Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Computer fahrt nicht herunter

Computer fahrt nicht herunter


Plagegeister aller Art und deren Bekämpfung: Computer fahrt nicht herunter

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 29.06.2015, 17:11   #4
sezer0012
 
Computer fahrt nicht herunter - Standard

Computer fahrt nicht herunter


Additional

Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Admin at 2015-06-29 16:36:08
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-3517765046-3236710159-937760421-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3517765046-3236710159-937760421-500 - Administrator - Disabled)
Guest (S-1-5-21-3517765046-3236710159-937760421-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3517765046-3236710159-937760421-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Camtasia Studio 8 (HKLM-x32\...\{645B4291-26F6-4AE0-859A-C1FDD7407143}) (Version: 8.5.1.1962 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CycoreFX HD 1.6.1 for After Effects (HKLM-x32\...\CycoreFX HD 1.6.1 for After Effects) (Version:  - )
Cyperia (HKLM-x32\...\{CA9F6B5A-2C32-4CB3-8635-390AB45A8C49}) (Version: 2.0 - Cyperia)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ffdshow x64 v1.3.4500 [2013-01-06] (HKLM\...\ffdshow64_is1) (Version: 1.3.4500.0 - )
FileZilla Client 3.10.1.1 (HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.12.53.113 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.53.113 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.3 (x32 Version: 1.3.21014.1603 - Microsoft Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HWiNFO64 Version 4.48 (HKLM\...\HWiNFO64_is1) (Version: 4.48 - Martin Malík - REALiX)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.10 - PACE Anti-Piracy)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.3.6.2 (HKLM-x32\...\{9F410B70-8A45-4F28-985E-F9731219BCBC}) (Version: 4.3.6.2 - The Document Foundation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 4 (HKLM-x32\...\{74d92646-2565-4a60-8008-448470da91db}) (Version: 12.0.31101.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (HKLM\...\SDKSetup_7.0.7600.16385.40715) (Version: 7.0.7600.16385.40715 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
MorphVOX Pro (HKLM-x32\...\{53AB1F25-D607-4B4D-8FD5-74E03F2F9414}) (Version: 4.4.7 - Screaming Bee)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSM2MSI_gstudio (HKLM-x32\...\{C53F001E-5912-4E76-AC49-9AC20B36B1A2}) (Version: 2.0 - Pantaray)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA Cg Toolkit 3.1 April 2012 (HKLM-x32\...\Cg Toolkit_is1) (Version:  - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PE Explorer 1.99 R6 (HKLM-x32\...\PE Explorer_is1) (Version: 1.99.6 - Heaventools Software)
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Python 3.4.2 (HKLM-x32\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation)
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RAMDisk (HKLM-x32\...\{D004B255-9786-44EC-B8BF-233168CADA22}) (Version: 4.3.0.1 - Dataram, Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
Reign Of Kings (HKLM-x32\...\Steam App 344760) (Version:  - Code}{atch)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
SciTE4AutoIt3 14.801.2025.0 (HKLM-x32\...\SciTE4AutoIt3) (Version: 14.801.2025.0 - Jos van der Zande)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab (HKLM-x32\...\{B35DBBD7-B42E-494A-8913-431A2E448131}) (Version: 6.1.1.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{C010EBFB-15CD-4B51-8E84-A5A88D0F76C8}) (Version: 6.1.5.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Enigma Protector v4.30 Build 20150225 (HKLM-x32\...\The Enigma Protector x64_is1) (Version:  - The Enigma Protector Developers Team)
The Enigma Protector v4.30 Build 20150225 (HKLM-x32\...\The Enigma Protector_is1) (Version:  - The Enigma Protector Developers Team)
THX TruStudio Pro (HKLM-x32\...\{82F99DC9-389A-4528-940C-88248731A620}) (Version: TAMB-CVS1D-1-LB R07 - Creative Technology Limited)
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version:  - Creative Assembly)
TP-LINK-Clientinstallationsprogramm (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
USB Dual Vibration Joystick (HKLM-x32\...\{56DD3770-2EF5-42D0-BA5A-A8135E9D4A9E}) (Version: 1.2002.10,14 - )
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Very Sleepy CS version 0.90 (HKLM\...\Very Sleepy CS_is1) (Version: 0.90 - thecybershadow.net)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VMProtect Ultimate v 2.13 (HKLM-x32\...\VMProtect Ultimate_is1) (Version: 2.13 - VMProtect Software)
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3517765046-3236710159-937760421-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-01-02 21:56 - 2015-03-28 19:19 - 00001971 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FD82086-49EC-443B-B5E6-2720EBD2F64C} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {1722436C-0CB1-4616-B4B1-F202E0D9CCB0} - System32\Tasks\Java(TM) Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation)
