Seit 2 Tagen pc sehr langsam und hohe Pingspitzen

asoka90 · 28.07.2015, 04:09

Guten Morgen,
ich hoffe ihr könnt mir helfen. Ich habe seit 2 Tagen das Problem das Ordner sich sehr langsam öffnen zudem habe ich seither in Programmen wie Teamspeak Pingspitzen von bis zu 800ms (auch wenn ich über CMD meine IP anpinge). Bin per Lan-Kabel an den Router angeschlossen.

Edit: Ganz vergessen, ich habe seither auch "MySearch" als Startseite und klicke ich (egal auf welcher Seite) links an komme ich beim ersten klick auf eine Werbungsseite.

Gruß Asoka

Ps. Musste die Additions.txt in ein rar-Archiv packen weil sie über 100kb groß war.

schrauber · 28.07.2015, 06:37

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

asoka90 · 28.07.2015, 17:37

Hi,
alles klar mache ich gleich, nicht bdaran gedacht, sry

Edit: Muss es leider in 3 Threads packen weil es zu groß ist :/
Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von Asoka2 an 2015-07-28 04:22:03
Gestartet von C:\Users\Asoka2\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1300372446-3054197621-2797401273-500 - Administrator - Disabled)
Asoka2 (S-1-5-21-1300372446-3054197621-2797401273-1007 - Administrator - Enabled) => C:\Users\Asoka2
Gast (S-1-5-21-1300372446-3054197621-2797401273-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1300372446-3054197621-2797401273-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.30 - GIGABYTE)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Ableton Live 9 Suite (HKLM\...\{F6BA3E9F-8637-4DCE-BBA8-75A6A57A9D0B}) (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anno 2070 Complete Edition Version 2.0.7780.0 (HKLM-x32\...\Anno 2070 Complete Edition_is1) (Version: 2.0.7780.0 - UBISoft)
AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version:  - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audials (HKLM-x32\...\{DA6EBFC9-8869-4B61-8D38-2668A395C5B0}) (Version: 11.0.54400.0 - Audials AG)
Battle vs Chess (HKLM-x32\...\Steam App 211050) (Version:  - Targem Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version:  - ) <==== ATTENTION
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Clear Cache (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - ) <==== ATTENTION
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 43.3.3.185 - Comodo)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Curse Client (HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
CutThePrice (HKLM-x32\...\{A2C98B47-B5F4-94AA-281D-4135416774CF}) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Demonbuddy (x32 Version: 1.0.2001.366 - Bossland GmbH) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dragon Age™ II (HKLM-x32\...\{4D565319-8B91-41CB-961C-0DDC86101AC5}) (Version: 1.04.8524.0 - Electronic Arts)
Driver Magician 4.3 (HKLM-x32\...\Driver Magician_is1) (Version:  - GoldSolution Software, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
Evoland (HKLM-x32\...\Steam App 233470) (Version:  - Shiro Games)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
Final Fantasy XIII Version 1.1 (HKLM-x32\...\Final Fantasy XIII_is1) (Version: 1.1 - RFT)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 4.0.1.6 - )
Free Screen Video Recorder version 2.5.37.922 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 2.5.37.922 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.60.713 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.60.713 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.60.713 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.60.713 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version:  - Elias Viglione)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KeyCommander 1.3.1 (HKLM-x32\...\KeyCommander) (Version: 1.3.1 - fabi.me)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Legacy of Kain: Defiance (HKLM-x32\...\Steam App 224300) (Version:  - Crystal Dynamics)
LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version:  - Warner Bros. Games)
LEGO® Der Herr der Ringe™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Harry Potter™: Die Jahre 1-4 (HKLM-x32\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)
LEGO® Worlds (HKLM-x32\...\Steam App 332310) (Version:  - TT Games)
LiveUpdateWPP (HKLM-x32\...\LiveUpdateWPP) (Version:  - Anti-phishing database updater for Web Protector Plus. This service keeps your computer updated with the newest database of known Internet threats.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{2E01C311-3ED2-42CF-B1E9-9A36D4B9E26B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Plus (HKLM-x32\...\MAGIX_{258D56DE-24F2-479E-BED2-8103CB0B9D58}) (Version: 12.0.0.32 - MAGIX AG)
MAGIX Video deluxe 2013 Plus (Version: 12.0.0.32 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
M-Audio Fast Track 6.1.12 (x64) (HKLM\...\{102B819F-54FB-4CD3-8B48-B80C210D55BC}) (Version: 6.1.12 - M-Audio)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
MobileVideo For 3GP 3.62 (HKLM-x32\...\MobileVideo For 3GP_is1) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mp3tag v2.60 (HKLM-x32\...\Mp3tag) (Version: v2.60 - Florian Heidenreich)
MPK mini Editor (HKLM-x32\...\MPKminiEditor) (Version:  - )
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.87.58.0 - Overwolf Ltd.)
PC Auto Shutdown 5.7 (HKLM-x32\...\PC Auto Shutdown_is1) (Version: 5.7 - GoldSolution Software, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.9 - Portforward, LLC)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
RPG Maker VX (HKLM-x32\...\RPG Maker VX_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace (HKLM-x32\...\RPG MAKER VX Ace_is1) (Version: 1.01a - )
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RTP 1.32 Add-On for RM2k (HKLM-x32\...\RTP 1.32 Add-On for RM2k) (Version:  - )
Seduce Me version 1.02 (HKLM-x32\...\{9857224A-355A-406F-8C01-54C494B7F0CA}_is1) (Version: 1.02 - No Reply Games)
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.15.9546 - SoftEther VPN Project)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC)
Survival Launcher (HKLM-x32\...\{0FE0A042-8D15-497C-BB00-9C02D18E83D2}) (Version: 1.0.0.6 - Survival Launcher)
Synergy (HKLM-x32\...\Steam App 17520) (Version:  - Synergy Team)
SystemPlayer (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{a89d7674}) (Version:  - SystemPlayer) <==== ATTENTION
Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version:  - Nomad Games Limited)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD PROJEKT RED)
TortoiseSVN 1.8.10.26129 (64 bit) (HKLM\...\{A9E679EC-8FD4-49D8-A5A5-ACE462515A9E}) (Version: 1.8.26129 - TortoiseSVN)
Total Uninstall 6.8.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.8.0 - Gavrila Martau)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vampires Dawn II: Ancient Blood (MP3) (HKLM-x32\...\{04D24793-D317-4E13-95B3-1EDBEA068241}_is1) (Version: Vampires Dawn 2 - Version 1.23 (MP3) - Brianum/Dawnatic)
Vampires Dawn: Reign of Blood (HKLM-x32\...\{CF55095E-07AA-432E-8376-CEF71D70746A}_is1) (Version: Vampires Dawn: Reign of Blood 1.31 - Brianum)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version:  - hxxp://www.WAVMP3.net)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSplit Revolution (v11.04) (HKLM-x32\...\WinSplit Revolution) (Version: 11.04 - Raphael Lencrerot)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1300372446-3054197621-2797401273-1007_Classes\CLSID\{be2ebda8-1488-4a4d-aa5b-12a8db6e8c73}\InprocServer32 -> dfshim.dll Keine Datei

==================== Wiederherstellungspunkte =========================


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2014-11-24 01:15 - 2014-11-24 01:18 - 00000250 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 secure.tune-up.com
127.0.0.1 www.order.tune-up.com
127.0.0.1 www.tune-up.com
127.0.0.1 www.tune-up.com/order
127.0.0.1 www.registertuneup.com
127.0.0.1 www.tuneup.de
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01F98EC5-E3F3-463F-8DC0-6B45E585FFAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {02576660-D624-4715-8576-7F6DC59B20F8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0B001089-CD8F-4FD9-80B7-CD5DEE6A1B5E} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {1A3005A4-DF44-488A-B6ED-5D0C9442AFE6} - System32\Tasks\{85C03719-ED39-4EB1-94EF-BC0BB1CE1638} => pcalua.exe -a G:\setup\setup.exe -d G:\setup
Task: {21AF6A57-98EF-4FC3-863A-3A2412B45999} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-24] (Dropbox, Inc.)
Task: {2694429D-CFDC-4EE5-9B2A-F9CCC68642ED} - System32\Tasks\Web Protector Plus => C:\Program Files (x86)\WebProtectorPlus\WebProtectorPlus.exe
Task: {34908089-DA45-4771-BDF6-5AC8B886998C} - System32\Tasks\Bidaily Synchronize Task[pr] => c:\programdata\{1beb6eca-ac6a-5456-1beb-b6ecaac6bb2a}\when dreams turn to dust 2013.rar.exe <==== ATTENTION
Task: {37753FEC-F0FF-4613-BB06-ABE81B965D2C} - System32\Tasks\{BACEFB4F-1236-4B6B-8FCD-B81F824CD7B8} => pcalua.exe -a F:\Autorun.exe -d F:\
Task: {3C8B3AD9-9F08-47F3-B7A7-417C6127DB08} - System32\Tasks\{FF834EFF-45F7-42F3-8C1D-1CEF6A5D7021} => pcalua.exe -a "C:\Users\Asoka\Desktop\RPG Maker\europaeischer-zeichensatz-komplett.exe" -d "C:\Users\Asoka\Desktop\RPG Maker"
Task: {403D8D99-E423-4FDE-A5DC-40E08D94F77E} - System32\Tasks\{77864F93-5879-4174-AB85-B6A205BA828C} => Chrome.exe hxxp://ui.skype.com/ui/0/6.10.60.104/de/abandoninstall?page=tsBing
Task: {4CE481B3-8358-43FC-BE62-7FD9639C64A5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-24] (Dropbox, Inc.)
Task: {53245D0C-3D1A-4928-B163-1BAC721F6FF5} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {54D32A6F-BE08-4914-B892-D67601DB04D8} - System32\Tasks\{3F5CA0F2-DE41-4227-973C-05F525BAAB43} => pcalua.exe -a "C:\Users\Asoka\Desktop\RPG Maker\RPG Maker VX\RTP_102e.exe" -d "C:\Users\Asoka\Desktop\RPG Maker\RPG Maker VX"
Task: {59EBE8D3-3C19-44DF-957F-F720A922636B} - System32\Tasks\{F88258ED-B85D-425C-A47A-0BECC6886B1B} => pcalua.exe -a "C:\Program Files (x86)\Microsoft Games\Halo 2\StartUp.exe" -c /tnp:/remove
Task: {5F7AF189-F59D-4618-B435-666D10EC1F70} - System32\Tasks\Web Protector Plus Server => C:\Program Files (x86)\WebProtectorPlus\server64\WebProtectorPlusServer.exe
Task: {6A049330-FC67-43AB-BDCC-381A31243E1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {6DCBD091-8B9D-42F0-B369-78817BAF02E9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1300372446-3054197621-2797401273-1000
Task: {7F70E359-44DA-43D7-B857-FF323242BE60} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9AF23A2D-83E3-48FC-B21A-67675C4F12F2} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-07-19] (Overwolf LTD)
Task: {A255DC20-0E0F-471F-975F-65273F058865} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {C093D358-5ED0-4FC4-B939-DD8A3CD01746} - System32\Tasks\{449628FB-3710-4F76-82B8-FCDB34F38528} => pcalua.exe -a "C:\Users\Asoka\Desktop\RPG Maker\RPG Maker VX\RPGVX_102.exe" -d "C:\Users\Asoka\Desktop\RPG Maker\RPG Maker VX"
Task: {C6426E21-ED1F-4284-A79C-819424A9C33F} - System32\Tasks\AdobeAAMUpdater-1.0-Asoka-PC-Asoka => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
Task: {C991AB28-D9EB-4D89-8AA7-14043058DBBD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {D7CB5E02-7F50-4C52-9CE1-09C7B65BD152} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D87E209B-B528-4D42-AA9D-F030D9D1F29B} - System32\Tasks\AdobeAAMUpdater-1.0-Asoka-PC-Asoka2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
Task: {DAA60913-26ED-4BE6-96A5-1E78E1D8D4FD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E98DCDDA-1754-4AE6-8D18-7C6F5C1B49C5} - System32\Tasks\Opera scheduled Autoupdate 1437880204 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {FE1E72B1-DD39-40BC-9CBA-07FC0AB3A2EA} - System32\Tasks\InstantFame => c:\programdata\{f7ba6149-369d-0842-f7ba-a61493698524}\lego_star_wars_ii_the_original_trilogy_europe_en_fr_de_es_it_da.exe [2014-07-27] () <==== ATTENTION

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Bidaily Synchronize Task[pr].job => c:\programdata\{1beb6eca-ac6a-5456-1beb-b6ecaac6bb2a}\when dreams turn to dust 2013.rar.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\InstantFame.job => c:\programdata\{f7ba6149-369d-0842-f7ba-a61493698524}\lego_star_wars_ii_the_original_trilogy_europe_en_fr_de_es_it_da.exe <==== ATTENTION

