS\Sun 2015-04-24 22:13 - 2015-04-24 22:13 - 00004315 _____ () C:\Users\Robin\Downloads\Funktion.java 2015-04-24 20:25 - 2015-04-24 20:25 - 00002062 _____ () C:\Users\Robin\Downloads\BetterReloadjar.jar 2015-04-24 18:26 - 2015-04-25 00:25 - 00000000 ____D () C:\Users\Robin\Desktop\GTAOTunaEditor 2015-04-24 13:40 - 2015-04-24 13:40 - 06484352 _____ (Piriform Ltd) C:\Users\Robin\Downloads\ccsetup505.exe 2015-04-24 00:04 - 2015-05-07 23:11 - 00000000 ____D () C:\Users\Robin\Desktop\print 2015-04-23 18:53 - 2015-04-23 18:53 - 00000904 _____ () C:\Users\Robin\Desktop\µTorrent.lnk 2015-04-23 18:53 - 2015-04-23 18:53 - 00000884 _____ () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-04-23 18:36 - 2015-04-23 18:36 - 01744976 _____ (BitTorrent Inc.) C:\Users\Robin\Downloads\uTorrent.exe 2015-04-23 17:56 - 2015-05-18 18:02 - 00000000 ____D () C:\FRST 2015-04-23 16:13 - 2015-05-18 17:39 - 00000000 ____D () C:\AdwCleaner 2015-04-23 16:13 - 2015-04-23 16:13 - 02217984 _____ () C:\Users\Robin\Downloads\adwcleaner_4.201.exe 2015-04-22 22:53 - 2015-04-22 22:53 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\tor 2015-04-22 21:00 - 2015-05-16 19:54 - 00000080 _____ () C:\Users\Robin\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦 2015-04-22 19:50 - 2015-04-22 20:28 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\YaTQA 2015-04-22 19:49 - 2015-04-22 19:49 - 01262420 _____ () C:\Users\Robin\Downloads\YaTQA_setup.exe 2015-04-22 19:49 - 2015-04-22 19:49 - 00000712 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk 2015-04-22 18:44 - 2015-04-22 20:12 - 00000290 _____ () C:\Users\Robin\Documents\TeamSpeakRechte.txt 2015-04-21 17:02 - 2015-04-21 17:02 - 00231376 _____ (TrueCrypt Foundation) C:\WINDOWS\system32\Drivers\truecrypt.sys 2015-04-21 17:01 - 2015-04-21 17:01 - 03466248 _____ (TrueCrypt Foundation) C:\Users\Robin\Downloads\truecrypt_setup_7.1a.exe 2015-04-21 16:59 - 2015-04-21 16:59 - 00008163 _____ () C:\Users\Robin\Downloads\sempervideo-amazon-de.xml 2015-04-20 19:45 - 2015-04-20 19:45 - 00000000 ____D () C:\Users\Robin\AppData\Local\Overwolf 2015-04-19 16:10 - 2015-04-19 16:10 - 00000540 _____ () C:\Users\Public\Desktop\Fraps.lnk 2015-04-19 16:10 - 2015-04-19 16:10 - 00000540 _____ () C:\ProgramData\Desktop\Fraps.lnk 2015-04-19 16:10 - 2015-04-19 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-04-18 19:09 - 2015-04-18 19:09 - 00052514 _____ () C:\Users\Robin\Downloads\minecraftjoinbot.rar 2015-04-18 18:10 - 2015-04-18 18:10 - 00000000 ____D () C:\Users\Robin\Desktop\JavaDoc GameLIB ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2098-01-01 01:59 - 2015-03-21 15:31 - 02598568 _____ () C:\Users\Robin\Downloads\libg.so 2015-05-18 18:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-05-18 17:52 - 2015-01-21 21:41 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-18 17:47 - 2014-12-25 05:33 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Steganos VPN 2015-05-18 17:46 - 2015-01-22 04:06 - 01785100 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-05-18 17:46 - 2013-09-05 15:07 - 00767024 _____ () C:\WINDOWS\system32\perfh007.dat 2015-05-18 17:46 - 2013-09-05 15:07 - 00160370 _____ () C:\WINDOWS\system32\perfc007.dat 2015-05-18 17:41 - 2015-02-14 20:40 - 00000000 ____D () C:\Users\Robin\AppData\Local\Spotify 2015-05-18 17:41 - 2015-02-14 20:37 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Spotify 2015-05-18 17:41 - 2015-01-22 04:10 - 00000000 __RDO () C:\Users\Robin\SkyDrive 2015-05-18 17:40 - 2015-01-23 22:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Skype 2015-05-18 17:40 - 2015-01-22 16:28 - 00000000 ____D () C:\ProgramData\VMware 2015-05-18 17:40 - 2015-01-22 04:00 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-05-18 17:40 - 2015-01-21 21:41 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-18 17:40 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-05-18 17:39 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2015-05-18 17:36 - 2015-02-11 02:22 - 00000000 ____D () C:\Users\Robin\AppData\Local\HTC MediaHub 2015-05-18 17:07 - 2015-02-06 01:19 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\.minecraft 2015-05-18 15:29 - 2015-01-22 04:11 - 00000000 ____D () C:\Users\Robin\AppData\Local\Adobe 2015-05-18 15:25 - 2015-01-08 16:09 - 00000000 ____D () C:\Users\Robin\AppData\Local\Eclipse 2015-05-18 15:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp 2015-05-17 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-05-17 17:30 - 2015-01-09 17:17 - 00001001 _____ () C:\Users\Robin\Downloads\fakZahlEingabe.java 2015-05-17 16:28 - 2015-01-22 05:14 - 00000000 ____D () C:\ProgramData\Origin 2015-05-17 15:58 - 2015-01-06 23:28 - 00000000 ____D () C:\Users\Robin\Desktop\jd-gui-0.3.6.windows 2015-05-17 