Task: {1A467A5C-B33C-46C2-B536-3492E2612FFD} - System32\Tasks\{BC5D506A-9DA4-4C09-AB60-371F4F181D2B} => pcalua.exe -a C:\Users\Admin\Downloads\vcredist_x86.exe -d C:\Users\Admin\Downloads
Task: {2356229B-0100-419F-ADD1-59E27844D0F0} - System32\Tasks\{7ACAE7BA-C997-4334-B96A-938D440C91F7} => Chrome.exe hxxp://ui.skype.com/ui/0/7.5.80.102/de/abandoninstall?page=tsProgressBar
Task: {26321E3F-D10C-45E5-A4E6-982DD14CCF5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {319C0FF0-5744-491B-BE54-CEC20F526B97} - System32\Tasks\AntiBrowserSpy => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
Task: {3A243A9D-CF17-4244-8882-6849F41A5831} - System32\Tasks\{C7BFAA56-789E-4B37-91DF-D24C128C2BDF} => pcalua.exe -a C:\Users\Admin\Downloads\s4league_us_downloader.exe -d C:\Users\Admin\Downloads
Task: {66631675-F829-481B-B180-9DF7C39B27C0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {676810AF-D232-4FE7-9DD6-AD24E3FFCFE8} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-13] (Microsoft Corporation)
Task: {681F10C5-0C39-4DC7-9A54-7AFADC0F6D57} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {7065917F-ADE4-44B8-A78A-5438CBA76AF8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {70B29AEF-56B2-4832-B11E-53A8AC7B33B7} - System32\Tasks\{0408E44C-9BFD-42EF-9708-401413F6058C} => pcalua.exe -a C:\Users\Admin\Downloads\ava_de_downloader.exe -d C:\Users\Admin\Downloads
Task: {8B8F6D30-6EB8-49DF-B2E5-19FE4AA89917} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-05] (Google Inc.)
Task: {99290526-B746-4784-931F-E9CC8756A520} - System32\Tasks\{0425EB1D-CC4C-449B-9F82-B6585BB753BB} => pcalua.exe -a C:\Users\Admin\Downloads\BP_Installer.exe -d C:\Users\Admin\Downloads
Task: {9DA48FDA-47DE-4591-99A3-335D495BBCE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {A0599987-5995-4174-82D5-241CD38EE1A6} - System32\Tasks\{BF1A98F6-D3BE-4ED1-89FE-F640E82C2190} => pcalua.exe -a "C:\Users\Admin\Desktop\Mehr\Wichtige Ordners\ImgTool\Spark.exe" -d "C:\Users\Admin\Desktop\Mehr\Wichtige Ordners\ImgTool"
Task: {C6C35280-C000-4720-9AAE-0AC73FB6CC3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-05] (Google Inc.)
Task: {C73DA2C8-D6BF-4CC7-8C67-03D4AA36893A} - System32\Tasks\{4861BBAF-0E20-4F31-BC6E-A7BCE6964429} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {C7D171E7-87CA-4513-91BD-9A6E9B04F7BF} - System32\Tasks\Badosoft\Privacy Optimizer => C:\Program Files (x86)\Badosoft\Privacy Optimizer FREE\PrivacyOptimizerFREE.exe
Task: {D101035F-22E4-4391-BEB1-87F643E7EE64} - System32\Tasks\{80F23E1A-6578-44F4-896A-FA450D5D87CE} => pcalua.exe -a C:\AOE3\setup.exe -d C:\AOE3
Task: {DC75398A-3B2C-4D43-8C77-A2058B0C27AD} - System32\Tasks\ReviverSoft Start Menu Run once task => C:\SkinPack\StartMenu\StartMenuReviver.exe
Task: {E57DE421-6C32-4F01-AC46-483C0F823701} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-25] (Adobe Systems Incorporated)
Task: {FD13D891-34D7-4670-B8F4-02840753E74D} - System32\Tasks\{A7A5A05D-76E4-4275-8787-61B24B0DBD0E} => pcalua.exe -a C:\Python34\Scripts\easy_install-3.4.exe -d C:\Python34\Scripts
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-02 20:37 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-12 10:49 - 2010-11-12 13:38 - 00241152 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-08-22 23:38 - 2014-08-01 17:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-10 23:38 - 2015-06-10 23:38 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-10 23:38 - 2015-06-10 23:38 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-29 16:04 - 2015-06-29 16:04 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15062900\algo.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-11 16:58 - 2015-06-03 23:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-08-21 14:18 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-03 15:27 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-03 15:27 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-03 15:27 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-01 10:59 - 2015-06-20 01:25 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-22 14:19 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-22 14:19 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-22 14:19 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-22 14:19 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-22 14:19 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-08-28 13:47 - 2015-06-20 01:25 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-06-10 23:38 - 2015-06-10 23:38 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-08-07 11:31 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-04-24 14:15 - 2015-05-11 21:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2015-02-01 13:17 - 2015-02-01 13:17 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-06-23 13:38 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 13:38 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\Users\Admin\Application Data:NT
AlternateDataStreams: C:\Users\Admin\Application Data:NT2
AlternateDataStreams: C:\Users\Admin\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Admin\AppData\Roaming:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\sony.com -> sony.com

IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\100sexlinks.com -> 100sexlinks.com
IE restricted site: HKU\S-1-5-21-3517765046-3236710159-937760421-1000\...\101hotteens.com -> 101hotteens.com

There are 5316 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3517765046-3236710159-937760421-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EC5E2213-7845-4A8C-848D-21E144E28E68}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A9B8B4F9-DF37-4CA0-AF05-94D9D3DCFE34}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{977E1E70-D372-4DCE-8348-2DD86561AA4F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5A3C7C06-0546-46FB-9E1E-8FDD837A9D1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{94A0CC42-7001-4B1A-9A50-B3D08DF191D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8E03EA2D-48ED-46F6-BE4F-4028B5937F55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F79937BB-677A-4FD0-B2E6-232515F6D041}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{1810650F-8ECE-4602-A09D-E1DC84F50A24}C:\program files\autoit3\autoit3.exe] => (Allow) C:\program files\autoit3\autoit3.exe
FirewallRules: [UDP Query User{E59851D4-45E4-4C1E-A6F3-F485751D74BC}C:\program files\autoit3\autoit3.exe] => (Allow) C:\program files\autoit3\autoit3.exe
FirewallRules: [TCP Query User{0C687043-3CC3-448E-8FB4-93F69674C339}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{CBCF5D86-71E5-441C-AEFD-0F571356E55C}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{8840517E-1C06-4227-AB82-E0B8794B62F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F8A5C59-FAD0-407E-AA5B-06A6878D9C0B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E8E44BCE-B105-4E9A-B94F-6752D902A092}C:\program files (x86)\autoit3\autoit3.exe] => (Allow) C:\program files (x86)\autoit3\autoit3.exe
FirewallRules: [UDP Query User{0DA0F636-6635-4E15-90BA-B3302049DC79}C:\program files (x86)\autoit3\autoit3.exe] => (Allow) C:\program files (x86)\autoit3\autoit3.exe
FirewallRules: [{057C2986-2E97-4C7A-9D71-3BCC11A16FF5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{770D1065-03E5-43E4-A4E2-78D48CB26DE5}] => (Allow) LPort=2869
FirewallRules: [{B6F01A61-3EF6-4C68-A3A8-3A417D16850A}] => (Allow) LPort=1900
FirewallRules: [{28788216-3A50-4C36-B93A-C1E09A3B635B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{583CBF02-6862-452D-9256-C797294ADDC2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{97FBCCA4-A951-4144-BC7C-36EDD3BDFCEC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{C98E8D19-C923-4E62-AD44-CE5AB965881C}C:\program files\java\jdk1.7.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{F31C7AF0-4DD2-474E-856A-098F9F46198E}C:\program files\java\jdk1.7.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_40\bin\javaw.exe
FirewallRules: [{85537123-5CBB-4C59-A169-882673E9099E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{90F87898-E488-4609-9C11-0C8B35CE08A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{36AC934E-7517-4032-9DD0-3FB22FECDDB3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D4AAA010-7F62-4E11-86F4-52D0D70E35A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6EE370BA-5251-473F-A858-07F1175E89D4}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{31D01E3C-CBEB-4154-A01F-96ABFFE34042}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{57CC6BB0-4E23-4EFC-92B1-5CFBD4065653}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{A293C5A7-014F-410B-8132-82A6866E771B}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [TCP Query User{F93D4984-F34E-481A-BA16-3AB0F5E8C7F2}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{6AEED5B5-7A50-47FC-BB77-7B82DD888ED4}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [TCP Query User{F34B5E9C-5D79-49DE-BF03-588D9F2B7973}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe
FirewallRules: [UDP Query User{39C49BA3-C382-4ACD-A0EB-5789496241F2}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe
FirewallRules: [{4D155FC1-5313-4848-9558-97DAA07267F6}] => (Allow) LPort=49172
FirewallRules: [{D6AF9312-35B1-409B-8834-ED36A674C9B4}] => (Allow) LPort=5000
FirewallRules: [{BF0B8F88-1E01-418C-B768-B388DF10989D}] => (Allow) LPort=80