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-12-24 17:01 - 2012-11-22 19:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2014-12-17 22:31 - 2014-12-17 22:31 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-12-17 22:30 - 2014-12-17 22:30 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-11-10 02:12 - 2012-09-24 09:58 - 00078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-11-10 02:12 - 2012-09-24 09:58 - 00386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2015-06-22 21:37 - 2015-06-22 21:37 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2013-08-21 11:33 - 2015-03-25 11:10 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-22 21:37 - 2015-06-22 21:37 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 15:46 - 2014-08-04 15:46 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:46 - 2014-08-04 15:46 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2015-07-28 04:14 - 2015-07-28 04:14 - 00050477 _____ () C:\Users\Asoka2\Desktop\Defogger.exe
2015-07-27 01:28 - 2015-07-27 01:28 - 02749952 _____ () c:\Program Files (x86)\SystemVigor\SystemVigor.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2015-07-09 21:47 - 2015-07-09 21:47 - 02551040 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-06-01 11:08 - 2014-06-01 11:08 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-17 21:53 - 2014-12-17 21:53 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2015-07-25 23:53 - 2015-07-24 00:39 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libglesv2.dll
2015-07-25 23:53 - 2015-07-24 00:39 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libegl.dll
2015-07-25 23:53 - 2015-07-24 00:39 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\PepperFlash\pepflashplayer.dll
2014-12-17 21:53 - 2014-12-17 21:53 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2013-07-01 08:20 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 01:24 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 01:24 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 01:24 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 14:36 - 2015-07-24 01:24 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 10:44 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 10:44 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 10:44 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 10:44 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 10:44 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-07-26 14:46 - 2015-07-24 01:23 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 01:22 - 2015-07-07 22:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2013-07-15 14:32 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-07-15 14:32 - 2015-07-24 01:23 - 00373440 _____ () C:\Program Files (x86)\Steam\steam.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0021 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0022 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0023 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0024 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0025 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0026 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0027 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0028 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0029 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0030 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0031 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0032 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0033 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0034 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0035 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0036 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0037 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0038 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0039 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0040 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0041 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0042 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0043 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0044 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0045 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0046 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0047 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0048 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0049 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0050 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0051 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0052 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0053 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0054 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0055 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0056 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0057 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0058 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0059 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0060 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0061 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0062 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0063 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0064 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0065 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0066 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0067 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0068 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0069 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0070 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0071 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0072 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0073 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0074 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0075 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0076 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0077 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0078 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0079 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0080 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0081 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0082 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0083 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0084 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0085 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0086 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0087 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0088 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0089 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0090 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0091 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0092 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0093 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0094 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0095 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0096 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0097 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0098 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0099 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsSystem0100 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0001 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0002 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0003 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0004 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0005 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0006 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0007 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0008 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0009 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0010 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0011 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0012 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0013 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0014 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0015 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0016 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0017 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0018 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0019 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRunAsTrustedInstaller0020 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\Control Panel\Desktop\\Wallpaper -> C:\Users\Asoka2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C2B73D56-ED25-4C4C-91A6-B4616B32B57A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FC2C79D6-E2EA-48C4-B31C-5184153F9954}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C262E01-C3B9-4926-A221-B95302C2F169}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{DCCF4BFB-C24D-4FF6-B0C6-E16ED9F57B74}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{EAAA095A-0A44-4C41-852E-59B3A1667F43}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B968EA20-D2D3-45AB-A97F-1B95E3DD2196}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{ADCB887B-43E5-4D5E-96D3-F081B52950DB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1E039CEB-8FB9-407C-9C21-77F8C06E1161}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A845E1A2-21E3-4EAB-B3CD-01C331392675}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C7D3E002-885A-4DE9-BC8E-9580093D35CF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7493CA2A-23E7-4535-A877-EC1BC9248F1E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2687378B-FABC-4979-BBB7-25EC0D6B7B1C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{17717B8E-456D-48C1-B678-520D5AC7A656}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{936E6218-AA14-4E1B-803B-DCFBDD75CDFE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3D68C4DF-641B-41DB-9667-2147FCA79BFA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{73602762-042F-4653-AC1D-884A99D4A8E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{0731B379-AA9B-4C04-8453-3D3A83DEAA59}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{99F3B93B-185E-4D8C-B9B9-3B46DB70093D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{B5807C65-2AA1-4572-A155-9D39B528E83E}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{60DD6CCD-E691-4D75-B272-580DA49F5C7A}C:\users\asoka\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\asoka\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{8346696D-9558-49E8-812C-4FFC8EE26EC9}C:\users\asoka\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\asoka\appdata\local\akamai\netsession_win.exe
FirewallRules: [{3D5AB1BF-8E13-4F42-A41E-8AFDD9A6EDF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{F5E8DF97-DA74-4006-98CA-ADFE45DB08B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{921462EA-9949-4BBC-A024-705CD52875C8}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{9F87233E-FA31-4247-9A79-255ACAC4BFC1}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{5D9BE857-FD48-4656-ADFD-78388F17DB42}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{CCC9549F-AC0C-427F-94DD-93E2F405431B}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [{E650C359-A174-4F90-B92F-4233DEAFE8BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{01476D6A-80BE-4591-82B2-C38D4C313666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6CAF5F23-D469-480F-B10F-0CF65EF29239}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EC577F03-72B9-4985-ABDF-6441290299BB}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{C9EF6925-95AD-4517-A2B9-81054FB285DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7F5B8242-15FE-4352-B0A0-0B9F530741E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5FD38BFA-5581-463C-A98B-751C6DFFC7E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2BB6FFD9-1DC9-4013-966E-62C6106E14CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{67337920-74F0-4442-ADFA-B1E1F70EA9AA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{BF49414F-6131-4C65-9A11-189C1C293E17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{44980534-D242-4D38-A9ED-39CFBA1333C2}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{172045C8-EA82-4874-86F4-814EDA43C737}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{30A55A99-A167-43DD-B4E2-10130764EA62}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E2089A93-436B-47B9-BBF9-6BAFB41C3470}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{77599872-5855-405F-A32E-3510E02A017C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{089200B8-538F-46D9-B180-7104DDB2B5FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{75C56DD1-7ECE-4377-B8E2-28402F7D4F6A}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{8C50DF27-1058-4CDF-AB57-72ED39A58F47}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [{EB8D77F9-A4AA-40DA-8B1E-ED801FD07B46}] => (Allow) %ProgramFiles% (x86)\Java\jre7\bin\javaw.exe
FirewallRules: [{33629DA1-BB8A-4EB5-AD8B-39811751BD89}] => (Allow) %ProgramFiles% (x86)\Java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{BC999453-C6A7-4234-BFAE-0826BB9DE108}C:\users\asoka\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\asoka\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{59F66262-D29D-4FE5-981A-6740E84D1DDC}C:\users\asoka\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\asoka\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{BC5C4A9A-0065-44B7-9D7D-39BA4B6A13DB}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{79981AA9-0EC3-4E46-A6A2-A173F2CA11BC}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{758C30B3-828F-46C1-B2E4-3531A0630574}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{BBA1007B-5F81-44B9-8C1B-C567BAF33E13}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F427B8B5-4D2E-420A-8C23-D79069A15D66}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0DE8FC1B-D157-4670-AEBB-8066A4300443}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5DD84F67-89A6-4C53-9DF9-18381BF77724}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{06CED820-1E88-45D7-B910-877D763EC68E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7B1E8654-AA01-452F-8179-F2DC0521357E}] => (Allow) LPort=2869
FirewallRules: [{8E313D46-7992-437C-82F2-86E5FE7B4A90}] => (Allow) LPort=1900
FirewallRules: [{1B98CEAE-C436-4408-90FB-4C27584B6FD3}] => (Allow) C:\Program Files (x86)\Audials\Audials 11\Audials.exe
FirewallRules: [{FC86382B-A65D-4A3F-AA00-D1EA34879C95}] => (Allow) LPort=12972
FirewallRules: [{64CD6201-FA84-4D46-8153-3BD11C0CB92B}] => (Allow) LPort=14714
FirewallRules: [{1B606DD4-021A-4330-8581-5FE6D46F2E96}] => (Allow) LPort=31931
FirewallRules: [{1D05AF8B-5A95-4268-BBBA-CBB7903BE049}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D07F314E-AE29-4648-986B-D32B2FE2A3D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CFE5B6E8-64A1-434E-A39E-99CCEE37FF75}] => (Allow) C:\Program Files (x86)\Capcom\Street Fighter X Tekken\SFTK.exe
FirewallRules: [{323E03A2-298D-4C15-85FD-26D79A897370}] => (Allow) C:\Program Files (x86)\Capcom\Street Fighter X Tekken\SFTK.exe
FirewallRules: [TCP Query User{D285329A-8489-435D-8EF6-84F488456ED1}C:\program files (x86)\electronic arts\need for speed rivals\nfs14_x86.exe] => (Block) C:\program files (x86)\electronic arts\need for speed rivals\nfs14_x86.exe
FirewallRules: [UDP Query User{CE022573-B336-4279-A509-566874CD7F0A}C:\program files (x86)\electronic arts\need for speed rivals\nfs14_x86.exe] => (Block) C:\program files (x86)\electronic arts\need for speed rivals\nfs14_x86.exe
FirewallRules: [TCP Query User{7A9AFD4D-2E79-4010-9372-29E4DC37A401}C:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{795F1E3D-594C-4EB8-B73F-375D7E93057E}C:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) C:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{5B369B1C-C173-4059-B075-5B1068F2FB2C}] => (Block) C:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{D944BEB4-026D-4B95-BCA9-9FE5E96424E1}] => (Block) C:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{BEBE464A-568E-4382-9EB1-38013B884AE9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC1EECA1-0EE8-40DF-9210-47D43BC904AF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{7C350600-0460-4476-808E-A22E32A7ED56}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{CC7C6A9A-2B1B-4F56-8355-A2B1B7E03CB7}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{36BE670F-4043-4F53-9C8A-B0A66A588DD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Synergy\hl2.exe
FirewallRules: [{185467E7-9EB1-4EBE-AAEB-BD588F5D1C1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Synergy\hl2.exe
FirewallRules: [{2927329B-8328-4D2B-9543-6E65593C900E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{AF47A1BB-C806-445E-B19B-A5ACBE4E952F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [TCP Query User{54C96A19-2163-4DEB-90C0-EC7D00847B26}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{24103880-319B-4EEF-84AF-67B033EF38E1}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{5A5157C1-C701-4746-BEA6-EB978A88B8C9}] => (Block) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{E0261E9D-8F68-4418-AF09-E4603C5F8286}] => (Block) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{71B07B6B-5496-46B5-AEF0-8FEFF25C0816}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{30C8F87D-C891-4CC6-8467-192A8D308D8F}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{821780FA-68E6-4CEE-BFBF-0763B2DF0D2F}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{F9F50D8A-4150-4EF4-AAFD-01EE82A1349C}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{F7BB3895-6EF3-4A6F-A8D7-E87D493B97DD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B50A7135-43EC-422F-A393-E47B6D79E2F7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{560FDE28-3597-4E53-8858-EFDCD4974832}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B2FD8A48-D3D2-4AE0-9501-A295039CAF24}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{95F4D975-613F-4884-B8AE-922ED11A7250}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E77ECB1E-F4D9-49E6-86F3-FD550032C86D}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{5BBB1DA5-4852-45F7-B40D-24CED6DBE4E9}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{837BF41A-B6AE-4BF3-9770-76D43D8E73D7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{DBC3A835-3F4F-4124-9FF6-CB3639D30DA2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A2477D83-4D80-497D-B346-7B4DFEB18CB2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9E8CFEC1-C33B-4465-898C-2D1999D5AD86}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{9064D723-04B5-4399-9DD3-B816CC2B2570}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{FCCD503F-C98E-4802-9B96-3AE5A7A9B4DC}] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{177B335D-9A88-4C23-8F1E-CDC35EB3293B}] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{53251E72-E9A4-4B4F-93E0-9FD41E90CA47}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F5B0996F-C021-4289-AF40-520116D674E9}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{25A65F02-9556-4695-9857-FD79B611ACCB}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{0D33761A-C82C-4E2E-8E2B-AB45E2593C78}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{31F8FF37-D8F3-4286-B9FF-6D9ACBB6FD0A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{21D3D49E-2D91-470F-9FA7-53C9D8382FF0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{C06D68B6-2FAF-4835-93A5-3F6242C72C89}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{AF31B9D1-8646-4865-8DC8-1D24FA0FE29B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{E5BF87F3-AFF5-4981-BFC0-DCD422801A82}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{2953A83D-0B72-4A6D-B4D7-5A2198539B31}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [TCP Query User{03594805-CBEF-4D09-951B-76D53FF4870E}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{6B3FB90A-F68D-434A-A562-BC1F1F0A5D83}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{F64667A0-ACCC-469D-A1E8-F76457CE35D3}C:\users\asoka2\desktop\ordner\backup\freizeit\games\emu\snes\zsnesw142\zsnesw.exe] => (Allow) C:\users\asoka2\desktop\ordner\backup\freizeit\games\emu\snes\zsnesw142\zsnesw.exe
FirewallRules: [UDP Query User{E4702E3D-3F16-455B-B6AB-9850D5321A40}C:\users\asoka2\desktop\ordner\backup\freizeit\games\emu\snes\zsnesw142\zsnesw.exe] => (Allow) C:\users\asoka2\desktop\ordner\backup\freizeit\games\emu\snes\zsnesw142\zsnesw.exe
FirewallRules: [{3DEDB1FF-F50C-47FF-8BAB-20EE56E8BCE2}] => (Block) C:\users\asoka2\desktop\ordner\backup\freizeit\games\emu\snes\zsnesw142\zsnesw.exe
FirewallRules: [{CA32311D-22C5-4531-BE9E-4CFE78F71BCE}] => (Block) C:\users\asoka2\desktop\ordner\backup\freizeit\games\emu\snes\zsnesw142\zsnesw.exe
FirewallRules: [{2C07DC9F-06B9-485E-965A-99DB92E5180F}] => (Allow) %USERPROFILE%\Desktop\Ordner\Backup\Freizeit\games\emu\sNES\zsnesw142\zsnesw.exe
FirewallRules: [{7E0C1AB8-3717-4CD8-9193-D53F0C4D88A7}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2.exe
FirewallRules: [{494A4BD6-36D9-40A8-82E3-DF47B254D038}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [TCP Query User{E2B0B72D-1DAE-4EDE-85C2-AE94A7074641}C:\users\asoka2\desktop\zsneswv1.36\zsnesw.exe] => (Allow) C:\users\asoka2\desktop\zsneswv1.36\zsnesw.exe
FirewallRules: [UDP Query User{17D161DB-F9AC-4209-9A44-C78B2479015B}C:\users\asoka2\desktop\zsneswv1.36\zsnesw.exe] => (Allow) C:\users\asoka2\desktop\zsneswv1.36\zsnesw.exe
FirewallRules: [{D83A3089-A857-45C1-9B2C-C647B0928A38}] => (Block) C:\users\asoka2\desktop\zsneswv1.36\zsnesw.exe
FirewallRules: [{E94123ED-085A-4D05-9C93-BCDF337B3746}] => (Block) C:\users\asoka2\desktop\zsneswv1.36\zsnesw.exe
FirewallRules: [{CC1A3D0B-24C7-46EB-90AF-3D55278F94D4}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2.exe
FirewallRules: [{6D010ABF-D2F5-405F-9032-E619F5D589C1}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{380C418D-D6F0-4E5D-957D-DD5B9386A659}] => (Allow) %USERPROFILE%\Desktop\Ordner\Backup\Freizeit\games\emu\sNES\zsnesw142\zsnesw.exe
FirewallRules: [{4C57E533-40A7-41AA-A0C0-F78D548128FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{FDD652CC-7425-4F2A-8389-A0C742FDA34D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{B5E7657E-711A-47CD-9FD8-65B16D9D647E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{AA5C0E16-513F-44F1-9524-F064DC049C46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{96377E30-E5A5-4242-BEED-32E7D903DB72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{B471BC55-55E1-4C5F-BCD4-05FD24641829}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{94238569-5AD1-41CA-8FE5-13F66BEB4D5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battle vs Chess\battlevschess.exe
FirewallRules: [{868AA1B8-D769-4A25-8977-A0F6B2EA01F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Battle vs Chess\battlevschess.exe
FirewallRules: [TCP Query User{B6DBD872-8B59-4129-897F-7AD2569D2EB0}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{090BC11D-10CA-49DE-A115-048E3DC0E1A6}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{51E42A19-247A-4FA2-9349-B88EC93C1A6C}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{07A80763-AF5D-4D11-8F4D-0E1932E8F7DD}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{BFA916B2-37B4-48ED-9A23-D1A2C07F31E0}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9457D9BE-010E-449A-B841-9D30B9788AF7}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{D6DB9300-BAA1-47C0-AF29-E2DF37742146}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{3840C417-305E-4496-A56E-1D4DB0838E40}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{B570F769-E493-431C-A3F7-7713214F317C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{000A6DEC-947F-498F-BBE9-2F6DBCB0E800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{469E8CC2-0B58-4681-8ABF-803E8DF9C4CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{C7BF61F8-68E8-499C-AFDA-77183002931B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{A8CFB919-26F9-4E1F-9B7C-B63F64D28D0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Talisman\Talisman.exe
FirewallRules: [{8426A4C8-C3D8-452F-A5EE-4E6BC78C90D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Talisman\Talisman.exe
FirewallRules: [{DB73C4AD-849F-47A3-97C2-3E002F71381E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{D8938341-6947-489B-8C59-E23F6BA752C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{925C07EE-B729-4F5D-BBD4-17891ED9ABC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CD679B0A-0D22-4B94-A328-2B193248CB57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{74628679-9E2E-4EB4-B747-B2D25F99140B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{B86156D1-9D14-44F0-8638-C969CD83EF08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{B3B73666-7811-4041-AC73-84B57D0ABE0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\legacy_kain_defiance\defiance.exe
FirewallRules: [{2943BE2D-AC49-4DE2-9775-BDE84CA70E91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\legacy_kain_defiance\defiance.exe
FirewallRules: [TCP Query User{2525338F-B681-4E43-ABFA-4F42580F7FB0}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
FirewallRules: [UDP Query User{F409FB7C-1833-4F8E-AAE4-9D00EB45324B}C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe] => (Allow) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
FirewallRules: [{0EA43F84-16D9-4521-9493-3ECBFC3CBBE2}] => (Block) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
FirewallRules: [{2BACA665-3D0F-4B2A-9F7B-415E601D1A8D}] => (Block) C:\program files (x86)\portforward\port forward network utilities\pfportchecker.exe
FirewallRules: [{5A52D6DA-6F5A-4C2E-AFFD-6447EC0D5793}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CBF32CF6-1D6F-4D84-A6E3-54C0B45835B8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{50E19E1C-2AC2-4C96-854B-FD2FC3C44E44}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{6DC5BE3A-2296-451E-9AD6-1B3283AE02FB}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{04579D97-C7EA-449C-A22C-BE0E852D54DC}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{95C6BE24-3758-494F-8EAF-17C87C60595F}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{8F4F9B95-EC76-410C-8F47-951B47A34846}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{CC9690D0-686A-407A-A300-3C0A83E8E702}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2973D26E-AE52-4EEE-8800-AAA80A67F1CC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9B850563-DDD1-41BA-AB0F-CC9E6445F4EF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{908C4399-F956-4B70-9F9C-88740CF0DE44}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{89774ACB-141B-4331-BC42-69A6DF7E2A2F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5B0DB792-E1B8-4F4E-879D-2C74BF3CD223}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5A580D87-99E5-477A-BD1F-E22467AA23A7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E79B6571-47F8-47D2-AD1F-B689F7C99343}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0FB9A38D-F6AE-45A2-BC9D-C2B2C0D0D7C4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8D4F17BD-30A5-4422-8457-6A18B8EA3A2F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3599928E-D2FB-4AE6-8E85-55E4A903931A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CBC0AA55-5687-4435-B8E6-B2237F6EA412}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C8B2BE0D-99C2-4CEC-A014-2B75784C4CD5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3B90DEAB-C62B-43DD-919C-91BCEE3D07D6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{81DD48AF-318B-42AE-AC34-1EF6F4BBDD69}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40A7394C-C21E-4464-AA8F-54BB973D7844}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3960161C-A5C5-45B9-8C96-56EB4BF0D162}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E5355E00-42C8-4682-BDB9-0336EB4569D9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E431701F-8ED8-4928-ABF1-594DB99FF92B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A7E5E6B7-9FE1-4B6A-A46E-08BF147E5698}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5750015D-8A2C-44F1-BD2F-0A7122F090B9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7EAFECA7-65DF-47EC-8C2A-632961CFA7DB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{07AA1147-21AB-478C-AB4B-7673CA0B291A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CB0E7F02-B11E-4763-B963-23414CB44C26}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B0B3484D-C4E1-4D33-B496-A370052BCA42}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D38990FB-5CC5-449E-BF0B-8FD5073D5EFC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B8EE52DF-154B-49D9-A036-0420E05AA7CA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F7893F5E-BDA1-4296-BCDD-56A4CFD8C60B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1C3BEBC6-88C2-464A-93BE-662840539425}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D88A74E-BF35-4290-87F9-8920F5B3851C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{702032CF-30E0-472C-98A5-3E4AA8976B79}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{18B25A9A-CE14-4971-9B9A-6739279F005A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{01D65790-D16B-466E-B721-01D0AD74FE0B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{20AAAA16-0880-4A07-9CF9-59F6AD37A176}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{46598E45-C61E-487C-B26F-7E730A750943}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B7FDC3E6-D53D-43AD-9577-ABA879FE652B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{106C8B02-98D6-486A-8064-938743B92916}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{119C5FF7-E474-4F43-9F1A-932D4E5B932B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9FD4FFDF-3FCA-4894-8133-78CF46B513C1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0781B742-5E06-482E-8D3E-DE2BE34D54F0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A32C03DC-2A8F-4066-B39E-463A6D5300EA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BCB1D290-CC26-46D4-8221-92315D533DE6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E5F8300D-5449-4C8D-82B4-91D109DDCD98}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{71C647A7-E349-48FE-9D84-7B9944F6B0AC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{98B765B3-5FD2-42D9-AE64-7575D17641A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{45A81E16-AB13-45FD-9A81-D0B95E8901F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{4E0539D7-CF3A-49C9-9C7C-77AA021984E3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1DCC8ECA-4C54-45C8-970F-FB2F8780F58F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{58F52008-D543-4689-BD75-4030014BF405}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8D39E530-2544-41BB-893C-8A1B7DB91B72}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F2594BD1-6E7C-42A7-B8A8-94F679E130CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{68802E52-9A04-4DA9-87C5-1C857DD3C086}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CFEFBC60-A17D-495E-81C5-3EC8FFD1A7F4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8E749FA9-B7A5-4419-B103-F7D43139D140}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3C72CBAD-E81F-40F9-9C32-A71F6A28EBB9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{429538D2-D9CC-4B21-9F42-1EB87EF75EA8}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F04C7E26-4D17-4E84-97B0-821FE5B97820}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E5DB1B90-247A-4A77-ADDF-BBBAFB06DDB8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DD0C9C9E-8F68-4774-8468-3575100F8945}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{447158DC-B95E-4C52-A78D-8BED841275D9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E1AB003D-6BBF-425A-BDF9-EADDF1DE48A6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C7F50E36-A55C-4283-B53D-DE3FC64C6690}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3421D835-3AAA-4679-8BA0-FDC9818B9D21}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2ACE4ED1-6633-4C86-AEEC-9A41C9F67C56}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6EE56D18-C244-4840-8ED5-209D71B612CB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{09269C58-7E60-4767-B572-8B57DAEBB872}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{65556FA3-E96A-4EA5-95A7-3F44A2700391}C:\users\asoka2\desktop\snes\zsnesw.exe] => (Allow) C:\users\asoka2\desktop\snes\zsnesw.exe
FirewallRules: [UDP Query User{48862C44-2C9F-4549-B1C7-F9054E1AAFCC}C:\users\asoka2\desktop\snes\zsnesw.exe] => (Allow) C:\users\asoka2\desktop\snes\zsnesw.exe
FirewallRules: [{6E4821CA-A054-4CA2-9168-7F5698744BC8}] => (Block) C:\users\asoka2\desktop\snes\zsnesw.exe
FirewallRules: [{1390F2BB-C46F-4577-A34E-E77C6E477145}] => (Block) C:\users\asoka2\desktop\snes\zsnesw.exe
FirewallRules: [{0EAF7C13-54CF-4011-8D80-B31D8192AD20}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CE364C28-AB62-4078-A6A6-C23AC627B928}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{26A63029-1307-4858-953B-332E28FB1D12}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{609519F6-2648-481B-A616-4135EEB06267}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{4DC71801-3EE6-43ED-9365-5502633E4590}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{EBAFC2B4-56CA-4918-A98C-AD212B0F0CAC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{882977EC-9B1E-4027-885E-EDB1AD46ED14}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{6BDB9D34-DFCF-4823-8917-EA7A673A18C7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C675C7FB-0F54-4204-AC93-3843D334B870}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D5C0DCCF-A02F-4DDC-B72F-F66A4B704444}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FEC470FD-84E0-497C-AF1E-67CA5C77AE3E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8EB7BC47-FA58-4A07-9FC1-82E9910F369B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E448A136-28D8-43E2-8923-B66B8B5C3507}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A07ABA49-3C37-4809-B929-69BAFD26D960}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{30C0DCCD-2CA7-4772-9F2E-969655B82665}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B82B9D8D-3523-456B-A184-A023C27229AA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{33EEAB34-C7A1-4052-9CE5-583657F0D9E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{911F901F-5328-48D5-84DB-7EADEF54CEAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/27/2015 03:40:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 03:39:29 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (07/27/2015 05:58:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 05:57:42 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (07/27/2015 02:23:32 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2147023836

Error: (07/27/2015 02:14:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 02:13:55 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (07/26/2015 11:09:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 11:08:14 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (07/26/2015 04:40:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (07/28/2015 02:46:00 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/28/2015 01:20:37 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/27/2015 09:31:34 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.