02:08 - 2014-12-27 17:23 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\uTorrent 2015-05-17 01:36 - 2014-12-25 05:55 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\FileZilla 2015-05-16 23:47 - 2015-01-21 21:41 - 00004106 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-16 23:47 - 2015-01-21 21:41 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-16 15:03 - 2014-12-25 05:49 - 00000000 ____D () C:\Users\Robin\AppData\Local\ftblauncher 2015-05-16 15:00 - 2015-03-04 18:54 - 06628862 _____ () C:\Users\Robin\Downloads\FTB_Launcher.exe 2015-05-16 15:00 - 2015-01-14 20:35 - 04697768 _____ () C:\Users\Robin\Desktop\TechnicLauncher.exe 2015-05-16 15:00 - 2014-12-25 05:49 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\ftblauncher 2015-05-15 21:49 - 2015-01-22 04:06 - 00000000 ____D () C:\Users\Robin 2015-05-15 21:31 - 2015-01-03 14:15 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\VMware 2015-05-15 21:31 - 2015-01-03 14:15 - 00000000 ____D () C:\Users\Robin\AppData\Local\VMware 2015-05-15 20:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Globalization 2015-05-15 19:36 - 2015-02-01 11:05 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang 2015-05-15 14:07 - 2013-08-22 16:44 - 05177488 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-05-15 02:10 - 2014-12-25 21:47 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\OBS 2015-05-14 22:25 - 2015-03-10 03:12 - 00000600 _____ () C:\Users\Robin\AppData\Roaming\winscp.rnd 2015-05-14 16:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2015-05-14 15:40 - 2015-01-22 05:45 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-14 15:40 - 2015-01-21 20:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-05-14 15:40 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-05-14 15:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2015-05-14 15:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers 2015-05-14 15:38 - 2015-01-22 04:24 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-05-14 15:36 - 2015-01-22 04:24 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-05-14 15:35 - 2013-08-22 15:25 - 00000167 _____ () C:\WINDOWS\win.ini 2015-05-14 14:09 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries 2015-05-13 18:45 - 2015-03-18 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-05-13 18:45 - 2015-03-18 17:44 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-13 18:45 - 2015-02-27 01:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-05-13 18:43 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-12 12:13 - 2014-12-25 05:55 - 00001399 _____ () C:\Users\Robin\Desktop\xaddo.txt 2015-05-11 22:01 - 2014-12-28 10:40 - 00000000 ____D () C:\Users\Robin\Desktop\Öffnen 2015-05-11 20:04 - 2015-02-10 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom 2015-05-11 20:04 - 2015-01-24 00:27 - 00000000 ____D () C:\Program Files (x86)\OkayFreedom 2015-05-11 19:53 - 2015-01-27 16:36 - 00000000 ____D () C:\Users\Robin\AppData\Local\CrashDumps 2015-05-11 15:41 - 2015-01-22 04:07 - 00000000 ____D () C:\Users\Robin\AppData\Local\Packages 2015-05-09 23:50 - 2015-02-14 05:16 - 00000000 ____D () C:\Users\Robin\AppData\Local\Arma 3 2015-05-09 00:25 - 2015-01-22 04:55 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-05-09 00:25 - 2015-01-22 04:53 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-05-07 22:51 - 2015-04-01 01:09 - 00000000 ____D () C:\Users\Robin\Desktop\BungeeTest 2015-05-05 19:59 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-05-05 19:59 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-05 14:48 - 2014-12-25 20:32 - 00000000 ____D () C:\Users\Robin\Desktop\ROCCAT 2015-05-05 14:44 - 2015-01-22 04:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-05-05 14:34 - 2015-01-22 05:06 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-04 21:27 - 2015-01-22 05:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-05-03 14:31 - 2015-01-22 22:58 - 00000000 ____D () C:\Users\Robin\Desktop\[www.OldSchoolHack.de]_Titanium v0.01 2015-05-01 01:41 - 2014-12-25 06:01 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Origin 2015-04-30 22:50 - 2015-01-22 20:58 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\TeamViewer 2015-04-29 16:13 - 2015-01-23 22:55 - 00000000 ____D () C:\ProgramData\Skype 2015-04-29 15:36 - 2015-03-17 00:07 - 00022063 _____ () C:\Users\Robin\Documents\Acc.txt 2015-04-27 12:52 - 2015-01-22 04:51 - 00000000 ____D () C:\ProgramData\Oracle 2015-04-25 18:39 - 2015-01-03 13:36 - 00000000 ____D () C:\Users\Robin\Documents\My Games 2015-04-24 13:41 - 2015-01-30 00:12 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-04-24 13:41 - 2015-01-30 00:12 - 00000841 _____ () C:\ProgramData\Desktop\CCleaner.lnk 2015-04-24 13:41 - 2015-01-30 00:12 - 00000000 ____D () C:\Program Files\CCleaner 2015-04-23 18:21 - 2015-02-14 04:57 - 00000000 ____D () C:\Users\Robin\AppData\Local\NVIDIA 2015-04-23 18:18 - 2015-01-22 04:00 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-04-23 18:18 - 2014-12-25 14:00 - 00000000 ____D () C:\Users\Robin\AppData\Local\NVIDIA Corporation 2015-04-23 16:17 - 2015-01-22 05:38 - 00000000 ____D () C:\WINDOWS\system32\log 2015-04-23 15:46 - 2015-03-25 14:45 - 00022613 _____ () C:\Users\Robin\Downloads\FTPPasswordKracker.zip 2015-04-23 15:46 - 2015-01-20 19:22 - 15455032 _____ () C:\Users\Robin\Downloads\Hard DDOS Server Free.