FirewallRules: [{E926968A-26C9-4449-9B60-4F497FE88665}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{2B480375-CE05-43DD-8705-1966F4EB03ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B05B7053-B522-4BB1-9BF1-1644096229F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7D15C86F-F2EC-41F8-ABB0-7CF4EDB98810}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{E056776D-18A7-4206-B885-931C6CACD08D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{7AD8D117-564E-4302-834E-E1A971DA7B11}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{BD6ADC43-D213-4761-BB1A-CA2B43F8DE5F}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{33D32AC8-45C2-461A-8383-65596DEA3BBC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{3DBA4676-AFA0-4AA1-BFE3-026481349DC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{17D93ED3-A9BB-4C66-8F12-C98A009920C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E1019252-4F69-4E9C-975C-B810AAB08A83}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F55602DA-0094-42B9-9195-409A4D0395D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6894E12E-8598-4188-8646-C179F2DAEDD3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4EC37358-A8FC-4DD0-AEB2-1B5306BB0283}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0CAE569F-DB87-4222-8D79-38B8FE46F7A1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8191C338-1A11-42B9-A815-63BD0B386246}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{47E0E86B-44CD-4A25-B8D4-4D086B515439}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{83E4154B-0742-4852-AB3D-4D0E39DFCD7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{19373331-3165-4EAD-89BB-BD03F6B9FEF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5B32B920-6DBD-4593-9677-42605EB49D76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{983FCFD5-FF82-4867-86B2-551ABF62ED3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{4B25AE42-E936-4648-8136-C7C1DC4F4055}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{BA7F4789-EE0D-4952-B3C4-94508DB0E3D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{83F6A48A-B7FE-443E-8C2E-1FEE4476825A}] => (Allow) LPort=1688
FirewallRules: [{521A6CDE-20C6-434C-862E-C2F3D4ED27BE}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{3EDB01E7-3D5D-4E72-BB09-3F4E39F1A5A0}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{6F516897-22E3-45B8-B9E2-4172A9CB93B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{DA329506-E5BB-4A1F-84DF-5149A9590C0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{F188C50A-F6DA-4B4C-BD55-8A766918FBDB}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{21EE6C65-8CAB-43A1-B3BA-A3C96E9083DA}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{1C02980B-1FAA-48E3-AF5A-DE3606483732}] => (Allow) LPort=25565
FirewallRules: [{F07868CA-BBBD-48D9-9AB8-20A25BE51993}] => (Allow) LPort=25565
FirewallRules: [{02AD9DCB-28F5-44BA-AB92-4B34B9088415}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{956CF37B-BAD2-4AC8-B991-2EB9108C420B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [TCP Query User{5BFAF740-D34F-4679-9992-38E73B5E1E63}C:\users\admin\desktop\mehr\wichtige ordners\interne sachen\programmieren\programmiersprachen\autoit\meine sachen\fertige sachen\projekte\minecraft op hack\minecraft op hack_obfuscated.exe] => (Allow) C:\users\admin\desktop\mehr\wichtige ordners\interne sachen\programmieren\programmiersprachen\autoit\meine sachen\fertige sachen\projekte\minecraft op hack\minecraft op hack_obfuscated.exe
FirewallRules: [UDP Query User{16782CE9-A1B0-40CB-86F1-7453573C722F}C:\users\admin\desktop\mehr\wichtige ordners\interne sachen\programmieren\programmiersprachen\autoit\meine sachen\fertige sachen\projekte\minecraft op hack\minecraft op hack_obfuscated.exe] => (Allow) C:\users\admin\desktop\mehr\wichtige ordners\interne sachen\programmieren\programmiersprachen\autoit\meine sachen\fertige sachen\projekte\minecraft op hack\minecraft op hack_obfuscated.exe
FirewallRules: [TCP Query User{6EF503D9-31C8-4293-9593-69B62751B824}C:\users\admin\desktop\mehr\wichtige ordners\interne sachen\programmieren\programmiersprachen\autoit\meine sachen\fertige sachen\projekte\updater\updater.exe] => (Allow) C:\users\admin\desktop\mehr\wichtige ordners\interne sachen\programmieren\programmiersprachen\autoit\meine sachen\fertige sachen\projekte\updater\updater.exe