Error: (07/27/2015 07:16:57 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/27/2015 03:41:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/27/2015 03:39:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/27/2015 03:39:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Razer Wizard Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%14001

Error: (07/27/2015 03:39:13 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat einen Fehler beim Initialisieren der Veröffentlichung von Ressourcen für Kanal "Microsoft-RMS-MSIPC/Debug" erkannt. Falls ein direkter Kanal festgelegt ist, kann dies ein Hinweis darauf sein, dass auch das Protokollieren der Ressourcen nicht initialisiert werden konnte.

Error: (07/27/2015 03:39:13 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat einen Fehler beim Initialisieren der Veröffentlichung von Ressourcen für Kanal "DebugChannel" erkannt. Falls ein direkter Kanal festgelegt ist, kann dies ein Hinweis darauf sein, dass auch das Protokollieren der Ressourcen nicht initialisiert werden konnte.

Error: (07/27/2015 06:00:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office:
=========================
Error: (07/27/2015 03:40:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 03:39:29 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exeC:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe.Config0

Error: (07/27/2015 05:58:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 05:57:42 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exeC:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe.Config0

Error: (07/27/2015 02:23:32 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2147023836

Error: (07/27/2015 02:14:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 02:13:55 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exeC:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe.Config0

Error: (07/26/2015 11:09:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 11:08:14 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exeC:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe.Config0

Error: (07/26/2015 04:40:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Speicherinformationen =========================== 

Processor: AMD FX(tm)-8320 Eight-Core Processor 
Percentage of memory in use: 33%
Total physical RAM: 16344.73 MB
Available physical RAM: 10929.41 MB
Total Virtual: 32687.67 MB
Available Virtual: 25848.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:87.76 GB) NTFS
Drive g: (LEGO MARVEL Super Heroes) (CDROM) (Total:6.17 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4A6DB3A1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von log ============================

asoka90 · 28.07.2015, 17:38

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von Asoka2 (Administrator) auf ASOKA-PC (28-07-2015 04:57:37)
Gestartet von C:\Users\Asoka2\Downloads
Geladene Profile: Asoka2 (Verfügbare Profile: Asoka2)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track\AudioDevMon.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(GoldSolution Software, Inc.) C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [478984 2012-12-15] (Adobe Systems Incorporated)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5292664 2012-09-24] (VIA)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5189176 2015-04-15] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5292664 2012-09-24] (VIA)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PC Auto Shutdown] => C:\Program Files (x86)\PC Auto Shutdown\AutoShutdown.exe [1442472 2013-10-23] (GoldSolution Software, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-07-09] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39179912 2015-07-24] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-04-15]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}
HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1300372446-3054197621-2797401273-1007 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1300372446-3054197621-2797401273-1007 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-09] (Kaspersky Lab ZAO)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-01-16] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-09] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-22] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-09] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-09] (Kaspersky Lab ZAO)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-01-16] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-22] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2015-06-11] (Perfect World Entertainment Inc)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-09] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-22] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-09] (Kaspersky Lab ZAO)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll Keine Datei
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll Keine Datei
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll Keine Datei
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Winsock: Catalog5 09 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2014-12-24] ()
Winsock: Catalog5-x64 09 C:\Windows\system32\PrxerNsp.dll [57448 2014-12-24] ()
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{98C3E4EC-A32A-424F-91F5-4284BAB545E8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A08EF818-2B60-4C61-9F70-9A58993735CA}: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-12-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2015-06-11] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-12-15] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-03] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-03] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-03] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-03] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-03] (Apple Inc.)
FF SearchPlugin: C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\searchplugins\mystartsearch.xml [2015-07-28]
FF Extension: Amazon-Icon - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\amazon-icon@giga.de [2015-05-27]
FF Extension: Default SearchProtected  - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\defsearchp@gmail.com [2015-07-27]
FF Extension: deskCut - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\deskCutv2@gmail.com [2015-07-27]
FF Extension: CuatThEPRice - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\PPU68@0.net [2015-07-27]
FF Extension: bestadblocker - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\v81X0Y@v.org [2015-07-27]
FF Extension: Web Protector - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a} [2015-05-15]
FF Extension: ProxTube - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\ich@maltegoetz.de.xpi [2014-11-10]
FF Extension: Real Hide IP - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\support@real-hide-ip.com.xpi [2014-12-24]
FF Extension: Adblock Plus - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-10]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F

Chrome: 
=======
CHR dev: Chrome dev build erkannt! <======= ATTENTION
CHR Profile: C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-06-06]
CHR Extension: (Google Translate) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-05-30]
CHR Extension: (Kaspersky Protection) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-11-10]
CHR Extension: (Clear Cache) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn [2015-07-27]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-11-10]
CHR Extension: (AdBlock) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-28]
CHR Extension: (Safe Money) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-11-10]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-11-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR Extension: (Anti-Banner) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-11-10]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a89d7674; c:\Program Files (x86)\SystemVigor\SystemVigor.dll [2749952 2015-07-27] () [Datei ist nicht signiert]
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-06-11] (Perfect World Entertainment Inc)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-24] (Dropbox, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert]
R2 FastTrackAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track\AudioDevMon.exe [1962768 2013-05-21] (M-Audio)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-24] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD)
R2 PCAutoShutdown_Service; C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe [442136 2011-11-14] (GoldSolution Software, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-03-25] ()
S2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [368128 2015-02-17] (Razer Inc.) [Datei ist nicht signiert]
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5189176 2015-04-15] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-09-14] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-02] (Disc Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-02-15] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-09] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-05-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-05-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-05-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-05-09] (Kaspersky Lab ZAO)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
R3 MAUSBFASTTRACK; C:\Windows\System32\DRIVERS\MAudioFastTrack.sys [460048 2013-05-21] (M-Audio)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0074.sys [28640 2015-04-15] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-06-11] (Audials AG)
R3 SaiH5F0D; C:\Windows\System32\DRIVERS\SaiH5F0D.sys [171144 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU5F0D; C:\Windows\System32\DRIVERS\SaiU5F0D.sys [34304 2007-05-01] (Saitek)
R3 SEE; C:\Windows\System32\drivers\see.sys [38240 2015-04-15] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
U3 uglorpoc; \??\C:\Users\Asoka2\AppData\Local\Temp\uglorpoc.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-28 04:56 - 2015-07-28 04:56 - 00056395 _____ C:\Users\Asoka2\Desktop\Gmer.txt
2015-07-28 04:27 - 2015-07-28 04:27 - 00380416 _____ C:\Users\Asoka2\Desktop\Gmer-19357.exe
2015-07-28 04:22 - 2015-07-28 04:22 - 00113556 _____ C:\Users\Asoka2\Downloads\Addition.txt
2015-07-28 04:20 - 2015-07-28 04:57 - 00042301 _____ C:\Users\Asoka2\Downloads\FRST.txt
2015-07-28 04:20 - 2015-07-28 04:57 - 00000000 ____D C:\FRST
2015-07-28 04:18 - 2015-07-28 04:18 - 02146816 _____ (Farbar) C:\Users\Asoka2\Downloads\FRST64.exe
2015-07-28 04:15 - 2015-07-28 04:15 - 00000544 _____ C:\Users\Asoka2\Desktop\defogger_disable.log
2015-07-28 04:15 - 2015-07-28 04:15 - 00000168 _____ C:\Users\Asoka2\defogger_reenable
2015-07-28 04:14 - 2015-07-28 04:14 - 00050477 _____ C:\Users\Asoka2\Desktop\Defogger.exe
2015-07-28 02:11 - 2015-07-28 02:11 - 00000000 ____D C:\Users\Asoka2\AppData\Local\EMU
2015-07-28 01:22 - 2015-07-28 01:22 - 00001241 _____ C:\Users\Public\Desktop\LEGO MARVEL Super Heroes.lnk
2015-07-28 01:22 - 2015-07-28 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO MARVEL Super Heroes
2015-07-28 01:17 - 2015-07-28 01:22 - 00000000 ____D C:\Program Files (x86)\LEGO MARVEL Super Heroes
2015-07-28 00:44 - 2015-07-28 03:09 - 00000000 ____D C:\Users\Asoka2\Downloads\L JW M2
2015-07-27 23:17 - 2015-07-27 23:17 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\WB Games
2015-07-27 23:02 - 2015-07-27 23:02 - 00012964 _____ C:\Users\Asoka2\Desktop\LEGOHarryPotter - Verknüpfung.lnk
2015-07-27 22:55 - 2015-07-27 22:55 - 00000000 ____D C:\Program Files (x86)\WB Games
2015-07-27 22:14 - 2015-07-27 22:44 - 00000000 ____D C:\Users\Asoka2\Desktop\LEGO.Harry.Potter.Years.1-4-RELOADED
2015-07-27 22:05 - 2015-07-27 22:13 - 00000000 ____D C:\Users\Asoka2\Desktop\LEGO_MARVEL_Super_Heroes-FLT
2015-07-27 22:05 - 2015-07-27 22:05 - 00013516 _____ C:\Users\Asoka2\Desktop\LEGOLOTR - Verknüpfung.lnk
2015-07-27 19:20 - 2015-07-27 19:20 - 00000000 ____D C:\Program Files (x86)\Warner Bros. Interactive Entertainment
2015-07-27 19:16 - 2012-11-22 20:20 - 00000000 ____D C:\Users\Asoka2\Desktop\LEGO Lord of the Rings
2015-07-27 17:43 - 2015-07-28 03:10 - 00000000 ____D C:\Users\Asoka2\Downloads\Megan Sophia 1080p
2015-07-27 17:42 - 2015-07-27 17:42 - 00002594 _____ C:\Users\Asoka2\Desktop\video-1437337280.mp4_mp4.HDP
2015-07-27 17:42 - 2015-07-27 17:42 - 00001512 _____ C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk
2015-07-27 17:09 - 2015-07-27 17:09 - 30801864 _____ (DVDVideoSoft Ltd. ) C:\Windows\SysWOW64\FreeVideoToMP3Converter.exe
2015-07-27 17:08 - 2015-07-27 17:09 - 00000000 ____D C:\ProgramData\AVG
2015-07-27 17:08 - 2015-07-27 17:08 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\AVG
2015-07-27 17:08 - 2015-07-27 17:08 - 00000000 ____D C:\Users\Asoka2\AppData\Local\Avg
2015-07-27 17:06 - 2015-07-27 17:06 - 00516728 _____ ( ) C:\Users\Asoka2\Desktop\FreeVideoToMP3Converter_CB-DL-Manager.exe
2015-07-27 16:20 - 2015-07-27 16:23 - 05270047 _____ C:\Users\Asoka2\Desktop\2015-07-27.WMV
2015-07-27 16:18 - 2015-07-27 17:42 - 00155952 _____ C:\Users\Asoka2\Desktop\video-1437337280.mp4_mp4.H0
2015-07-27 06:17 - 2015-07-27 06:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2015-07-27 06:16 - 2015-07-27 06:17 - 00000000 ____D C:\Program Files\Dolphin
2015-07-27 06:16 - 2015-07-27 06:16 - 10150809 _____ C:\Users\Asoka2\Desktop\dolphin-x64-4.0.2.exe
2015-07-27 02:35 - 2015-07-27 02:35 - 00577474 _____ C:\Users\Asoka2\Desktop\vbalink180b0.zip
2015-07-27 01:28 - 2015-07-27 01:28 - 00000000 ____D C:\Program Files (x86)\SystemVigor
2015-07-27 01:27 - 2015-07-27 01:27 - 00000000 ____D C:\ProgramData\4151892479034643609
2015-07-27 01:27 - 2015-07-27 01:27 - 00000000 ____D C:\Program Files (x86)\CutThePrice
2015-07-27 01:27 - 2015-07-27 01:27 - 00000000 ____D C:\Program Files (x86)\CuatThEPRice
2015-07-27 01:27 - 2015-07-27 01:27 - 00000000 ____D C:\Program Files (x86)\Clear Cache
2015-07-27 01:27 - 2015-07-27 01:27 - 00000000 ____D C:\Program Files (x86)\bestadblocker
2015-07-27 01:26 - 2015-07-28 01:26 - 00000442 _____ C:\Windows\Tasks\InstantFame.job
2015-07-27 01:26 - 2015-07-27 01:26 - 00003356 _____ C:\Windows\System32\Tasks\InstantFame
2015-07-27 01:26 - 2015-07-27 01:26 - 00000000 ____D C:\ProgramData\iedhffpnhkkbhcibpjlhhghhkgmfeioh
2015-07-27 01:26 - 2015-07-27 01:26 - 00000000 ____D C:\ProgramData\{f7ba6149-369d-0842-f7ba-a61493698524}
2015-07-26 23:37 - 2015-07-26 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-07-26 05:10 - 2015-07-27 01:28 - 00001415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-26 05:10 - 2015-07-27 01:28 - 00001403 _____ C:\Users\Public\Desktop\Opera.lnk
2015-07-26 05:10 - 2015-07-26 05:10 - 00003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1437880204
2015-07-26 05:10 - 2015-07-26 05:10 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Opera Software
2015-07-26 05:10 - 2015-07-26 05:10 - 00000000 ____D C:\Users\Asoka2\AppData\Local\Opera Software
2015-07-26 05:09 - 2015-07-27 17:42 - 00001245 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-07-26 05:09 - 2015-07-26 16:44 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-26 05:09 - 2015-07-26 05:09 - 00001440 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-07-26 05:09 - 2015-07-26 05:09 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\RPEng
2015-07-26 05:09 - 2015-07-26 05:09 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-07-24 22:58 - 2015-07-24 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-24 22:56 - 2015-07-24 22:56 - 00001230 _____ C:\Users\Asoka2\Desktop\Dropbox.lnk
2015-07-24 22:23 - 2015-07-28 04:28 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-07-24 22:23 - 2015-07-27 22:28 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-07-24 22:23 - 2015-07-27 15:41 - 00000000 ____D C:\Users\Asoka2\AppData\Local\Dropbox
2015-07-24 22:23 - 2015-07-24 22:58 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-07-24 22:23 - 2015-07-24 22:23 - 00004210 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-07-24 22:23 - 2015-07-24 22:23 - 00003958 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-07-24 22:23 - 2015-07-24 22:23 - 00000000 ____D C:\ProgramData\Dropbox
2015-07-24 22:22 - 2015-07-24 22:22 - 00660960 _____ (Dropbox, Inc.) C:\Users\Asoka2\Downloads\DropboxInstaller.exe
2015-07-22 22:33 - 2015-07-22 22:33 - 00000000 ____D C:\Users\Asoka\Desktop\Backup
2015-07-22 07:58 - 2015-07-22 07:58 - 00000000 _____ C:\Windows\SysWOW64\REN2655.tmp
2015-07-22 04:48 - 2015-07-22 04:55 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Survival Launcher
2015-07-22 04:48 - 2015-07-22 04:48 - 03264344 _____ (Survival Launcher) C:\Users\Asoka2\Downloads\setup.exe
2015-07-22 04:48 - 2015-07-22 04:48 - 00001076 _____ C:\Users\Public\Desktop\Survival Launcher.lnk
2015-07-22 04:48 - 2015-07-22 04:48 - 00000000 ____D C:\ProgramData\regid.1995-09.com.example
2015-07-22 04:48 - 2015-07-22 04:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survival Launcher
2015-07-22 04:48 - 2015-07-22 04:48 - 00000000 ____D C:\Program Files (x86)\Survival Launcher
2015-07-22 01:22 - 2015-07-22 01:22 - 00000000 ____D C:\Users\Asoka2\AppData\Local\CEF
2015-07-21 20:55 - 2015-07-21 20:58 - 00000000 ____D C:\Users\Asoka2\Desktop\lol
2015-07-21 16:22 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 16:22 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 16:22 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 16:22 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 16:22 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 16:22 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 16:22 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 16:22 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 16:22 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 16:22 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 05:51 - 2015-07-21 05:51 - 00027956 _____ C:\Users\Asoka2\Desktop\Ava Taylor, Maryjane Johnson – Dig In Deep « HDCore - High Definition Streams Online.html
2015-07-21 05:51 - 2015-07-21 05:51 - 00000000 ____D C:\Users\Asoka2\Desktop\Ava Taylor, Maryjane Johnson – Dig In Deep « HDCore - High Definition Streams Online_files
2015-07-21 04:55 - 2015-07-21 04:55 - 05692220 _____ C:\Users\Asoka2\Desktop\Tyranitar_A4.zip
2015-07-20 22:30 - 2015-07-20 22:30 - 00000000 _____ C:\Users\Asoka2\Desktop\Neues Textdokument (2).txt
2015-07-20 17:23 - 2015-07-20 17:23 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\library_dir
2015-07-20 17:23 - 2015-07-20 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-07-20 17:23 - 2015-07-20 17:23 - 00000000 ____D C:\ProgramData\ATI
2015-07-20 17:22 - 2015-07-20 17:22 - 00058877 _____ C:\Windows\SysWOW64\CCCInstall_201507201722163695.log
2015-07-20 17:22 - 2015-07-20 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-19 22:22 - 2015-07-19 22:22 - 02882400 _____ C:\Users\Asoka2\Desktop\video-1437337367.mp4.mp4
2015-07-19 22:22 - 2015-07-19 22:22 - 02766161 _____ C:\Users\Asoka2\Desktop\video-1437337325.mp4.mp4
2015-07-19 22:21 - 2015-07-19 22:22 - 02814989 _____ C:\Users\Asoka2\Desktop\video-1437337280.mp4.mp4
2015-07-16 19:00 - 2015-07-16 19:00 - 00000000 _____ C:\Users\Asoka2\Desktop\Neues Textdokument.txt
2015-07-16 18:44 - 2015-07-16 18:47 - 338398971 _____ C:\Users\Asoka2\Desktop\sputim.rar
2015-07-16 18:38 - 2015-07-16 18:38 - 00000000 ____D C:\Users\Asoka2\Desktop\AT
2015-07-16 16:30 - 2015-07-28 02:11 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-07-15 14:20 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 14:20 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 14:20 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 14:20 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 14:20 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 14:20 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 14:20 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 14:20 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 14:20 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 14:20 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 14:20 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 14:20 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 14:20 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 14:20 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 14:20 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 14:20 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 14:20 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 14:20 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 14:20 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 14:20 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 14:20 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 14:20 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 14:20 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 14:20 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 14:20 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 14:20 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 14:20 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 14:20 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 14:20 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 14:20 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 14:20 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 14:19 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 14:19 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 14:19 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 14:19 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 14:19 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 14:19 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 14:19 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 14:19 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 14:19 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 14:19 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 14:19 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 14:19 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 14:19 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 14:19 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 14:19 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 14:19 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 14:19 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 14:19 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 14:19 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 14:19 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 14:19 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 14:19 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 14:19 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 14:19 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 14:19 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 14:19 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 14:19 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 14:19 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 14:19 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 14:19 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 14:19 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 14:19 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 14:19 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 14:19 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 14:19 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 14:19 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 14:19 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 14:19 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 14:19 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 14:19 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 14:19 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 14:19 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 14:19 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 14:19 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 14:18 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 14:18 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 14:18 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 14:18 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 14:18 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 14:18 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 14:18 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 14:18 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 14:18 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 14:18 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 14:18 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 14:18 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 14:18 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 14:18 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 14:18 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 14:18 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 14:18 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 14:17 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 14:17 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 14:17 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 14:17 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 14:17 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 14:17 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 14:17 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 14:17 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 14:17 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 14:17 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 14:17 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 14:17 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 14:17 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 14:17 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 14:17 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 14:17 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 14:17 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 14:17 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 14:17 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 14:17 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 14:17 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 14:17 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 14:17 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 14:17 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 14:17 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 14:17 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 14:17 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 14:17 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 14:17 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 14:17 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 14:17 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 14:17 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 14:17 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 14:17 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 14:17 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 14:17 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 14:17 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 14:17 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 14:17 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 01:39 - 2015-07-15 01:39 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-07-15 01:39 - 2015-07-15 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-07-15 01:39 - 2015-07-15 01:39 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-13 20:59 - 2015-07-15 15:38 - 00000000 ____D C:\Users\Asoka2\Desktop\Frauenfeld
2015-07-07 12:10 - 2015-07-07 12:12 - 00000000 ____D C:\Users\Asoka2\Desktop\DJ Sweap und DJ Pfund 500 - Ein Fall Für Zwei (2011)
2015-07-07 08:47 - 2014-02-06 16:07 - 613444480 _____ C:\Users\Asoka2\Desktop\Lara_In_Trouble_720p_FOW.mkv
2015-07-07 05:48 - 2015-07-07 05:48 - 00001023 _____ C:\Users\Public\Desktop\Seduce Me.lnk
2015-07-05 23:26 - 2015-07-05 23:26 - 00000923 _____ C:\Users\Public\Desktop\DS3 Tool.lnk
2015-07-03 08:10 - 2015-07-03 08:10 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-03 08:10 - 2015-07-03 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-03 08:10 - 2015-07-03 08:10 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-03 08:10 - 2015-07-03 08:10 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-02 07:08 - 2015-07-02 07:08 - 00001037 _____ C:\Users\Asoka2\Desktop\MixMeister BPM Analyzer.lnk
2015-07-02 07:08 - 2015-07-02 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
2015-07-02 07:08 - 2015-07-02 07:08 - 00000000 ____D C:\Program Files (x86)\MixMeister BPM Analyzer
2015-07-01 05:36 - 2015-07-01 05:36 - 01369522 _____ C:\Users\Asoka2\Desktop\21c865534c94fa6b.webm
2015-06-30 21:25 - 2015-06-30 21:26 - 21290574 _____ C:\Users\Asoka2\Desktop\Asoka-MeinHai.wav
2015-06-30 09:16 - 2015-06-30 09:17 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\GT
2015-06-30 07:37 - 2015-06-30 07:37 - 00001921 _____ C:\Users\Public\Desktop\Forsaken World.lnk
2015-06-30 07:32 - 2015-06-30 09:14 - 00000000 ____D C:\Program Files (x86)\Forsaken World_de
2015-06-30 04:48 - 2015-06-30 04:48 - 00001923 _____ C:\Users\Public\Desktop\Swordsman.lnk
2015-06-30 04:40 - 2015-06-30 04:48 - 00000000 ____D C:\Program Files (x86)\Swordsman_de
2015-06-30 02:51 - 2015-06-30 07:37 - 00000000 ___HD C:\ArcTemp
2015-06-30 02:47 - 2015-07-05 21:03 - 00000000 ____D C:\Program Files (x86)\Arc
2015-06-30 02:47 - 2015-06-30 07:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2015-06-30 02:47 - 2015-06-30 02:49 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Arc
2015-06-30 02:47 - 2015-06-30 02:47 - 00001592 _____ C:\Users\Public\Desktop\Arc.lnk
2015-06-30 02:47 - 2015-06-30 02:47 - 00000000 ____D C:\Users\Public\Documents\Arc
2015-06-28 07:23 - 2013-01-12 17:07 - 00000000 ____D C:\Users\Asoka2\Desktop\Anno2070_DO_+15Trn+SE_2.00.7780
2015-06-28 07:10 - 2015-06-28 08:27 - 00036892 _____ C:\Windows\SysWOW64\bassmod.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-28 04:54 - 2015-04-15 19:53 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-07-28 04:51 - 2013-08-09 11:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-28 04:45 - 2014-11-10 03:49 - 00000000 ____D C:\Users\Asoka2\AppData\Local\LogMeIn Hamachi
2015-07-28 04:28 - 2014-11-10 05:14 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\TS3Client
2015-07-28 04:15 - 2014-11-10 03:48 - 00000000 ____D C:\Users\Asoka2
2015-07-28 04:07 - 2013-11-17 21:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 03:46 - 2015-02-14 15:35 - 00000000 ____D C:\Users\Asoka2\AppData\Local\JDownloader 2.0
2015-07-28 03:40 - 2013-08-10 04:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-28 03:00 - 2013-08-09 11:34 - 01346571 _____ C:\Windows\WindowsUpdate.log
2015-07-28 02:00 - 2014-11-10 03:49 - 00000000 ____D C:\Users\Asoka2\AppData\Local\Adobe
2015-07-28 01:24 - 2013-08-10 03:48 - 00320252 _____ C:\Windows\DirectX.log
2015-07-28 01:19 - 2014-11-10 03:57 - 00000000 ___RD C:\Users\Asoka2\Dropbox
2015-07-28 00:53 - 2014-11-10 05:14 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\vlc
2015-07-28 00:51 - 2015-03-17 06:30 - 00000000 ____D C:\Users\Asoka2\Downloads\codex-never alone
2015-07-28 00:51 - 2013-08-09 11:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-27 22:56 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-27 22:27 - 2015-05-25 10:27 - 00000382 _____ C:\Windows\Tasks\Bidaily Synchronize Task[pr].job
2015-07-27 22:27 - 2013-10-20 23:00 - 00000000 ____D C:\Windows\Minidump
2015-07-27 19:52 - 2015-02-24 18:40 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\OBS
2015-07-27 17:42 - 2014-11-10 05:13 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\DVDVideoSoft
2015-07-27 17:42 - 2013-09-16 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-07-27 17:42 - 2013-09-16 03:19 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-07-27 15:47 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-27 15:47 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-27 15:41 - 2014-12-09 21:53 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Raptr
2015-07-27 15:40 - 2014-05-09 08:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-27 15:39 - 2014-12-23 00:04 - 00000000 ____D C:\Users\Asoka2\AppData\Local\TSVNCache
2015-07-27 15:39 - 2014-08-02 19:19 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-27 15:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-27 04:26 - 2015-02-24 18:40 - 00000000 ____D C:\Program Files\OBS
2015-07-27 02:13 - 2010-11-21 05:47 - 01865726 _____ C:\Windows\PFRO.log
2015-07-27 01:28 - 2015-05-25 10:30 - 00000000 ____D C:\Program Files (x86)\CutterMaker
2015-07-27 01:28 - 2014-11-10 03:49 - 00001725 _____ C:\Users\Asoka2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-27 01:28 - 2013-08-11 01:38 - 00001451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-27 00:45 - 2014-11-03 00:45 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-07-26 23:37 - 2014-10-28 21:33 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-07-26 17:42 - 2015-03-30 12:44 - 00000000 ____D C:\Users\Asoka2\Desktop\Programm
2015-07-26 05:15 - 2014-12-09 08:52 - 00000000 ____D C:\Users\Asoka2\Desktop\Laura
2015-07-25 18:53 - 2013-09-01 23:17 - 00000000 ____D C:\Program Files (x86)\Diablo II
2015-07-24 22:23 - 2014-11-10 05:13 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Dropbox
2015-07-23 23:24 - 2015-04-15 17:27 - 00000000 ____D C:\Program Files\Rockstar Games
2015-07-23 23:24 - 2015-04-15 17:13 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-07-23 23:23 - 2015-04-15 17:29 - 00000080 _____ C:\Users\Asoka2\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-07-23 18:17 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-22 07:59 - 2013-10-18 03:06 - 00000000 ____D C:\ProgramData\Oracle
2015-07-22 07:58 - 2015-05-24 23:52 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-22 07:58 - 2014-07-20 06:23 - 00000000 ____D C:\Program Files\Java
2015-07-22 07:57 - 2014-07-20 06:23 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-22 07:21 - 2009-07-14 06:45 - 05169960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 22:37 - 2014-11-12 22:22 - 00000000 ____D C:\Users\Asoka2\Documents\Heroes of the Storm
2015-07-20 22:37 - 2014-11-10 07:57 - 00000000 ____D C:\Users\Asoka2\Documents\StarCraft II
2015-07-20 17:23 - 2014-12-09 21:53 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-20 17:22 - 2014-10-06 04:25 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-20 17:22 - 2013-08-09 11:47 - 00000000 ____D C:\Program Files\AMD
2015-07-20 17:21 - 2013-08-09 11:46 - 00000000 ____D C:\ProgramData\AMD
2015-07-20 17:17 - 2014-04-30 02:10 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-20 17:15 - 2014-11-10 02:03 - 00000000 ____D C:\AMD
2015-07-20 08:01 - 2014-11-10 05:13 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Skype
2015-07-16 22:07 - 2014-02-11 17:29 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 22:06 - 2014-12-25 21:39 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 19:20 - 2015-04-05 02:45 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 19:20 - 2015-04-05 02:45 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 18:35 - 2015-05-24 21:05 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\.minecraft
2015-07-16 03:27 - 2014-12-11 07:31 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 03:27 - 2014-05-06 17:04 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-16 03:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 03:08 - 2013-08-27 14:54 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 00:46 - 2013-08-09 11:37 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 00:46 - 2013-08-09 11:37 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 01:07 - 2013-11-17 21:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 01:07 - 2013-11-17 21:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 01:07 - 2013-11-17 21:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 11:44 - 2014-01-28 22:23 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-07 05:48 - 2014-11-14 04:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seduce Me
2015-07-07 05:48 - 2014-11-14 04:04 - 00000000 ____D C:\Program Files (x86)\Seduce Me
2015-07-07 02:09 - 2014-11-23 07:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-07 02:09 - 2013-11-14 18:52 - 00000000 ____D C:\ProgramData\Skype
2015-07-05 23:26 - 2013-12-01 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2015-07-05 23:26 - 2013-12-01 01:15 - 00000000 ____D C:\Program Files\MotioninJoy
2015-07-05 23:15 - 2014-10-20 00:23 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-07-05 23:15 - 2014-10-20 00:23 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-07-05 23:15 - 2014-10-20 00:23 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-07-05 23:15 - 2014-10-20 00:23 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-07-03 08:43 - 2013-08-27 14:54 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-30 02:46 - 2013-08-09 11:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-10 05:08 - 2014-07-25 00:30 - 0011264 ___SH () C:\Users\Asoka2\AppData\Roaming\Thumbs.db
2014-11-10 05:08 - 2014-07-19 00:05 - 0000087 _____ () C:\Users\Asoka2\AppData\Roaming\WB.CFG
2014-11-16 01:05 - 2014-11-16 01:05 - 86830871 _____ (Inquisitor                                                  ) C:\Users\Asoka2\AppData\Roaming\[MeChoiGame.com] Real Girlfriend HF Patch.exe
2015-06-05 15:04 - 2015-06-05 15:06 - 0001456 _____ () C:\Users\Asoka2\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-11-10 05:15 - 2014-07-22 13:44 - 0352256 _____ () C:\Users\Asoka2\AppData\Local\iluisu.gdb
2014-11-10 05:15 - 2014-09-21 00:03 - 1042828 _____ () C:\Users\Asoka2\AppData\Local\iluisu.gss
2014-11-10 05:15 - 2014-08-27 23:49 - 0001454 _____ () C:\Users\Asoka2\AppData\Local\recently-used.xbel
2013-09-17 02:02 - 2013-09-17 02:40 - 0000088 __RSH () C:\ProgramData\C643C5408E.sys
2013-09-17 02:02 - 2014-09-14 20:56 - 0001682 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-11-02 05:53 - 2014-11-02 05:53 - 0000016 _____ () C:\ProgramData\mntemp