(1).zip 2015-04-23 15:46 - 2015-01-20 18:21 - 15455032 _____ () C:\Users\Robin\Downloads\Hard DDOS Server Free..zip 2015-04-23 15:44 - 2015-01-20 20:30 - 00001870 _____ () C:\Users\Robin\Downloads\ACC2014KG(Updated).rar 2015-04-23 15:16 - 2015-02-05 17:11 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2015-04-22 21:24 - 2015-04-16 22:53 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\mathegrafix 2015-04-20 00:38 - 2015-02-18 23:22 - 00007653 _____ () C:\Users\Robin\AppData\Local\Resmon.ResmonCfg ==================== Files in the root of some directories ======= 2015-02-04 22:30 - 2015-02-04 23:17 - 0000132 _____ () C:\Users\Robin\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-02-18 14:23 - 2015-02-18 14:30 - 0000132 _____ () C:\Users\Robin\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen 2015-01-20 21:09 - 2015-01-20 21:14 - 98731008 _____ (MAGIX AG) C:\Users\Robin\AppData\Roaming\Video_Pro_X.exe 2015-03-10 03:12 - 2015-05-14 22:25 - 0000600 _____ () C:\Users\Robin\AppData\Roaming\winscp.rnd 2015-01-23 23:32 - 2015-01-23 23:32 - 10124389 _____ () C:\Users\Robin\AppData\Roaming\xulrunner.zip 2015-04-07 13:15 - 2015-04-07 13:15 - 0385602 _____ () C:\Users\Robin\AppData\Local\5D515C96_stp.CIS 2015-04-07 13:15 - 2015-04-07 13:15 - 0000220 _____ () C:\Users\Robin\AppData\Local\5D515C96_stp.CIS.part 2015-02-04 23:01 - 2015-02-04 23:01 - 0001456 _____ () C:\Users\Robin\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-04-06 19:40 - 2015-04-06 19:40 - 28579392 _____ (Sony Mobile Communications ) C:\Users\Robin\AppData\Local\pcc.exe 2015-04-14 16:46 - 2015-04-14 16:46 - 0008288 ____H () C:\Users\Robin\AppData\Local\Plugin.dat 2014-12-28 04:59 - 2015-03-09 13:09 - 0000600 _____ () C:\Users\Robin\AppData\Local\PUTTY.RND 2014-12-30 08:28 - 2014-12-30 08:28 - 0001568 _____ () C:\Users\Robin\AppData\Local\recently-used.xbel 2015-02-18 23:22 - 2015-04-20 00:38 - 0007653 _____ () C:\Users\Robin\AppData\Local\Resmon.ResmonCfg 2015-01-22 04:00 - 2015-01-22 04:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP: ==================== C:\Users\Robin\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-11 23:25 ==================== End Of Log ============================ --- --- --- |
|
20.05.2015, 21:23
| #14 |
| /// TB-Ausbilder | Remote Zugriff auf meinen Computer? Sieht soweit ok aus. Der ESET Scan dauert länger. Downloade Dir bitte  SecurityCheck und:
ESET Online Scanner
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
22.05.2015, 18:10
| #15 |
| | Remote Zugriff auf meinen Computer?Code:
ATTFilter Results of screen317's Security Check version 1.001 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java version 32-bit out of Date! Adobe Flash Player 17.0.0.169 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (37.0.1) Mozilla Thunderbird (31.4.0) Google Chrome (42.0.2311.135) Google Chrome (42.0.2311.152) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast afwServ.exe AVAST Software Avast ng vbox\AvastVBoxSVC.exe AVAST Software Avast ng ngservice.exe AVAST Software Avast avastui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter C:\Documents and Settings\Robin\Downloads\furmark - CHIP Installer.exe Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung
C:\Documents and Settings\Robin\Downloads\MCPatcherPro.exe Win32/Somoto.P evtl. unerwünschte Anwendung
C:\Documents and Settings\Robin\Downloads\Prime95 - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Documents and Settings\Robin\Downloads\Snipping Tool Plus - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Robin\Downloads\furmark - CHIP Installer.exe Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung
C:\Users\Robin\Downloads\MCPatcherPro.exe Win32/Somoto.P evtl. unerwünschte Anwendung