FirewallRules: [UDP Query User{07CE9350-92BA-4044-A30A-AEE00596BA34}C:\users\admin\desktop\mehr\wichtige ordners\interne sachen\programmieren\programmiersprachen\autoit\meine sachen\fertige sachen\projekte\updater\updater.exe] => (Allow) C:\users\admin\desktop\mehr\wichtige ordners\interne sachen\programmieren\programmiersprachen\autoit\meine sachen\fertige sachen\projekte\updater\updater.exe
FirewallRules: [{CC9C1EEB-B89C-4301-A0B6-84628A74AE4E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{F65F69E3-AE68-423A-8B1F-FE6F53501225}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{8FDB039A-F900-41D2-B62C-BD43CA10598A}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{E87266D8-9A16-4DA3-854B-EB2D09D829DD}C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{11002EA4-8C41-4AD3-BA1F-8F1F1E280AB7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{939F782A-A5ED-4BD1-B212-FBBBF5FC2A5A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{679ABC41-007B-460C-9785-A7AC9CDB19C7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5E40BF24-445C-4669-91BC-0963812AFCFA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D1416F88-7C3B-48E3-83AC-85AF32D68BEE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{28935E9D-1233-482B-AC23-B3CFCFC23D6B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8E75AE71-690E-451E-9C24-334113635292}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{F7184C42-EA1C-41C8-B4FA-902A5973643D}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9765F529-D1D7-4A13-BC72-F14ABD19FC4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{E8D3CB03-7079-4A3F-8DAB-F9D4CFC86F47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{A7E38097-705C-4E96-9014-6BF8392D2DE6}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{6557E036-FEE7-4D27-9309-F2A0B16B0728}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{7AC0C881-9730-4CAB-977F-E7DA169ECF6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{31F04278-8FA5-4DDC-8434-D821D1BB62FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{ABFB8165-A611-4833-9FA7-8D7B95C04F1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{87CBB44F-C284-440A-A3A6-1F83FF1146AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{56C1ACF0-2405-4D76-BA61-7CF3287AF4EC}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{594B66C2-E9DF-48EC-A7FC-266A5A14328B}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{235AF719-8915-40BC-933C-0E03A7BAE548}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{0BF25ECB-A21B-4F62-9834-E16896E74F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{E738DC91-8C97-48DE-AEA6-045172E25A73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{300C0810-B8C4-4B55-A9B2-993430A4E3A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{B7454DEB-7680-4D82-ACFF-9BB8CD3355B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{1EF1C665-61A8-45F9-B6E3-7ED70CED1FE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [TCP Query User{63E1B7F8-8950-433F-B123-D76B037D57A8}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4CF1D9C8-AA3E-457F-8F1F-763A37B72EF8}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{57C09B92-074F-47CD-A080-8C07EBC22A16}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8D3F368A-F564-40D5-B483-9EE03DE6BE8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A0BF5EE3-A3FE-4044-803A-434DB4F2F766}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{63585A31-9077-4D15-B75D-783ACC2143AF}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{A29BFEBC-73FC-4486-B933-F44628E43F95}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [{B7BABA0C-CDBB-4CF0-AC3B-5D1F9C51BDFF}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5264D73E-DC8F-431A-99DB-CD3576F9D266}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{079FE8FF-D008-42C1-B45D-5DF9E6BF98C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{C70E7841-C1A5-45A0-A345-F739152BCF5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{58C83F6F-38CE-48D5-BBFA-D0C38F8AB6F3}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{19388DC3-BEC7-4DE6-B2AC-48933C8BE32F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{522F5E93-0C7E-45DA-9772-BA3F167D4E01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2015 04:02:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 09:53:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 09:35:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 43.0.2357.130 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15f4