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\C__Users_Asoka_AppData_Local_Temp_Rar$EXa0.323_RealHideIP.exe
C:\ProgramData\C__Users_Asoka_Desktop_RealHideIP.exe


Einige Dateien in TEMP:
====================
C:\Users\Asoka2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3vovka.dll
C:\Users\Asoka2\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Asoka2\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Asoka2\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Asoka2\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Asoka2\AppData\Local\Temp\proxy_vole309925607928064911.dll
C:\Users\Asoka2\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Asoka2\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Asoka2\AppData\Local\Temp\tmd_34013989.exe
C:\Users\Asoka2\AppData\Local\Temp\TUUUninstallHelper.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-05-04 20:37

==================== Ende von log ============================

asoka90 · 28.07.2015, 17:40

Gmer

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-07-28 04:56:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000079 ST310005 rev.JC4B 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Asoka2\AppData\Local\Temp\uglorpoc.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                                                                  0000000076321401 2 bytes JMP 7624b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                                                                    0000000076321419 2 bytes JMP 7624b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                                                                  0000000076321431 2 bytes JMP 762c8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                                                                  000000007632144a 2 bytes CALL 7622489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                             * 9
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                                                                     00000000763214dd 2 bytes JMP 762c8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                                                              00000000763214f5 2 bytes JMP 762c89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                                                                     000000007632150d 2 bytes JMP 762c8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                                                              0000000076321525 2 bytes JMP 762c8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                                                                    000000007632153d 2 bytes JMP 7623fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                                                         0000000076321555 2 bytes JMP 762468ef C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                                                                  000000007632156d 2 bytes JMP 762c8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                                                                    0000000076321585 2 bytes JMP 762c8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                                                                       000000007632159d 2 bytes JMP 762c86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                                                                    00000000763215b5 2 bytes JMP 7623fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                                                                  00000000763215cd 2 bytes JMP 7624b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                                                              00000000763216b2 2 bytes JMP 762c8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\rundll32.exe[1628] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                                                              00000000763216bd 2 bytes JMP 762c8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe[1952] C:\Windows\SysWOW64\ntdll.dll!NtQueryValueKey                                                                                                                                             000000007724faf4 5 bytes JMP 0000000170dd18dd
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe[1952] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                                                                                                      0000000077250084 1 byte JMP 0000000170dd1ed6
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe[1952] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory + 2                                                                                                                                  0000000077250086 3 bytes {JMP 0xfffffffff9b81e52}
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2836] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82                                                                                                                                                                                                0000000074ac17fa 2 bytes CALL 762211a9 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2836] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88                                                                                                                                                                                            0000000074ac1860 2 bytes CALL 762211a9 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2836] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98                                                                                                                                                                                          0000000074ac1942 2 bytes JMP 76497089 C:\Windows\syswow64\WS2_32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2836] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109                                                                                                                                                                                         0000000074ac194d 2 bytes JMP 7649cba6 C:\Windows\syswow64\WS2_32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetModuleFileNameExW + 17                                                                                                                                                           0000000076321401 2 bytes JMP 7624b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!EnumProcessModules + 17                                                                                                                                                             0000000076321419 2 bytes JMP 7624b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetModuleInformation + 17                                                                                                                                                           0000000076321431 2 bytes JMP 762c8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetModuleInformation + 42                                                                                                                                                           000000007632144a 2 bytes CALL 7622489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!EnumDeviceDrivers + 17                                                                                                                                                              00000000763214dd 2 bytes JMP 762c8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                                       00000000763214f5 2 bytes JMP 762c89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!QueryWorkingSetEx + 17                                                                                                                                                              000000007632150d 2 bytes JMP 762c8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                                       0000000076321525 2 bytes JMP 762c8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetModuleBaseNameW + 17                                                                                                                                                             000000007632153d 2 bytes JMP 7623fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!EnumProcesses + 17                                                                                                                                                                  0000000076321555 2 bytes JMP 762468ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetProcessMemoryInfo + 17                                                                                                                                                           000000007632156d 2 bytes JMP 762c8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetPerformanceInfo + 17                                                                                                                                                             0000000076321585 2 bytes JMP 762c8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!QueryWorkingSet + 17                                                                                                                                                                000000007632159d 2 bytes JMP 762c86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetModuleBaseNameA + 17                                                                                                                                                             00000000763215b5 2 bytes JMP 7623fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetModuleFileNameExA + 17                                                                                                                                                           00000000763215cd 2 bytes JMP 7624b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetProcessImageFileNameW + 20                                                                                                                                                       00000000763216b2 2 bytes JMP 762c8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe[3584] C:\Windows\syswow64\PsApi.dll!GetProcessImageFileNameW + 31                                                                                                                                                       00000000763216bd 2 bytes JMP 762c8671 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!DispatchMessageW                                                                                                                                                                                               000000007652787b 5 bytes JMP 000000016d10eca0
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!DispatchMessageA                                                                                                                                                                                               0000000076527bbb 5 bytes JMP 000000016d10ec70
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!CreateWindowExW                                                                                                                                                                                                0000000076528a29 5 bytes JMP 000000016d10f680
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                                                                                                                                   0000000076528e4e 5 bytes JMP 000000016d10ee00
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!DestroyWindow                                                                                                                                                                                                  0000000076529a55 5 bytes JMP 000000016d10edd0
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!CreateWindowExA                                                                                                                                                                                                000000007652d22e 5 bytes JMP 000000016d10f540
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                                                                                                                                                                   00000000765305ba 5 bytes JMP 000000016d10efc0
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!ShowWindow                                                                                                                                                                                                     0000000076530dfb 5 bytes JMP 000000016d10ecd0
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!EndPaint                                                                                                                                                                                                       0000000076531341 5 bytes JMP 000000016d10f0a0
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!BeginPaint                                                                                                                                                                                                     0000000076531361 5 bytes JMP 000000016d10f040
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!UpdateLayeredWindowIndirect                                                                                                                                                                                    00000000765328da 5 bytes JMP 000000016d10f4c0
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!SetCursor                                                                                                                                                                                                      00000000765341f6 5 bytes JMP 000000016d10e580
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                                                                                                                                                                   0000000076535f74 5 bytes JMP 000000016d10ef60
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!BringWindowToTop                                                                                                                                                                                               0000000076537b3b 5 bytes JMP 000000016d10f020
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!AnimateWindow                                                                                                                                                                                                  000000007653b531 5 bytes JMP 000000016d10ee70
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!UpdateLayeredWindow                                                                                                                                                                                            000000007653ba4a 5 bytes JMP 000000016d10f3f0
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!WindowFromPoint                                                                                                                                                                                                000000007654ed12 5 bytes JMP 000000016d10e5a0
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!SetCapture                                                                                                                                                                                                     000000007654ed56 5 bytes JMP 000000016d10ef40
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                                                                                                                                            000000007654f170 5 bytes JMP 000000016d10ef00
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\GDI32.dll!BitBlt                                                                                                                                                                                                          00000000769a5ea5 5 bytes JMP 000000016d10e5d0
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\GDI32.dll!StretchBlt                                                                                                                                                                                                      00000000769aba5f 5 bytes JMP 000000016d10e840
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17                                                                                                                                                                                       0000000076321401 2 bytes JMP 7624b21b C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17                                                                                                                                                                                         0000000076321419 2 bytes JMP 7624b346 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17                                                                                                                                                                                       0000000076321431 2 bytes JMP 762c8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42                                                                                                                                                                                       000000007632144a 2 bytes CALL 7622489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                             * 9
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17                                                                                                                                                                                          00000000763214dd 2 bytes JMP 762c8822 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                                                                   00000000763214f5 2 bytes JMP 762c89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17                                                                                                                                                                                          000000007632150d 2 bytes JMP 762c8718 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                                                                   0000000076321525 2 bytes JMP 762c8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17                                                                                                                                                                                         000000007632153d 2 bytes JMP 7623fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17                                                                                                                                                                                              0000000076321555 2 bytes JMP 762468ef C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                                                                       000000007632156d 2 bytes JMP 762c8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17                                                                                                                                                                                         0000000076321585 2 bytes JMP 762c8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17                                                                                                                                                                                            000000007632159d 2 bytes JMP 762c86dc C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17                                                                                                                                                                                         00000000763215b5 2 bytes JMP 7623fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17                                                                                                                                                                                       00000000763215cd 2 bytes JMP 7624b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20                                                                                                                                                                                   00000000763216b2 2 bytes JMP 762c8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\PROGRA~2\Raptr\raptr.exe[3220] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31                                                                                                                                                                                   00000000763216bd 2 bytes JMP 762c8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                                                                                                                                                           0000000076321401 2 bytes JMP 7624b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                                                                                                                                                             0000000076321419 2 bytes JMP 7624b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                                                                                                                                                           0000000076321431 2 bytes JMP 762c8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                                                                                                                                                           000000007632144a 2 bytes CALL 7622489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                                                                                                                                                              00000000763214dd 2 bytes JMP 762c8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                                                       00000000763214f5 2 bytes JMP 762c89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                                                                                                                                                              000000007632150d 2 bytes JMP 762c8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                                                       0000000076321525 2 bytes JMP 762c8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                                                                                                                                                             000000007632153d 2 bytes JMP 7623fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                                                                                                                                                                  0000000076321555 2 bytes JMP 762468ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                                                           000000007632156d 2 bytes JMP 762c8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                                                                                                                                                             0000000076321585 2 bytes JMP 762c8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                                                                                                                                                                000000007632159d 2 bytes JMP 762c86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                                                                                                                                                             00000000763215b5 2 bytes JMP 7623fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                                                                                                                                                           00000000763215cd 2 bytes JMP 7624b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                                                                                                                                                       00000000763216b2 2 bytes JMP 762c8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[10072] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                                                                                                                                                       00000000763216bd 2 bytes JMP 762c8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                                               0000000076321401 2 bytes JMP 7624b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                                                 0000000076321419 2 bytes JMP 7624b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                                               0000000076321431 2 bytes JMP 762c8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                                               000000007632144a 2 bytes CALL 7622489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                                                  00000000763214dd 2 bytes JMP 762c8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                                           00000000763214f5 2 bytes JMP 762c89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                                                  000000007632150d 2 bytes JMP 762c8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                                           0000000076321525 2 bytes JMP 762c8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                                                 000000007632153d 2 bytes JMP 7623fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                                      0000000076321555 2 bytes JMP 762468ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                                               000000007632156d 2 bytes JMP 762c8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                                                 0000000076321585 2 bytes JMP 762c8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                                                    000000007632159d 2 bytes JMP 762c86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                                                 00000000763215b5 2 bytes JMP 7623fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                                               00000000763215cd 2 bytes JMP 7624b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                                           00000000763216b2 2 bytes JMP 762c8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                                           00000000763216bd 2 bytes JMP 762c8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                                                                                                                                        0000000076321401 2 bytes JMP 7624b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                                                                                                                                          0000000076321419 2 bytes JMP 7624b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                                                                                                                                        0000000076321431 2 bytes JMP 762c8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                                                                                                                                        000000007632144a 2 bytes CALL 7622489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                                                                                                                                           00000000763214dd 2 bytes JMP 762c8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                                    00000000763214f5 2 bytes JMP 762c89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                                                                                                                                           000000007632150d 2 bytes JMP 762c8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                                    0000000076321525 2 bytes JMP 762c8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                                                                                                                                          000000007632153d 2 bytes JMP 7623fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                                                                                                                                               0000000076321555 2 bytes JMP 762468ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                                        000000007632156d 2 bytes JMP 762c8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                                                                                                                                          0000000076321585 2 bytes JMP 762c8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                                                                                                                                             000000007632159d 2 bytes JMP 762c86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                                                                                                                                          00000000763215b5 2 bytes JMP 7623fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                                                                                                                                        00000000763215cd 2 bytes JMP 7624b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                                                                                                                                    00000000763216b2 2 bytes JMP 762c8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[6320] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                                                                                                                                    00000000763216bd 2 bytes JMP 762c8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                                               0000000076321401 2 bytes JMP 7624b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                                                 0000000076321419 2 bytes JMP 7624b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                                               0000000076321431 2 bytes JMP 762c8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                                               000000007632144a 2 bytes CALL 7622489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                                                  00000000763214dd 2 bytes JMP 762c8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                                           00000000763214f5 2 bytes JMP 762c89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                                                  000000007632150d 2 bytes JMP 762c8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                                           0000000076321525 2 bytes JMP 762c8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                                                 000000007632153d 2 bytes JMP 7623fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                                      0000000076321555 2 bytes JMP 762468ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                                               000000007632156d 2 bytes JMP 762c8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                                                 0000000076321585 2 bytes JMP 762c8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                                                    000000007632159d 2 bytes JMP 762c86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                                                 00000000763215b5 2 bytes JMP 7623fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                                               00000000763215cd 2 bytes JMP 7624b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                                           00000000763216b2 2 bytes JMP 762c8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[8444] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                                           00000000763216bd 2 bytes JMP 762c8671 C:\Windows\syswow64\kernel32.dll