C:\Users\Robin\Downloads\Prime95 - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Robin\Downloads\Snipping Tool Plus - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\bugreport.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\curlpp.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\feedback.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iCommon.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iCommu.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iddmgr.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iDesk.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll Variante von Win32/ELEX.BP evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\ipcdl.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\ipcproxy.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafe.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafeadfv.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeAdless.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafebase.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafebs.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeCheckEngine.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafechlp.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafeclc.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafeclcv.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafeclean.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeDisp.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeEngineBase.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeEngineDisp.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafehrv.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlBoot.sys Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall64.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMonCall.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafeLottery.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafemadwc.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafembp.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafemc.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafemclv.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafemgc.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeMon.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeMon64.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafemoptv.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafemsmv.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafemvsv.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeNetFilter.sys Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafenpf.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeRKScanShell64.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll Variante von Win32/ELEX.CR evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafesmgr.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafesopt.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafesptv.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafesv.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp64.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\isafeupbiz.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSafeVirusScanner.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iStart.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSvc.dll Variante von Win32/ELEX.CS evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iSvc2.dll Win32/ELEX.BX evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iTPDesk.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iTPFeedback.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iTPFloaty.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iTPMsgCenter.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iTpNodisturb.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iTPProtect.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iTPPush.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iTPStartupAssist.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\iTPVirus.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\libcurl.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\libeay32.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\libpng.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\ouilibx.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\sqlite3x64.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\ssleay32.dll Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\uninstall.exe Variante von Win32/ELEX.DB evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\YACcleaner.exe Variante von Win32/ELEX.CC evtl. unerwünschte Anwendung
D:\Program Files (x86)\Elex-tech\YAC\YacLuckySpin.exe Win32/ELEX.CW evtl. unerwünschte Anwendung
D:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\PD2APIDLL1.dll Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung
|
|
| Themen zu Remote Zugriff auf meinen Computer? |
| 100%, appdata, autostart, avast, beim starten, computer, entfernen, error, frage, gebraucht, hintergrund, keylogger, maus, namen, nicht mehr, ordner, problem, programm, prozess, registry, remote, router, sekunden, starten, task-manager |
Linear-Darstellung