Startzeit: 01d0b1c719d29ad2

Endzeit: 7

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 976973aa-1dcc-11e5-aff1-002618f7c206

Error: (06/28/2015 09:35:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm metin2client.bin, Version 1.0.8043.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1870

Startzeit: 01d0b1ce00c92133

Endzeit: 110

Anwendungspfad: C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Metin2\metin2client.bin

Berichts-ID: ddc7065d-1dcc-11e5-aff1-002618f7c206

Error: (06/28/2015 07:21:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 07:20:52 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).

Error: (06/28/2015 07:20:52 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).

Error: (06/28/2015 07:20:43 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).

Error: (06/28/2015 07:11:34 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvStreamUserAgent restarted too many times in a short period. Aborting. [0]).

Error: (06/28/2015 00:07:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8127


System errors:
=============
Error: (06/29/2015 04:05:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Modules Installer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/29/2015 04:05:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Modules Installer erreicht.

Error: (06/29/2015 04:05:51 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (06/29/2015 04:04:21 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 23) (User: NT AUTHORITY)
Description: Der Ereignisprotokollierungsdienst hat einen Fehler (Auflösung=32) beim Initialisieren der Protokollierung der Ressourcen für Kanal "Microsoft-Windows-Bits-Client/Operational" erkannt.

Error: (06/28/2015 09:51:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎06.‎2015 um 21:48:40 unerwartet heruntergefahren.

Error: (06/28/2015 09:49:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst BITS erreicht.

Error: (06/28/2015 09:48:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Application Experience" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/28/2015 09:48:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AeLookupSvc erreicht.

Error: (06/28/2015 09:48:03 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Group Policy Client konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (06/28/2015 09:48:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.


Microsoft Office:
=========================
Error: (06/29/2015 04:02:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 09:53:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 09:35:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe43.0.2357.13015f401d0b1c719d29ad27C:\Program Files (x86)\Google\Chrome\Application\chrome.exe976973aa-1dcc-11e5-aff1-002618f7c206

Error: (06/28/2015 09:35:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: metin2client.bin1.0.8043.0187001d0b1ce00c92133110C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Metin2\metin2client.binddc7065d-1dcc-11e5-aff1-002618f7c206

Error: (06/28/2015 07:21:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2015 07:20:52 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (06/28/2015 07:20:52 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (06/28/2015 07:20:43 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (06/28/2015 07:11:34 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvStreamUserAgent restarted too many times in a short period. Aborting. [0]