---- Threads - GMER 2.1 ----

Thread   C:\Windows\SysWOW64\rundll32.exe [1628:2420]                                                                                                                                                                                                                                    000000007ee68120
Thread   C:\Windows\SysWOW64\rundll32.exe [1628:4288]                                                                                                                                                                                                                                    000000007ece2da0
---- Processes - GMER 2.1 ----

Library  C:\ProgramData\Kaspersky Lab\AVP14.0.0\Bases\Cache\klavemu.kdl.b6b6dd223ad2aad28374217a028b59b0 (*** suspicious ***) @ C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [1952] (Heuristics engine/Kaspersky Lab ZAO)(2014-09-29 13:27:51)        000000006e8a0000
Library  C:\ProgramData\Kaspersky Lab\AVP14.0.0\Bases\Cache\kjim.kdl.d266d700a30a91462cc4a509417db5ea (*** suspicious ***) @ C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [1952] (Script Heuristics Engine/Kaspersky Lab ZAO)(2015-01-16 02:32:50)    000000006ce70000
Library  C:\ProgramData\Kaspersky Lab\AVP14.0.0\Bases\Cache\mark.kdl.6c69ef8fd152138b474ef4e5105233c9 (*** suspicious ***) @ C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [1952] (Anti-Rootkit Engine/Kaspersky Lab ZAO)(2015-01-16 02:32:51)         0000000071e70000
Library  C:\ProgramData\Kaspersky Lab\AVP14.0.0\Bases\Cache\qscan.kdl.0221739a5c331aaf57e9df86d06e6d0c (*** suspicious ***) @ C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [1952] (Initial Scan Engine/Kaspersky Lab ZAO)(2015-01-16 02:32:51)        000000006d570000
Library  C:\ProgramData\Kaspersky Lab\AVP14.0.0\Bases\Cache\arkmon.kdl.aeeec152e3e81f218d27686fcaf9d774 (*** suspicious ***) @ C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [1952] (Anti-Rootkit Monitor/Kaspersky Lab ZAO)(2015-01-16 02:33:16)      0000000072d80000
Library  C:\ProgramData\Kaspersky Lab\AVP14.0.0\Bases\Cache\kavsys.kdl.6b9e4f020f04d62ab5e432e30e085597 (*** suspicious ***) @ C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [1952] (Set of system interfaces/Kaspersky Lab ZAO)(2015-01-16 02:32:50)  0000000072d00000
Library  C:\ProgramData\Kaspersky Lab\AVP14.0.0\Bases\Cache\pbs.kdl.eefcc4c76375abb2b40e8e5c00c7eccf (*** suspicious ***) @ C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [1952] (Extensional Scan Engine/Kaspersky Lab ZAO)(2014-09-29 13:27:51)      000000005adf0000

---- EOF - GMER 2.1 ----

schrauber · 29.07.2015, 07:03

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

bestadblocker

Clear Cache

SystemPlayer
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

asoka90 · 29.07.2015, 19:35

So, programme sind entfernt und ComboFix ist durchgelaufen.

Hier der Log:

Code:

ATTFilter

ComboFix 15-07-23.01 - Asoka2 29.07.2015  20:10:00.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16345.12429 [GMT 2:00]
ausgeführt von:: c:\users\Asoka2\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
C:\install.exe
c:\programdata\4151892479034643609
c:\programdata\4151892479034643609\49d7965fcc0a260a44111ad40ec5f8c9.ini
c:\programdata\4151892479034643609\549deb628e21313944111ad40ec5f8c9.ini
c:\programdata\4151892479034643609\893055e69ad01c8f44111ad40ec5f8c9.ini
c:\programdata\4151892479034643609\e6f7becfb320df4b44111ad40ec5f8c9.ini
c:\programdata\C643C5408E.sys
c:\users\Asoka2\AppData\Local\._LiveCode_
c:\users\Asoka2\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_dmemlonpnalhkbgbajojaoienapjcjap_0.localstorage-journal
c:\users\Asoka2\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_dmemlonpnalhkbgbajojaoienapjcjap_0.localstorage
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\background.html
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\cC.js
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\content.js
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\lsdb.js
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\manifest.json
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cppjkneekbjaeellbfkmgnhonkkjfpdn
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cppjkneekbjaeellbfkmgnhonkkjfpdn\000003.log
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cppjkneekbjaeellbfkmgnhonkkjfpdn\CURRENT
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cppjkneekbjaeellbfkmgnhonkkjfpdn\LOCK
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cppjkneekbjaeellbfkmgnhonkkjfpdn\LOG
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cppjkneekbjaeellbfkmgnhonkkjfpdn\LOG.old
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cppjkneekbjaeellbfkmgnhonkkjfpdn\MANIFEST-000001
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cppjkneekbjaeellbfkmgnhonkkjfpdn_0.localstorage-journal
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cppjkneekbjaeellbfkmgnhonkkjfpdn_0.localstorage
c:\users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Asoka2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphypzil.dll
c:\users\Asoka2\AppData\Local\Temp\VPN_08F9\B7091C83.dll
c:\users\Asoka2\AppData\Local\Temp\VPN_0D5A\B7091C83.dll
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\PPU68@0.net
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\PPU68@0.net\bootstrap.js
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\PPU68@0.net\chrome.manifest
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\PPU68@0.net\content\bg.js
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\PPU68@0.net\install.rdf
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\v81X0Y@v.org
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\v81X0Y@v.org\bootstrap.js
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\v81X0Y@v.org\chrome.manifest
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\v81X0Y@v.org\content\bg.js
c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\v81X0Y@v.org\install.rdf
c:\windows\DirectX.log
c:\windows\IsUn0407.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\SetupComponents.exe
c:\windows\SysWow64\tmp1129.tmp
c:\windows\SysWow64\tmp1139.tmp
c:\windows\SysWow64\tmpF936.tmp
c:\windows\SysWow64\tmpF937.tmp
c:\windows\TEMP\VPN_7FDB\48616C33.dll
c:\windows\TEMP\VPN_7FDB\B7091C83.dll
c:\windows\tmp
c:\windows\tmp\dd_vcredistMSI7C41.txt
c:\windows\tmp\dd_vcredistUI7C41.txt
c:\windows\tmp\qtsingleapp-koboex-7d5-1-lockfile
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-28 bis 2015-07-29  ))))))))))))))))))))))))))))))
.
.
2015-07-29 18:02 . 2015-07-29 18:02	--------	d-----w-	c:\programdata\73652b5c0000514d
2015-07-28 16:27 . 2015-07-15 01:12	12222168	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FF38B13-7844-4239-854F-61F9714DEFDA}\mpengine.dll
2015-07-28 16:27 . 2015-07-25 18:04	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-07-28 16:27 . 2015-07-25 18:03	433664	----a-w-	c:\windows\system32\devinv.dll
2015-07-28 16:27 . 2015-07-25 18:03	1085440	----a-w-	c:\windows\system32\appraiser.dll
2015-07-28 16:27 . 2015-07-25 18:07	17856	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-28 16:27 . 2015-07-25 18:04	765440	----a-w-	c:\windows\system32\invagent.dll
2015-07-28 16:27 . 2015-07-25 18:03	67584	----a-w-	c:\windows\system32\acmigration.dll
2015-07-28 16:27 . 2015-07-25 18:03	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-07-28 16:27 . 2015-07-25 17:55	1145856	----a-w-	c:\windows\system32\aeinv.dll
2015-07-28 03:43 . 2015-07-28 17:51	--------	d-----w-	c:\users\Asoka2\AppData\Local\osu!
2015-07-28 02:20 . 2015-07-28 02:57	--------	d-----w-	C:\FRST
2015-07-28 00:11 . 2015-07-28 00:11	--------	d-----w-	c:\users\Asoka2\AppData\Local\EMU
2015-07-27 23:17 . 2015-07-27 23:22	--------	d-----w-	c:\program files (x86)\LEGO MARVEL Super Heroes
2015-07-27 21:17 . 2015-07-27 21:17	--------	d-----w-	c:\users\Asoka2\AppData\Roaming\WB Games
2015-07-27 20:55 . 2015-07-27 20:55	--------	d-----w-	c:\program files (x86)\WB Games
2015-07-27 17:20 . 2015-07-27 17:20	--------	d-----w-	c:\program files (x86)\Warner Bros. Interactive Entertainment
2015-07-27 15:09 . 2015-07-27 15:09	30801864	----a-w-	c:\windows\SysWow64\FreeVideoToMP3Converter.exe
2015-07-27 15:08 . 2015-07-27 15:08	--------	d-----w-	c:\users\Asoka2\AppData\Roaming\AVG
2015-07-27 15:08 . 2015-07-27 15:08	--------	d-----w-	c:\users\Asoka2\AppData\Local\Avg
2015-07-27 15:08 . 2015-07-27 15:09	--------	d-----w-	c:\programdata\AVG
2015-07-27 04:16 . 2015-07-27 04:17	--------	d-----w-	c:\program files\Dolphin
2015-07-26 23:27 . 2015-07-26 23:27	--------	d-----w-	c:\program files (x86)\CutThePrice
2015-07-26 23:27 . 2015-07-26 23:27	--------	d-----w-	c:\program files (x86)\CuatThEPRice
2015-07-26 23:26 . 2015-07-26 23:26	--------	d-----w-	c:\programdata\iedhffpnhkkbhcibpjlhhghhkgmfeioh
2015-07-26 23:26 . 2015-07-26 23:26	--------	d-----w-	c:\programdata\{f7ba6149-369d-0842-f7ba-a61493698524}
2015-07-26 03:10 . 2015-07-26 03:10	--------	d-----w-	c:\users\Asoka2\AppData\Roaming\Opera Software
2015-07-26 03:10 . 2015-07-26 03:10	--------	d-----w-	c:\users\Asoka2\AppData\Local\Opera Software
2015-07-26 03:09 . 2015-07-26 03:09	--------	d-----w-	c:\program files (x86)\FreeCodecPack
2015-07-26 03:09 . 2015-07-26 14:44	--------	d-----w-	c:\program files (x86)\Opera
2015-07-26 03:09 . 2015-07-26 03:09	--------	d-----w-	c:\users\Asoka2\AppData\Roaming\RPEng
2015-07-24 20:23 . 2015-07-24 20:58	--------	d-----w-	c:\program files (x86)\Dropbox
2015-07-24 20:23 . 2015-07-29 17:11	--------	d-----w-	c:\users\Asoka2\AppData\Local\Dropbox
2015-07-24 20:23 . 2015-07-24 20:23	--------	d-----w-	c:\programdata\Dropbox
2015-07-22 05:58 . 2015-07-22 05:58	0	----a-w-	c:\windows\SysWow64\REN2655.tmp
2015-07-22 05:58 . 2015-07-22 05:58	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-07-22 02:48 . 2015-07-22 02:48	--------	d-----w-	c:\programdata\regid.1995-09.com.example
2015-07-22 02:48 . 2015-07-22 02:48	--------	d-----w-	c:\program files (x86)\Survival Launcher
2015-07-22 02:48 . 2015-07-22 02:55	--------	d-----w-	c:\users\Asoka2\AppData\Roaming\Survival Launcher
2015-07-21 23:22 . 2015-07-21 23:22	--------	d-----w-	c:\users\Asoka2\AppData\Local\CEF
2015-07-21 14:22 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 14:22 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-21 14:22 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 14:22 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 14:22 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-21 14:22 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-21 14:22 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-21 14:22 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-21 14:22 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 14:22 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-20 15:23 . 2015-07-20 15:23	--------	d-----w-	c:\programdata\ATI
2015-07-20 15:23 . 2015-07-20 15:23	--------	d-----w-	c:\users\Asoka2\AppData\Roaming\library_dir
2015-07-16 14:30 . 2015-07-28 00:11	--------	d-----w-	c:\users\Asoka2\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-07-15 12:18 . 2015-06-11 17:56	7077376	----a-w-	c:\windows\system32\mstscax.dll
2015-07-15 12:17 . 2015-07-01 20:49	1216512	----a-w-	c:\windows\system32\rpcrt4.dll
2015-07-14 23:39 . 2015-07-14 23:39	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2015-07-10 17:28 . 2015-07-28 20:44	--------	d-----w-	C:\$Windows.~BT
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2015-07-03 06:10 . 2015-07-03 06:10	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2015-07-03 06:10 . 2015-07-03 06:10	--------	d-----w-	c:\program files (x86)\QuickTime
2015-07-03 06:10 . 2015-07-03 06:10	--------	d-----w-	c:\programdata\Apple Computer
2015-07-02 05:08 . 2015-07-02 05:08	--------	d-----w-	c:\program files (x86)\MixMeister BPM Analyzer
2015-06-30 07:16 . 2015-06-30 07:17	--------	d-----w-	c:\users\Asoka2\AppData\Roaming\GT
2015-06-30 05:32 . 2015-06-30 07:14	--------	d-----w-	c:\program files (x86)\Forsaken World_de
2015-06-30 02:40 . 2015-06-30 02:48	--------	d-----w-	c:\program files (x86)\Swordsman_de
2015-06-30 00:51 . 2015-06-30 05:37	--------	d-----w-	C:\ArcTemp
2015-06-30 00:47 . 2015-06-30 00:49	--------	d-----w-	c:\users\Asoka2\AppData\Roaming\Arc
2015-06-30 00:47 . 2015-07-05 19:03	--------	d-----w-	c:\program files (x86)\Arc
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-22 05:57 . 2014-07-20 04:23	110688	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2015-07-14 23:07 . 2013-11-17 19:06	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-14 23:07 . 2013-11-17 19:06	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-14 09:44 . 2014-01-28 20:23	33856	---ha-w-	c:\windows\system32\hamachi.sys
2015-07-05 21:15 . 2014-10-19 22:23	466456	----a-w-	c:\windows\system32\wrap_oal.dll
2015-07-05 21:15 . 2014-10-19 22:23	444952	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2015-07-05 21:15 . 2014-10-19 22:23	122904	----a-w-	c:\windows\system32\OpenAL32.dll
2015-07-05 21:15 . 2014-10-19 22:23	109080	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2015-07-03 06:43 . 2013-08-27 12:54	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-06-23 11:30 . 2010-11-21 03:27	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-06-23 02:09 . 2015-06-23 02:09	107784	----a-w-	c:\windows\system32\amdave64.dll
2015-06-23 02:09 . 2015-06-23 02:09	100568	----a-w-	c:\windows\SysWow64\amdave32.dll
2015-06-23 02:09 . 2015-06-23 02:09	141792	----a-w-	c:\windows\system32\amdhcp64.dll
2015-06-23 02:09 . 2015-06-23 02:09	128384	----a-w-	c:\windows\SysWow64\amdhcp32.dll
2015-06-23 02:09 . 2015-06-23 02:09	78432	----a-w-	c:\windows\system32\atimpc64.dll
2015-06-23 02:09 . 2015-06-23 02:09	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2015-06-23 02:09 . 2015-06-23 02:09	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2015-06-23 02:09 . 2015-06-23 02:09	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2015-06-23 02:08 . 2012-07-28 01:13	152056	----a-w-	c:\windows\system32\atiuxp64.dll
2015-06-23 02:08 . 2015-06-23 02:08	133016	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2015-06-23 02:08 . 2015-06-23 02:08	120144	----a-w-	c:\windows\system32\atiu9p64.dll
2015-06-23 02:08 . 2012-12-19 19:30	102616	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2015-06-23 02:08 . 2012-07-28 02:13	1440592	----a-w-	c:\windows\system32\aticfx64.dll
2015-06-23 02:08 . 2012-07-28 02:15	1191320	----a-w-	c:\windows\SysWow64\aticfx32.dll
2015-06-23 02:08 . 2012-12-19 19:49	11941000	----a-w-	c:\windows\system32\atidxx64.dll
2015-06-23 02:08 . 2015-06-23 02:08	10087472	----a-w-	c:\windows\SysWow64\atidxx32.dll
2015-06-23 02:08 . 2012-12-19 19:44	7927568	----a-w-	c:\windows\SysWow64\atiumdva.dll
2015-06-23 02:08 . 2012-12-19 20:50	7407400	----a-w-	c:\windows\SysWow64\atiumdag.dll
2015-06-23 02:08 . 2015-06-23 02:08	8890576	----a-w-	c:\windows\system32\atiumd6a.dll
2015-06-23 02:08 . 2015-06-23 02:08	8786040	----a-w-	c:\windows\system32\atiumd64.dll
2015-06-23 02:05 . 2015-06-23 02:05	297672	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2015-06-23 02:03 . 2015-06-23 02:03	21612032	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2015-06-23 01:59 . 2015-06-23 01:59	235008	----a-w-	c:\windows\system32\clinfo.exe
2015-06-23 01:59 . 2015-06-23 01:59	47782912	----a-w-	c:\windows\system32\amdocl64.dll
2015-06-23 01:58 . 2015-06-23 01:58	39712256	----a-w-	c:\windows\SysWow64\amdocl.dll
2015-06-23 01:57 . 2015-06-23 01:57	65024	----a-w-	c:\windows\system32\OpenCL.dll
2015-06-23 01:57 . 2015-06-23 01:57	59392	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-06-23 01:55 . 2015-06-23 01:55	27535872	----a-w-	c:\windows\system32\amdocl12cl64.dll
2015-06-23 01:55 . 2015-06-23 01:55	22318592	----a-w-	c:\windows\SysWow64\amdocl12cl.dll
2015-06-23 01:33 . 2015-06-23 01:33	127488	----a-w-	c:\windows\system32\mantle64.dll
2015-06-23 01:33 . 2015-06-23 01:33	113664	----a-w-	c:\windows\SysWow64\mantle32.dll
2015-06-23 01:33 . 2015-06-23 01:33	6476288	----a-w-	c:\windows\system32\amdmantle64.dll
2015-06-23 01:28 . 2015-06-23 01:28	5067264	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2015-06-23 01:27 . 2015-06-23 01:27	30749184	----a-w-	c:\windows\system32\atio6axx.dll
2015-06-23 01:25 . 2015-06-23 01:25	93184	----a-w-	c:\windows\system32\mantleaxl64.dll
2015-06-23 01:25 . 2015-06-23 01:25	86528	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2015-06-23 01:22 . 2015-06-23 01:22	50688	----a-w-	c:\windows\system32\amdmmcl6.dll
2015-06-23 01:22 . 2015-06-23 01:22	39424	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2015-06-23 01:21 . 2015-06-23 01:21	865792	----a-w-	c:\windows\system32\coinst_15.20.dll
2015-06-23 01:21 . 2015-06-23 01:21	25296896	----a-w-	c:\windows\SysWow64\atioglxx.dll
2015-06-23 01:19 . 2015-06-23 01:19	367104	----a-w-	c:\windows\system32\atiapfxx.exe
2015-06-23 01:19 . 2015-06-23 01:19	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2015-06-23 01:19 . 2015-06-23 01:19	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2015-06-23 01:19 . 2015-06-23 01:19	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2015-06-23 01:19 . 2015-06-23 01:19	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2015-06-23 01:18 . 2015-06-23 01:18	15716864	----a-w-	c:\windows\system32\aticaldd64.dll
2015-06-23 01:18 . 2015-06-23 01:18	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2015-06-23 01:14 . 2015-06-23 01:14	442368	----a-w-	c:\windows\system32\atidemgy.dll
2015-06-23 01:14 . 2015-06-23 01:14	160256	----a-w-	c:\windows\system32\atieah64.exe
2015-06-23 01:14 . 2015-06-23 01:14	143872	----a-w-	c:\windows\SysWow64\atieah32.exe
2015-06-23 01:14 . 2015-06-23 01:14	204800	----a-w-	c:\windows\system32\amdgfxinfo64.dll
2015-06-23 01:14 . 2015-06-23 01:14	189952	----a-w-	c:\windows\SysWow64\amdgfxinfo32.dll
2015-06-23 01:14 . 2015-06-23 01:14	670720	----a-w-	c:\windows\system32\atieclxx.exe
2015-06-23 01:14 . 2015-06-23 01:14	29696	----a-w-	c:\windows\system32\atimuixx.dll
2015-06-23 01:14 . 2015-06-23 01:14	245760	----a-w-	c:\windows\system32\atiesrxx.exe
2015-06-23 01:14 . 2015-06-23 01:14	190976	----a-w-	c:\windows\system32\atitmm64.dll
2015-06-23 01:12 . 2015-06-23 01:12	89088	----a-w-	c:\windows\system32\atisamu64.dll
2015-06-23 01:12 . 2015-06-23 01:12	80896	----a-w-	c:\windows\SysWow64\atisamu32.dll
2015-06-23 01:11 . 2012-07-28 01:15	1246208	----a-w-	c:\windows\system32\atiadlxx.dll
2015-06-23 01:11 . 2015-06-23 01:11	926720	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2015-06-23 01:11 . 2015-06-23 01:11	926720	----a-w-	c:\windows\SysWow64\atiadlxx.dll
2015-06-23 01:10 . 2015-06-23 01:10	75264	----a-w-	c:\windows\system32\atig6pxx.dll
2015-06-23 01:10 . 2015-06-23 01:10	69632	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2015-06-23 01:10 . 2015-06-23 01:10	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2015-06-23 01:10 . 2015-06-23 01:10	156672	----a-w-	c:\windows\system32\atig6txx.dll
2015-06-23 01:10 . 2015-06-23 01:10	141824	----a-w-	c:\windows\SysWow64\atigktxx.dll
2015-06-23 01:10 . 2015-06-23 01:10	663552	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2015-06-23 01:09 . 2015-06-23 01:09	102912	----a-w-	c:\windows\system32\hsa-thunk64.dll
2015-06-23 01:09 . 2015-06-23 01:09	102400	----a-w-	c:\windows\SysWow64\hsa-thunk.dll
2015-06-23 01:07 . 2015-06-23 01:07	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2015-06-20 19:17 . 2015-06-20 19:17	180224	----a-w-	c:\windows\SysWow64\QTCF.dll
2015-06-16 22:23 . 2015-06-16 22:23	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2015-06-16 22:23 . 2015-06-16 22:23	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2015-05-25 18:24 . 2015-06-10 08:33	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 08:33	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 08:33	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 08:33	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 08:33	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 08:33	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 08:34	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 08:33	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 08:33	503808	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 08:33	50176	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 08:33	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 08:33	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 08:33	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 08:33	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 08:33	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 08:33	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 08:33	47104	----a-w-	c:\windows\system32\typeperf.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-11-17 448856]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-09-24 5292664]
"RUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"PC Auto Shutdown"="c:\program files (x86)\PC Auto Shutdown\AutoShutdown.exe" [2013-10-22 1442472]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2015-06-16 421888]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-07-14 5579624]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-06-22 767176]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-07-27 56080]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2015-07-24 39179912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SoftEther VPN Client Manager Startup.lnk - c:\program files\SoftEther VPN Client\vpncmgr_x64.exe /startup [2015-4-15 5379640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox-Update-Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 RzWizardService;Razer Wizard Service;c:\program files (x86)\Razer\RzWizard\RzWizardService.exe;c:\program files (x86)\Razer\RzWizard\RzWizardService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 ArcService;Arc Service;c:\program files (x86)\Arc\ArcService.exe;c:\program files (x86)\Arc\ArcService.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 dbupdatem;Dropbox-Update-Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SaiH5F0D;SaiH5F0D;c:\windows\system32\DRIVERS\SaiH5F0D.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH5F0D.sys [x]
R3 SaiU5F0D;SaiU5F0D;c:\windows\system32\DRIVERS\SaiU5F0D.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU5F0D.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 X6va016;X6va016;c:\windows\SysWOW64\Drivers\X6va016;c:\windows\SysWOW64\Drivers\X6va016 [x]
R3 X6va027;X6va027;c:\windows\SysWOW64\Drivers\X6va027;c:\windows\SysWOW64\Drivers\X6va027 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 RrNetCapFilterDriver;RadioRip Filter Driver;c:\windows\system32\DRIVERS\RrNetCapFilterDriver.sys;c:\windows\SYSNATIVE\DRIVERS\RrNetCapFilterDriver.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 FastTrackAudioDevMon;Fast Track Audio Device Monitor;c:\program files (x86)\M-Audio\Fast Track\AudioDevMon.exe;c:\program files (x86)\M-Audio\Fast Track\AudioDevMon.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 PCAutoShutdown_Service;PCAutoShutdown_Service;c:\program files (x86)\PC Auto Shutdown\ShutdownService.exe;c:\program files (x86)\PC Auto Shutdown\ShutdownService.exe [x]
S2 SEVPNCLIENT;SoftEther VPN Client;c:\program files\SoftEther VPN Client\vpnclient_x64.exe;c:\program files\SoftEther VPN Client\vpnclient_x64.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys;c:\windows\SYSNATIVE\drivers\Lycosa.sys [x]
S3 MAUSBFASTTRACK;Service for M-Audio Fast Track;c:\windows\system32\DRIVERS\MAudioFastTrack.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioFastTrack.sys [x]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0074.sys;c:\windows\SYSNATIVE\DRIVERS\Neo_0074.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SEE;SoftEther Ethernet Layer Driver;c:\windows\system32\drivers\see.sys;c:\windows\SYSNATIVE\drivers\see.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-25 21:53	995144	----a-w-	c:\program files (x86)\Google\Chrome\Application\44.0.2403.107\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-17 23:07]
.
2015-07-29 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-24 20:23]
.
2015-07-29 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-24 20:23]
.
2015-07-29 c:\windows\Tasks\InstantFame.job
- c:\programdata\{f7ba6149-369d-0842-f7ba-a61493698524}\lego_star_wars_ii_the_original_trilogy_europe_en_fr_de_es_it_da.exe [2014-07-26 23:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 14:01	2334928	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 14:01	2334928	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 14:01	2334928	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-12-15 478984]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-09-24 5292664]
"SoftEther VPN Client UI Helper"="c:\program files\SoftEther VPN Client\vpnclient_x64.exe" [2015-04-15 5189176]
"ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2013-04-16 454144]
"SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2013-04-16 158208]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
mDefault_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}
mDefault_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
mStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}
IE: Zu Anti-Banner hinzufügen - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\Asoka2\AppData\Local\Temp\ie_script.htm
FF - ProfilePath - c:\users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\
FF - prefs.js: browser.search.selectedEngine - mystartsearch
FF - prefs.js: browser.startup.homepage - hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
FF - prefs.js: network.proxy.gopher - 
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2013-08-09 22:02; speedanalysis02@SpeedAnalysis.com; c:\users\Asoka\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF - ExtSQL: !HIDDEN! 2013-08-09 22:03; 7go@7go.com; c:\users\Asoka\AppData\Roaming\Mozilla\Extensions\7go@7go.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-TweakingRunAsSystem0001
SafeBoot-TweakingRunAsSystem0002
SafeBoot-TweakingRunAsSystem0003
SafeBoot-TweakingRunAsSystem0004
SafeBoot-TweakingRunAsSystem0005
SafeBoot-TweakingRunAsSystem0006
SafeBoot-TweakingRunAsSystem0007
SafeBoot-TweakingRunAsSystem0008
SafeBoot-TweakingRunAsSystem0009
SafeBoot-TweakingRunAsSystem0010
SafeBoot-TweakingRunAsSystem0011
SafeBoot-TweakingRunAsSystem0012
SafeBoot-TweakingRunAsSystem0013
SafeBoot-TweakingRunAsSystem0014
SafeBoot-TweakingRunAsSystem0015
SafeBoot-TweakingRunAsSystem0016
SafeBoot-TweakingRunAsSystem0017
SafeBoot-TweakingRunAsSystem0018
SafeBoot-TweakingRunAsSystem0019
SafeBoot-TweakingRunAsSystem0020
SafeBoot-TweakingRunAsSystem0021
SafeBoot-TweakingRunAsSystem0022
SafeBoot-TweakingRunAsSystem0023
SafeBoot-TweakingRunAsSystem0024
SafeBoot-TweakingRunAsSystem0025
SafeBoot-TweakingRunAsSystem0026
SafeBoot-TweakingRunAsSystem0027
SafeBoot-TweakingRunAsSystem0028
SafeBoot-TweakingRunAsSystem0029
SafeBoot-TweakingRunAsSystem0030
SafeBoot-TweakingRunAsSystem0031
SafeBoot-TweakingRunAsSystem0032
SafeBoot-TweakingRunAsSystem0033
SafeBoot-TweakingRunAsSystem0034
SafeBoot-TweakingRunAsSystem0035
SafeBoot-TweakingRunAsSystem0036
SafeBoot-TweakingRunAsSystem0037
SafeBoot-TweakingRunAsSystem0038
SafeBoot-TweakingRunAsSystem0039
SafeBoot-TweakingRunAsSystem0040
SafeBoot-TweakingRunAsSystem0041
SafeBoot-TweakingRunAsSystem0042
SafeBoot-TweakingRunAsSystem0043
SafeBoot-TweakingRunAsSystem0044
SafeBoot-TweakingRunAsSystem0045
SafeBoot-TweakingRunAsSystem0046
SafeBoot-TweakingRunAsSystem0047
SafeBoot-TweakingRunAsSystem0048
SafeBoot-TweakingRunAsSystem0049
SafeBoot-TweakingRunAsSystem0050
SafeBoot-TweakingRunAsSystem0051
SafeBoot-TweakingRunAsSystem0052
SafeBoot-TweakingRunAsSystem0053
SafeBoot-TweakingRunAsSystem0054
SafeBoot-TweakingRunAsSystem0055
SafeBoot-TweakingRunAsSystem0056
SafeBoot-TweakingRunAsSystem0057
SafeBoot-TweakingRunAsSystem0058
SafeBoot-TweakingRunAsSystem0059
SafeBoot-TweakingRunAsSystem0060
SafeBoot-TweakingRunAsSystem0061
SafeBoot-TweakingRunAsSystem0062
SafeBoot-TweakingRunAsSystem0063
SafeBoot-TweakingRunAsSystem0064
SafeBoot-TweakingRunAsSystem0065
SafeBoot-TweakingRunAsSystem0066
SafeBoot-TweakingRunAsSystem0067
SafeBoot-TweakingRunAsSystem0068
SafeBoot-TweakingRunAsSystem0069
SafeBoot-TweakingRunAsSystem0070
SafeBoot-TweakingRunAsSystem0071
SafeBoot-TweakingRunAsSystem0072
SafeBoot-TweakingRunAsSystem0073
SafeBoot-TweakingRunAsSystem0074
SafeBoot-TweakingRunAsSystem0075
SafeBoot-TweakingRunAsSystem0076
SafeBoot-TweakingRunAsSystem0077
SafeBoot-TweakingRunAsSystem0078
SafeBoot-TweakingRunAsSystem0079
SafeBoot-TweakingRunAsSystem0080
SafeBoot-TweakingRunAsSystem0081
SafeBoot-TweakingRunAsSystem0082
SafeBoot-TweakingRunAsSystem0083
SafeBoot-TweakingRunAsSystem0084
SafeBoot-TweakingRunAsSystem0085
SafeBoot-TweakingRunAsSystem0086
SafeBoot-TweakingRunAsSystem0087
SafeBoot-TweakingRunAsSystem0088
SafeBoot-TweakingRunAsSystem0089
SafeBoot-TweakingRunAsSystem0090
SafeBoot-TweakingRunAsSystem0091
SafeBoot-TweakingRunAsSystem0092
SafeBoot-TweakingRunAsSystem0093
SafeBoot-TweakingRunAsSystem0094
SafeBoot-TweakingRunAsSystem0095
SafeBoot-TweakingRunAsSystem0096
SafeBoot-TweakingRunAsSystem0097
SafeBoot-TweakingRunAsSystem0098
SafeBoot-TweakingRunAsSystem0099
SafeBoot-TweakingRunAsSystem0100
SafeBoot-TweakingRunAsTrustedInstaller0001
SafeBoot-TweakingRunAsTrustedInstaller0002
SafeBoot-TweakingRunAsTrustedInstaller0003
SafeBoot-TweakingRunAsTrustedInstaller0004
SafeBoot-TweakingRunAsTrustedInstaller0005
SafeBoot-TweakingRunAsTrustedInstaller0006
SafeBoot-TweakingRunAsTrustedInstaller0007
SafeBoot-TweakingRunAsTrustedInstaller0008
SafeBoot-TweakingRunAsTrustedInstaller0009
SafeBoot-TweakingRunAsTrustedInstaller0010
SafeBoot-TweakingRunAsTrustedInstaller0011
SafeBoot-TweakingRunAsTrustedInstaller0012
SafeBoot-TweakingRunAsTrustedInstaller0013
SafeBoot-TweakingRunAsTrustedInstaller0014
SafeBoot-TweakingRunAsTrustedInstaller0015
SafeBoot-TweakingRunAsTrustedInstaller0016
SafeBoot-TweakingRunAsTrustedInstaller0017
SafeBoot-TweakingRunAsTrustedInstaller0018
SafeBoot-TweakingRunAsTrustedInstaller0019
SafeBoot-TweakingRunAsTrustedInstaller0020
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-LiveUpdateWPP - c:\program files (x86)\LiveUpdateWPP\LiveUpdateWPP_uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va016]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va016"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va027]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va027"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-29  20:30:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-29 18:30
.
Vor Suchlauf: 28 Verzeichnis(se), 88.296.701.952 Bytes frei
Nach Suchlauf: 35 Verzeichnis(se), 87.839.408.128 Bytes frei
.
- - End Of File - - 47F92EE5D93791818E76E3E15E684E16
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 30.07.2015, 08:20