Error: (06/28/2015 00:07:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8127


CodeIntegrity Errors:
===================================
  Date: 2015-03-01 08:44:21.117
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-01 08:44:21.023
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-01 08:44:20.883
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-01 08:44:20.649
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-28 18:08:56.128
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-28 18:08:56.038
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-28 18:06:25.278
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-28 18:06:25.188
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-28 18:06:25.048
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-28 18:06:24.858
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Percentage of memory in use: 41%
Total physical RAM: 6143.23 MB
Available physical RAM: 3609.85 MB
Total Pagefile: 18429.43 MB
Available Pagefile: 15416.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.07 GB) (Free:344.48 GB) NTFS
Drive d: () (Fixed) (Total:596.17 GB) (Free:589.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 6339ACB3)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

Ok es fährt manchmal echt nicht herunter...

 

Themen zu Computer fahrt nicht herunter
anzeige, computer, driver, explorer, herunterfahren, heute, internet, internet explorer, kernel, länger, manager, minuten, nachricht, neu, nvidia, offen, prozess, prozesse, seite, seiten, steam, task manager, viele prozesse, windows, öffnen


« Selbständiges öffen von Werbeseite, Gewinnspiele beim anklicken im Internet | Gemeiner Trojaner HEUR:Exploit.Java.CVE-2013-2423.gen »


Ähnliche Themen: Computer fahrt nicht herunter


  1. Computer startet nur kurz und fährt dann wieder herunter
    Log-Analyse und Auswertung - 10.10.2014 (3)
  2. Taskmanager öffnet nicht, Browser reagiert nicht, XP kann nicht herunter gefahren werden.
    Plagegeister aller Art und deren Bekämpfung - 18.02.2014 (3)
  3. W7: PC wird langsam, fährt nicht herunter, FF schließt nicht
    Log-Analyse und Auswertung - 09.11.2013 (7)
  4. Computer lädt dauerhaft irgendwas herunter!
    Plagegeister aller Art und deren Bekämpfung - 10.08.2013 (9)
  5. Computer fährt sich automatisch herunter - BackDoor.Generic16.AUUY
    Log-Analyse und Auswertung - 25.05.2013 (2)
  6. fährt nicht herunter, FN-Tasten verzögern, Taskmanager startet nicht
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (3)
  7. Leerer Desktop, Computer fährt automatisch herunter
    Plagegeister aller Art und deren Bekämpfung - 09.01.2013 (29)
  8. Computer fährt selbstständig herunter
    Plagegeister aller Art und deren Bekämpfung - 29.12.2012 (1)
  9. Security suite entfernen, im abgesichtern Modus fährt der Computer einfach bei scans herunter.
    Plagegeister aller Art und deren Bekämpfung - 08.09.2010 (8)
  10. Computer fährt ohne vorwarnung herunter!!!
    Plagegeister aller Art und deren Bekämpfung - 19.07.2009 (12)
  11. Computer lädt "Casino-Games" herunter
    Plagegeister aller Art und deren Bekämpfung - 04.03.2008 (7)
  12. Computer faegrt nicht herunter
    Log-Analyse und Auswertung - 21.01.2008 (11)
  13. Computer fährt einfach so herunter
    Alles rund um Windows - 06.01.2008 (1)
  14. Wurm? fährt Computer herunter
    Log-Analyse und Auswertung - 07.10.2005 (1)
  15. Virus fährt Computer herunter?
    Plagegeister aller Art und deren Bekämpfung - 26.07.2005 (10)
  16. Hijackthis Log nach langer Fahrt .....
    Log-Analyse und Auswertung - 10.01.2005 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Computer fahrt nicht herunter - Additional Code: Alles auswählen Aufklappen ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01 Ran by Admin at 2015-06-29 16:36:08 Running from C:\Users\Admin\Desktop Boot Mode: Normal ========================================================== ==================== - Computer fahrt nicht herunter...
Archiv
Du betrachtest: Computer fahrt nicht herunter auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131