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

asoka90 · 30.07.2015, 20:37

mbam

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 30.07.2015
Suchlaufzeit: 20:39
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.30.04
Rootkit-Datenbank: v2015.07.29.02
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Asoka2

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 485335
Abgelaufene Zeit: 17 Min., 14 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 10
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{A2C98B47-B5F4-94AA-281D-4135416774CF}, In Quarantäne, [6983c91e107aa78f8d16edacce33768a], 
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [b73565826624e650fad2ccd18f75db25], 
PUP.Optional.FFPluginHp.A, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp, In Quarantäne, [9d4fd017187294a200e7d33e11f2ea16], 
PUP.Optional.WebProtector.A, HKLM\SOFTWARE\WOW6432NODE\LiveUpdateWPP, In Quarantäne, [ce1e8e592e5c7abc62582272e91b3cc4], 
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, In Quarantäne, [a84414d3f5954cea333a2009788b3dc3], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C2A9ED0-361D-4678-BBB6-FA668315952D}, In Quarantäne, [6d7fe0070684a195a952990136ce04fc], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{82FE22F6-6581-4ED3-B962-D0114CFC8F04}, In Quarantäne, [64881bcc23672f0743b95a405aaa0bf5], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A178FE10-2662-4286-93AB-0477A425A351}, In Quarantäne, [6389af38830756e07189edad80843ec2], 
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [e00c9e496e1c56e0507cc1dcc93b9e62], 
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [a5470dda3951e94d828a4651ee16946c], 

Registrierungswerte: 9
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [b73565826624e650fad2ccd18f75db25]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5c2a9ed0-361d-4678-bbb6-fa668315952d}|AppName, HDvid Codec V1-buttonutil.exe, In Quarantäne, [6d7fe0070684a195a952990136ce04fc]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{82fe22f6-6581-4ed3-b962-d0114cfc8f04}|AppName, HDvid Codec V1-codedownloader.exe, In Quarantäne, [64881bcc23672f0743b95a405aaa0bf5]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a178fe10-2662-4286-93ab-0477a425a351}|AppName, HDvid Codec V1-bg.exe, In Quarantäne, [6389af38830756e07189edad80843ec2]
PUP.Optional.DefaultSearchProtected.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|defsearchp@gmail.com, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com, In Quarantäne, [6389697e3d4de155bc0e089de91b05fb]
PUP.Optional.DeskCut.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|deskCutv2@gmail.com, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com, In Quarantäne, [dc10df08ec9e6fc7ad16808e28db5fa1]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [e00c9e496e1c56e0507cc1dcc93b9e62]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, mystartsearch, In Quarantäne, [a5470dda3951e94d828a4651ee16946c]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}, In Quarantäne, [d616cf18fb8f1323943828e69e658e72]

Registrierungsdaten: 10
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F),Ersetzt,[cd1f0bdc078346f06e2b62d4887ddb25]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F),Ersetzt,[0ddfebfce4a656e0a3f9c96d9b6a3bc5]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F),Ersetzt,[608cfee9f99137ffcc4eeb4b22e37a86]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F),Ersetzt,[ca229d4a8901191d58411d1906ff3bc5]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F),Ersetzt,[c3293aad187246f063391b1be71eaf51]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}),Ersetzt,[4ca0e0079ded13236cae1a1cdb2ac838]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F),Ersetzt,[ce1eeef94f3bca6c908a310507fed828]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F),Ersetzt,[18d4a740a7e301350e0cb680ed1802fe]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={searchTerms}),Ersetzt,[2bc15295a2e8ad8947d36dc98481e818]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F),Ersetzt,[995326c10486f83e9b803501d2337e82]

Ordner: 50
PUP.Optional.MultiPlug, C:\ProgramData\iedhffpnhkkbhcibpjlhhghhkgmfeioh, In Quarantäne, [717b41a60783e94d63467026d0346a96], 
PUP.Optional.CutThePrice.A, C:\Program Files (x86)\CutThePrice, In Quarantäne, [01eb0cdb94f6ca6cc11b2ecacf33c53b], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\mz, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\skin, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\include, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\lib, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\module, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\pack, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\en, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\en-US, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\es, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\es-419, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-BE, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-CA, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-CH, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-LU, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\it, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\it-CH, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\pl, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\pt-BR, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\ru, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\ru-MO, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\tr, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\vi, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\zh-CN, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\zh-TW, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\defaults, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\defaults\preferences, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DefaultSearchProtected.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com, In Quarantäne, [c923f4f3365448ee81da67a5a063758b], 
PUP.Optional.DefaultSearchProtected.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com\chrome, In Quarantäne, [c923f4f3365448ee81da67a5a063758b], 
PUP.Optional.DefaultSearchProtected.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com\chrome\content, In Quarantäne, [c923f4f3365448ee81da67a5a063758b], 
PUP.Optional.DefaultSearchProtected.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com\chrome\skin, In Quarantäne, [c923f4f3365448ee81da67a5a063758b], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\content, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\skin, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\tools, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 

Dateien: 153
PUP.Optional.MultiPlug, C:\ProgramData\{f7ba6149-369d-0842-f7ba-a61493698524}\lego_star_wars_ii_the_original_trilogy_europe_en_fr_de_es_it_da.exe, In Quarantäne, [8f5d2bbc0a80f244fb203d8abc4535cb], 
Trojan.Agent.H, C:\Program Files (x86)\Anno 2070 Complete Edition\solidcore32.dll, In Quarantäne, [7c70ecfbd6b49c9a91814ae3c141fc04], 
PUP.Optional.Multiplug.A, C:\Program Files (x86)\CuatThEPRice\CuatThEPRice.exe, In Quarantäne, [c9231acdabdf290d3e650396639eb24e], 
PUP.Optional.Multiplug.A, C:\Program Files (x86)\CutThePrice\581Fnf8Hg4ZmKB.exe, In Quarantäne, [6983c91e107aa78f8d16edacce33768a], 
PUP.Optional.TenkiTechnology, C:\Program Files (x86)\FreeHideIP\FreeHideIP.exe, In Quarantäne, [4d9f47a07b0f2f07c4bc35d653b22fd1], 
PUP.Optional.Multiplug.A, C:\Program Files (x86)\Reddit Hover Text\Reddit Hover Text.exe, In Quarantäne, [bb3136b1bbcf65d16f34eeab2ed31de3], 
PUP.Optional.PricePeep.A, C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage, In Quarantäne, [6f7dd215513972c4bc2d35dc44bfc43c], 
PUP.Optional.PricePeep.A, C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal, In Quarantäne, [e804f9eedcae8fa7ac3da96834cf9c64], 
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, In Quarantäne, [6f7d3cab19714de9a15a200126ddb749], 
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, In Quarantäne, [68846681b7d356e0bf3c3fe2ba4949b7], 
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\searchplugins\mystartsearch.xml, In Quarantäne, [b6362cbb1f6bde58d498f633b94ace32], 
PUP.Optional.MultiPlug, C:\ProgramData\iedhffpnhkkbhcibpjlhhghhkgmfeioh\lsdb.js, In Quarantäne, [717b41a60783e94d63467026d0346a96], 
PUP.Optional.MultiPlug, C:\ProgramData\iedhffpnhkkbhcibpjlhhghhkgmfeioh\background.html, In Quarantäne, [717b41a60783e94d63467026d0346a96], 
PUP.Optional.MultiPlug, C:\ProgramData\iedhffpnhkkbhcibpjlhhghhkgmfeioh\content.js, In Quarantäne, [717b41a60783e94d63467026d0346a96], 
PUP.Optional.MultiPlug, C:\ProgramData\iedhffpnhkkbhcibpjlhhghhkgmfeioh\Hu162hhJu.js, In Quarantäne, [717b41a60783e94d63467026d0346a96], 
PUP.Optional.MultiPlug, C:\ProgramData\iedhffpnhkkbhcibpjlhhghhkgmfeioh\manifest.json, In Quarantäne, [717b41a60783e94d63467026d0346a96], 
PUP.Optional.WebProtectorPlus.A, C:\Windows\System32\Tasks\Web Protector Plus, In Quarantäne, [effd3bac8efcb2849b211a7d9b69768a], 
PUP.Optional.WebProtectorPlus.A, C:\Windows\System32\Tasks\Web Protector Plus Server, In Quarantäne, [bb314f98484266d0efcee1b6d62e12ee], 
PUP.Optional.BestPriceNinja.A, C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage, In Quarantäne, [30bc895e98f29f973efcfaab22e2f40c], 
PUP.Optional.BestPriceNinja.A, C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal, In Quarantäne, [ca22bd2ae0aa0f2756e4faab2adae917], 
PUP.Optional.BestPriceNinja.A, C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage, In Quarantäne, [06e697503b4f989e8bafabfa8a7a768a], 
PUP.Optional.BestPriceNinja.A, C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal, In Quarantäne, [21cb5a8d9eecf83e41f91491966e857b], 
PUP.Optional.CutThePrice.A, C:\Program Files (x86)\CutThePrice\581Fnf8Hg4ZmKB.dat, In Quarantäne, [01eb0cdb94f6ca6cc11b2ecacf33c53b], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome.manifest, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\install.rdf, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\background.html, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\bg.js, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\button.xml, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\config.js, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\content.js, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\framework.js, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\framework.png, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\framework.xul, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon128.ico, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon128.png, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon16.ico, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon16.png, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon18.ico, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon18.png, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon24.ico, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon24.png, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon32.ico, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon32.png, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon48.ico, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon48.png, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon64.ico, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\icon64.png, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\jquery-1.9.1.min.js, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\options.xul, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\settings.json, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\mz\background.js, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\content\mz\content.js, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.7Go.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Extensions\7go@7go.com\chrome\skin\framework.css, In Quarantäne, [32baedfaa9e1a591eb4e26d7ce34926e], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome.manifest, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\install.rdf, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\index.html, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\quick_start.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\module\mostgrid.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\icon.png, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\loading.gif, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\logo.png, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\luck.png, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\newtab.ico, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\simple.css, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\chrome\skin\style.css, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\addonmanager.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\aes.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\config.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\dialogs.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\last_tab.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\misc.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\properties.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\remoterequest.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\restoreprefs.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DeskCut.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com\modules\settings.js, In Quarantäne, [9458f5f20d7d38fec36a050715eeab55], 
PUP.Optional.DefaultSearchProtected.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com\chrome.manifest, In Quarantäne, [c923f4f3365448ee81da67a5a063758b], 
PUP.Optional.DefaultSearchProtected.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com\install.rdf, In Quarantäne, [c923f4f3365448ee81da67a5a063758b], 
PUP.Optional.DefaultSearchProtected.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com\chrome\content\jquery-2.1.0.min.js, In Quarantäne, [c923f4f3365448ee81da67a5a063758b], 
PUP.Optional.DefaultSearchProtected.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com\chrome\content\toolbar.xul, In Quarantäne, [c923f4f3365448ee81da67a5a063758b], 
PUP.Optional.DefaultSearchProtected.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com\chrome\skin\icon.png, In Quarantäne, [c923f4f3365448ee81da67a5a063758b], 
PUP.Optional.MyStartSearch, C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Schlecht: ("session":{"restore_on_startup":4,"startup_urls":["hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F"]},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"}}), Ersetzt,[539914d34446f54166af5924f51033cd]
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\install.rdf, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome.manifest, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\content\main.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\content\main.xul, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\content\tools.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\content\tr.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\content\wp.html, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\skin\favicon.ico, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\skin\icon16x16.png, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\skin\icon32x32.png, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\skin\loader.css, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\skin\main.css, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\skin\notSafe150x30.png, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\skin\safe150x30.png, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\chrome\skin\wp.css, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\AddonInfo.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\FileCacher.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\GUID.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\MessageDisplayer.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\Observer.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\PrefMan.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\TimePassed.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\Timer.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\ToolbarButton.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\WebsiteVerifier.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\tools\DaysPassed.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\tools\FFInfo.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\tools\Firstrun.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.WebProtector.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a}\modules\tools\Os.js, In Quarantäne, [f7f5588f6b1fea4cd3e2a4d26d9818e8], 
PUP.Optional.QuickStart.A, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Ersetzt,[36b65e89b1d9e4525ae0a2d87491f709]
PUP.Optional.MyStartSearch, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaultenginename", "mystartsearch");), Ersetzt,[945887606d1d2e086442ee8e778eb749]
PUP.Optional.MyStartSearch, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "mystartsearch");), Ersetzt,[04e82dba4c3e1323386f621ac63f6997]
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\prefs.js, Gut: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (browser.startup.homepage", "hxxp://www.mystartsearch.com), Ersetzt,[5e8e04e3236740f6b45e304e897cd62a]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

AdwCleaner

Code:

ATTFilter

# AdwCleaner v4.208 - Bericht erstellt 30/07/2015 um 21:19:47
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-26.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Asoka2 - ASOKA-PC
# Gestarted von : C:\Users\Asoka2\Downloads\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\73652b5c0000514d
Ordner Gelöscht : C:\ProgramData\{f7ba6149-369d-0842-f7ba-a61493698524}
Ordner Gelöscht : C:\Program Files (x86)\CuatThEPRice
Ordner Gelöscht : C:\Users\Asoka2\AppData\Roaming\RPEng
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\icpgjfneehieebagbmdbhnlpiopdcmna
Datei Gelöscht : C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Datei Gelöscht : C:\Users\Asoka2\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ Geplante Tasks ] *****

Task Gelöscht : Web Protector Plus
Task Gelöscht : Web Protector Plus Server

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Asoka2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Asoka2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Asoka2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Asoka2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Asoka2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Asoka2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk
Verknüpfung Desinfiziert : C:\Users\Asoka2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
Schlüssel Gelöscht : HKLM\SOFTWARE\3de9d41b-f281-30b1-91c9-93953e0c40d1
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdateWPP

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v37.0.1 (x86 de)

[qurrx98d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "mystartsearch");
[qurrx98d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[qurrx98d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "mystartsearch");
[qurrx98d.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F&q={sea[...]
[qurrx98d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.F8uAcXZ1yjq9Z6fa.scode", "(function(){try{if(window.location.href.indexOf(\"qdUEqdCHrdU7qHs7qTnGqjaHrE\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\"[...]
[qurrx98d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.WSKcC4cu2aGK9VLJ.scode", "(function(){try{if(window.location.href.indexOf(\"qdUEqdCHrdU7qHs7qTnGqjaHrE\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\"[...]
[qurrx98d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[qurrx98d.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v44.0.2403.107

[C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.mystartsearch.com/?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F

-\\ Chromium v


-\\ Comodo Dragon v43.3.3.185


-\\ Opera v30.0.1835.125


*************************

AdwCleaner[R0].txt - [27884 Bytes] - [28/05/2015 01:09:44]
AdwCleaner[R1].txt - [6496 Bytes] - [30/07/2015 21:17:49]
AdwCleaner[S0].txt - [26282 Bytes] - [28/05/2015 01:11:59]
AdwCleaner[S1].txt - [6167 Bytes] - [30/07/2015 21:19:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6226  Bytes] ##########

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by Asoka2 on 30.07.2015 at 21:26:14,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311431162}



~~~ Files

Successfully deleted: [File] C:\ProgramData\mntemp
Successfully deleted: [File] C:\Users\Asoka2\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage
Successfully deleted: [File] C:\Users\Asoka2\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal
Successfully deleted: [File] C:\Users\Asoka2\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\Asoka2\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage-journal
Successfully deleted: [File] C:\Users\Asoka2\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.metrolyrics.com_0.localstorage
Successfully deleted: [File] C:\Users\Asoka2\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.metrolyrics.com_0.localstorage-journal
Successfully deleted: [File] C:\Windows\SysWOW64\REN2655.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\REN59F3.tmp



~~~ Folders

Successfully deleted: [Folder] C:\Program Files\003
Successfully deleted: [Folder] C:\Users\Asoka2\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin



~~~ FireFox

Successfully deleted the following from C:\Users\Asoka2\AppData\Roaming\mozilla\firefox\profiles\qurrx98d.default\prefs.js

user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, wpc);
user_pref(browser.search.searchengine.uid, ST31000524AS_5VPD2L1FXXXX5VPD2L1F);
Emptied folder: C:\Users\Asoka2\AppData\Roaming\mozilla\firefox\profiles\qurrx98d.default\minidumps [10 files]



~~~ Chrome


[C:\Users\Asoka2\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Asoka2\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Asoka2\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Asoka2\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.07.2015 at 21:35:02,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 31.07.2015, 09:52

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

asoka90 · 01.08.2015, 04:28

Hi,
also die Ordner lassen sich jetzt viel schneller öffnen, Pc ist wieder schneller, Mysearch ist weg, nur die Pingspitzen kann ich gerade nicht sagen (ich editiere diesen Beitrag später noch)
Edit: Also mein ping geht noch immer hoch wobei noch lange nicht so schlimm wie zuvor (von 800ms auf 130-300ms) war aber sonst stabil bei rund 40 ms.

Eset

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3ad99c181047c040828928a2a451a29d
# end=init
# utc_time=2015-07-31 06:29:30
# local_time=2015-07-31 08:29:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25073
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3ad99c181047c040828928a2a451a29d
# end=updated
# utc_time=2015-07-31 06:46:12
# local_time=2015-07-31 08:46:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3ad99c181047c040828928a2a451a29d
# engine=25073
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-31 09:38:09
# local_time=2015-07-31 11:38:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777214 100 100 11682 69856711 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 81968 190008539 0 0
# scanned=563738
# found=36
# cleaned=36
# scan_time=10317
sh=15BBA5FEA2A16A78B463626556E7466DC7E93BDD ft=1 fh=c71c00117aba1e10 vn="Variante von Win32/Adware.MultiPlug.JY Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\bestadblocker\t8pn4toaIZuPwg.exe.vir"
sh=4EC24E677D06272A80550BAC89A15EA0B476E66B ft=1 fh=c71c0011f05a5357 vn="Win32/Adware.Similagro.J Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LiveUpdateWPP\LiveUpdateWPP.exe.vir"
sh=AA8BACA10E5C06F096354D8FBCC4A0861C8759B4 ft=1 fh=c71c0011e4714ba9 vn="Variante von Win32/Adware.MultiPlug.JY Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PriceeMinUs\PriceeMinUs.exe.vir"
sh=018766D1F3C95CE1CD7FC508BCFFE9117852F32E ft=1 fh=c71c00110b3af96c vn="Variante von Win32/Adware.MultiPlug.JY Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PriceMinus\mF4vVj6M7m393M.exe.vir"
sh=2BC9BBA0698D1B28E31DC4F3B008BA4A0DEBAC25 ft=1 fh=c71c0011096cb38d vn="Variante von Win32/Toolbar.GadgetBox.G evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebProtector\WebProtector.dll.vir"
sh=2BC9BBA0698D1B28E31DC4F3B008BA4A0DEBAC25 ft=1 fh=c71c0011096cb38d vn="Variante von Win32/Toolbar.GadgetBox.G evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebProtector\WebProtector_new.dll.vir"
sh=594727535F18C84C82B577DB72FD0C510B38166D ft=0 fh=0000000000000000 vn="Win32/WebProtector.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebProtectorPlus\Setup32.bat.vir"
sh=12E45057E90DEA25C52F3409EF7D7A478AC337A7 ft=0 fh=0000000000000000 vn="Win32/WebProtector.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebProtectorPlus\Setup64.bat.vir"
sh=0C81B6AC143204535105EDFB91D643B67446FA15 ft=0 fh=0000000000000000 vn="Win32/WebProtector.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebProtectorPlus\SetupOld32.bat.vir"
sh=FE3049CE1E4C8A9FF59EBF0F46485721AFF6B28D ft=0 fh=0000000000000000 vn="Win32/WebProtector.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebProtectorPlus\SetupOld64.bat.vir"
sh=EF164E54EDD72F2A06744DFC04064E102D19A410 ft=0 fh=0000000000000000 vn="Win32/WebProtector.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebProtectorPlus\SetupVista32.bat.vir"
sh=04CD0E281EB0A4A7170C821D90121610684D2FE4 ft=0 fh=0000000000000000 vn="Win32/WebProtector.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebProtectorPlus\SetupVista64.bat.vir"
sh=1855AA4AA89F9AD62295E75F42EC141C98B77BDD ft=1 fh=22c3a822f24cafef vn="Win32/WebProtector.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebProtectorPlus\WebProtectorPlus.exe.vir"
sh=511CD3D5E6AE3E51B9B25F6555AA584757CFDB8A ft=1 fh=c71c00114edc9d44 vn="Variante von Win32/Adware.MultiPlug.KU Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\{1beb6eca-ac6a-5456-1beb-b6ecaac6bb2a}\when dreams turn to dust 2013.rar.exe.vir"
sh=858524ED0C62DA7FEE38A551865CCDE45A41C289 ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\sweetsearch@gmail.com\chrome\content\toolbar.js.vir"
sh=EEFE0832A1CAA41E45898E4DE7DA18584AE5D33E ft=1 fh=c71c0011adc15447 vn="Variante von Win32/ELEX.CP evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Asoka2\AppData\Roaming\vi-view\UninstallManager.exe.vir"
sh=61897FE467FE567D4E93C0E87AF1899DB5416CA2 ft=1 fh=2b4e98822df8a714 vn="Variante von Win64/Systweak.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=8B67C4946B050285FE89EFE36AB6DC2F7B3E2D2F ft=1 fh=d91722da20002316 vn="Variante von Win64/Riskware.NetFilter.F Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir"
sh=A32AA942597786B380ABDA361918B5E6BF4F26D1 ft=1 fh=e10233d53431d7f2 vn="Variante von Win32/Packed.VMProtect.AAH Trojaner (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Warner Bros. Interactive Entertainment\LEGOÂ® The Lord of the Ringsâ„¢\rld.dll"
sh=CB13C09FB6993EDDF08EE9D824F8AF3C0EE86AA7 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\cC.js.vir"
sh=3FB7B58261DD8E7187AC6E49B915EACCEC60E9B5 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\content.js.vir"
sh=3E1F932939D832617487FE1553655B1FF7451CBC ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\lsdb.js.vir"
sh=CB13C09FB6993EDDF08EE9D824F8AF3C0EE86AA7 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\cC.js"
sh=3FB7B58261DD8E7187AC6E49B915EACCEC60E9B5 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\content.js"
sh=3E1F932939D832617487FE1553655B1FF7451CBC ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.G Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn\210\lsdb.js"
sh=ACF1FF5E761233392213C5C066C9E7293CD8A8C0 ft=1 fh=85b9bf718dc3ebe0 vn="Variante von Win32/Systweak evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Desktop\dff_rbno-qtcf.exe"
sh=5B95315844B22672C2E867D8E3D45D9F05ED2016 ft=1 fh=6e4c94e41237e20f vn="Win32/Somoto.Q evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Desktop\Ordner\Backup\Freizeit\games\emu\Nintendo 64 (Project 64 1.7)\setup Project64 2.2.exe"
sh=728A6C5580C131A7184A4A9089D6786A3D73DFEE ft=1 fh=56cabb5f604b070a vn="Variante von Win32/InstallCore.TE evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Desktop\Ordner\Backup\Freizeit\games\emu\ppsspp\psp isos\CR_Downloader_fuer_final-fantasy-iii.exe"
sh=8321F139236B23EA0BA9AFB02F9F15548F4685FC ft=1 fh=56cabb5f67b1c6f0 vn="Variante von Win32/InstallCore.TE evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Desktop\Ordner\Backup\Freizeit\games\emu\ppsspp\psp isos\CR_Downloader_fuer_final-fantasy-iv---complete-collection-(europe) (1).exe"
sh=DB20FCF28CED966836BF773A4D78B8356F233639 ft=1 fh=56cabb5f055a3b54 vn="Variante von Win32/InstallCore.TE evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Desktop\Ordner\Backup\Freizeit\games\emu\ppsspp\psp isos\CR_Downloader_fuer_final-fantasy-iv---complete-collection-(europe).exe"
sh=69F3FA22C7193BBE141F99FD07B2B3C7D2C6F79A ft=1 fh=56cabb5fa8e8ebd6 vn="Variante von Win32/InstallCore.TE evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Desktop\Ordner\Backup\Freizeit\games\emu\ppsspp\psp isos\CR_Downloader_fuer_Queue_Pack.exe"
sh=FEB540D24E76F2280D5C3FB8F209360A33725F2C ft=1 fh=4955dec23a4fe525 vn="Variante von Win32/RiskWare.HackAV.JN Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Desktop\Ordner\KW\KW.exe"
sh=D75FF1EE1BD2FBFD034A78178C275122928B4187 ft=1 fh=1bae9dc387c6fb5e vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Desktop\Programme\Mp3tag - CHIP-Installer.exe"
sh=303754A4FA23B9DB2A4B16EBF11185620655C6CF ft=1 fh=78a191b07b4b8f54 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Music\Mucke\Nate 57 - Alben - 2010 - Stress Aufm Kiez\www.brothers-of-usenet.org\Brothers Bar Community Toolbar fÃ¼r Internet Explorer.exe"
sh=A48D4337DF99A587680C8922A1E9A02507900221 ft=1 fh=3dcd6cab25f7d5c4 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Asoka2\Pictures\April2\Nicki Minja\ageofconan-de.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.AAH Trojaner (Enthielt infizierte Datei(en))" ac=C fn="${Memory}"

checkup

Code:

ATTFilter

Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 51  
 Adobe Flash Player 18.0.0.209  
 Adobe Reader XI  
 Mozilla Firefox 37.0.1 Firefox out of Date!  
 Google Chrome (44.0.2403.107) 
 Google Chrome (44.0.2403.89) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

schrauber · 01.08.2015, 15:08

das frische FRST log fehlt noch

asoka90 · 01.08.2015, 21:26

oh, ganz überlesen

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015
durchgeführt von Asoka2 (Administrator) auf ASOKA-PC (01-08-2015 22:22:49)
Gestartet von C:\Users\Asoka2\Downloads
Geladene Profile: Asoka2 (Verfügbare Profile: Asoka2)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track\AudioDevMon.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(GoldSolution Software, Inc.) C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Asoka2\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [478984 2012-12-15] (Adobe Systems Incorporated)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5292664 2012-09-24] (VIA)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5189176 2015-04-15] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5292664 2012-09-24] (VIA)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PC Auto Shutdown] => C:\Program Files (x86)\PC Auto Shutdown\AutoShutdown.exe [1442472 2013-10-23] (GoldSolution Software, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39179912 2015-07-24] (Dropbox, Inc.)
HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-04-15]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1300372446-3054197621-2797401273-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Winsock: Catalog5 09 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2014-12-24] ()
Winsock: Catalog5-x64 09 C:\Windows\system32\PrxerNsp.dll [57448 2014-12-24] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{98C3E4EC-A32A-424F-91F5-4284BAB545E8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A08EF818-2B60-4C61-9F70-9A58993735CA}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default
FF Homepage: https://www.malwarebytes.org/restorebrowser//?type=hp&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-12-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2015-06-11] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-12-15] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-03] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-03] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-03] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-03] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-03] (Apple Inc.)
FF Extension: Amazon-Icon - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\amazon-icon@giga.de [2015-05-27]
FF Extension: ProxTube - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\ich@maltegoetz.de.xpi [2014-11-10]
FF Extension: Real Hide IP - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\support@real-hide-ip.com.xpi [2014-12-24]
FF Extension: Adblock Plus - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-10]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-05-09]
FF Extension: Kein Name - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\{42c2ce50-98bd-87f8-6695-f76e817ccf5a} [nicht gefunden]
FF Extension: Kein Name - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\defsearchp@gmail.com [nicht gefunden]
FF Extension: Kein Name - C:\Users\Asoka2\AppData\Roaming\Mozilla\Firefox\Profiles\qurrx98d.default\extensions\deskCutv2@gmail.com [nicht gefunden]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR Profile: C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-06-06]
CHR Extension: (Google Translate) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-05-30]
CHR Extension: (Google Slides) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-29]
CHR Extension: (Google Docs) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-29]
CHR Extension: (Google Drive) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-29]
CHR Extension: (Kaspersky Protection) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-11-10]
CHR Extension: (YouTube) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-29]
CHR Extension: (Google Search) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-29]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-11-10]
CHR Extension: (Google Sheets) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-29]
CHR Extension: (AdBlock) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-28]
CHR Extension: (Safe Money) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-11-10]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-11-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR Extension: (Gmail) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR Extension: (Anti-Banner) - C:\Users\Asoka2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-11-10]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
StartMenuInternet: Google Chrome - Chrome.exe

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.mystartsearch.com/?type=sc&ts=1437953330&z=0302de11cc550a298d6d970g8z4c7mctbw8c3cfz4c&from=wpc&uid=ST31000524AS_5VPD2L1FXXXX5VPD2L1F

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88400 2015-06-11] (Perfect World Entertainment Inc)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-24] (Dropbox, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert]
R2 FastTrackAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track\AudioDevMon.exe [1962768 2013-05-21] (M-Audio)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-24] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD)
R2 PCAutoShutdown_Service; C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe [442136 2011-11-14] (GoldSolution Software, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-03-25] ()
S2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [368128 2015-02-17] (Razer Inc.) [Datei ist nicht signiert]
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5189176 2015-04-15] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-09-14] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-02] (Disc Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-02-15] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-09] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-05-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-05-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-05-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-05-09] (Kaspersky Lab ZAO)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
R3 MAUSBFASTTRACK; C:\Windows\System32\DRIVERS\MAudioFastTrack.sys [460048 2013-05-21] (M-Audio)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0074.sys [28640 2015-04-15] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-06-11] (Audials AG)
S3 SaiH5F0D; C:\Windows\System32\DRIVERS\SaiH5F0D.sys [171144 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 SaiU5F0D; C:\Windows\System32\DRIVERS\SaiU5F0D.sys [34304 2007-05-01] (Saitek)
R3 SEE; C:\Windows\System32\drivers\see.sys [38240 2015-04-15] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-01 22:22 - 2015-08-01 22:23 - 00035732 _____ C:\Users\Asoka2\Downloads\FRST.txt
2015-08-01 22:22 - 2015-08-01 22:22 - 02168832 _____ (Farbar) C:\Users\Asoka2\Downloads\FRST64 (1).exe
2015-08-01 10:30 - 2015-08-01 10:30 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\DisneyInteractiveStudios
2015-08-01 10:29 - 2015-08-01 10:29 - 00001869 _____ C:\Users\Asoka2\Desktop\LEGOPirates - Verknüpfung.lnk
2015-08-01 09:44 - 2015-08-01 09:44 - 00000000 ____D C:\Program Files (x86)\Disney Interactive Studios
2015-08-01 05:10 - 2011-05-14 15:39 - 00000000 ____D C:\Users\Asoka2\Desktop\LEGO.Pirates.of.the.Caribbean-SKIDROW
2015-08-01 03:38 - 2015-08-01 06:09 - 00000000 ____D C:\Users\Asoka2\Downloads\MKX PE Incl UPDs M2
2015-08-01 02:28 - 2015-08-01 03:43 - 00000000 ____D C:\Users\Asoka2\Downloads\6bc50b855d991066611e2979d5a26d62
2015-07-31 23:59 - 2015-07-31 23:59 - 00852684 _____ C:\Users\Asoka2\Downloads\SecurityCheck.exe
2015-07-31 20:28 - 2015-07-31 20:28 - 02870984 _____ (ESET) C:\Users\Asoka2\Downloads\esetsmartinstaller_deu.exe
2015-07-30 21:25 - 2015-07-30 21:25 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Asoka2\Downloads\JRT.exe
2015-07-30 21:12 - 2015-07-30 21:12 - 02248704 _____ C:\Users\Asoka2\Downloads\AdwCleaner_4.208.exe
2015-07-30 20:23 - 2015-07-30 20:24 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Asoka2\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-30 20:21 - 2015-07-30 20:23 - 300766360 _____ (AMD Inc.) C:\Users\Asoka2\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe
2015-07-29 20:30 - 2015-07-29 20:30 - 00060318 _____ C:\ComboFix.txt
2015-07-29 20:06 - 2015-07-29 20:30 - 00000000 ____D C:\Qoobox
2015-07-29 20:06 - 2015-07-29 20:26 - 00000000 ____D C:\Windows\erdnt
2015-07-29 20:06 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-29 20:06 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-29 20:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-29 20:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-29 20:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-29 20:06 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-29 20:06 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-29 20:06 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-29 19:17 - 2015-07-29 19:17 - 00001268 _____ C:\Users\Asoka2\Desktop\Revo Uninstaller.lnk
2015-07-28 21:53 - 2015-07-28 21:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2015-07-28 19:05 - 2015-07-28 19:06 - 00000000 ____D C:\Users\Asoka2\Desktop\Audiosurf.2.Early.Access-iND
2015-07-28 18:27 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 18:27 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 18:27 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 18:27 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 18:27 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 18:27 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 18:27 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 18:27 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-28 05:43 - 2015-07-28 19:51 - 00000000 ____D C:\Users\Asoka2\AppData\Local\osu!
2015-07-28 05:43 - 2015-07-28 05:43 - 00000951 _____ C:\Users\Asoka2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-07-28 05:43 - 2015-07-28 05:43 - 00000943 _____ C:\Users\Asoka2\Desktop\osu!.lnk
2015-07-28 05:42 - 2015-07-28 05:42 - 00000000 ____D C:\Users\Asoka2\Desktop\Localisation
2015-07-28 05:15 - 2015-08-01 21:28 - 00001477 _____ C:\Windows\setupact.log
2015-07-28 05:15 - 2015-07-30 08:32 - 00000000 _____ C:\Windows\setuperr.log
2015-07-28 05:03 - 2015-07-28 05:04 - 00000000 ____D C:\Users\Asoka2\Desktop\Addition
2015-07-28 04:20 - 2015-08-01 22:22 - 00000000 ____D C:\FRST
2015-07-28 04:18 - 2015-07-28 04:18 - 02146816 _____ (Farbar) C:\Users\Asoka2\Downloads\FRST64.exe
2015-07-28 02:11 - 2015-07-28 02:11 - 00000000 ____D C:\Users\Asoka2\AppData\Local\EMU
2015-07-28 01:22 - 2015-07-28 01:22 - 00001241 _____ C:\Users\Public\Desktop\LEGO MARVEL Super Heroes.lnk
2015-07-28 01:22 - 2015-07-28 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO MARVEL Super Heroes
2015-07-28 01:17 - 2015-07-28 01:22 - 00000000 ____D C:\Program Files (x86)\LEGO MARVEL Super Heroes
2015-07-28 00:44 - 2015-07-28 03:09 - 00000000 ____D C:\Users\Asoka2\Downloads\L JW M2
2015-07-27 23:17 - 2015-07-27 23:17 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\WB Games
2015-07-27 23:02 - 2015-07-27 23:02 - 00012964 _____ C:\Users\Asoka2\Desktop\LEGOHarryPotter - Verknüpfung.lnk
2015-07-27 22:55 - 2015-07-27 22:55 - 00000000 ____D C:\Program Files (x86)\WB Games
2015-07-27 22:05 - 2015-07-27 22:05 - 00013516 _____ C:\Users\Asoka2\Desktop\LEGOLOTR - Verknüpfung.lnk
2015-07-27 19:20 - 2015-07-27 19:20 - 00000000 ____D C:\Program Files (x86)\Warner Bros. Interactive Entertainment
2015-07-27 17:43 - 2015-08-01 05:35 - 00000000 ____D C:\Users\Asoka2\Downloads\Megan Sophia 1080p
2015-07-27 17:42 - 2015-07-27 17:42 - 00002594 _____ C:\Users\Asoka2\Desktop\video-1437337280.mp4_mp4.HDP
2015-07-27 17:42 - 2015-07-27 17:42 - 00001512 _____ C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk
2015-07-27 17:09 - 2015-07-27 17:09 - 30801864 _____ (DVDVideoSoft Ltd. ) C:\Windows\SysWOW64\FreeVideoToMP3Converter.exe
2015-07-27 17:08 - 2015-07-27 17:09 - 00000000 ____D C:\ProgramData\AVG
2015-07-27 17:08 - 2015-07-27 17:08 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\AVG
2015-07-27 17:08 - 2015-07-27 17:08 - 00000000 ____D C:\Users\Asoka2\AppData\Local\Avg
2015-07-27 17:06 - 2015-07-27 17:06 - 00516728 _____ ( ) C:\Users\Asoka2\Desktop\FreeVideoToMP3Converter_CB-DL-Manager.exe
2015-07-27 16:20 - 2015-07-27 16:23 - 05270047 _____ C:\Users\Asoka2\Desktop\2015-07-27.WMV
2015-07-27 06:17 - 2015-07-27 06:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2015-07-27 06:16 - 2015-07-27 06:17 - 00000000 ____D C:\Program Files\Dolphin
2015-07-27 06:16 - 2015-07-27 06:16 - 10150809 _____ C:\Users\Asoka2\Desktop\dolphin-x64-4.0.2.exe
2015-07-27 02:35 - 2015-07-27 02:35 - 00577474 _____ C:\Users\Asoka2\Desktop\vbalink180b0.zip
2015-07-27 01:26 - 2015-08-01 07:26 - 00000442 _____ C:\Windows\Tasks\InstantFame.job
2015-07-27 01:26 - 2015-07-27 01:26 - 00003356 _____ C:\Windows\System32\Tasks\InstantFame
2015-07-26 23:37 - 2015-07-26 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-07-26 05:10 - 2015-07-30 21:19 - 00000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-26 05:10 - 2015-07-26 05:10 - 00003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1437880204
2015-07-26 05:10 - 2015-07-26 05:10 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Opera Software
2015-07-26 05:10 - 2015-07-26 05:10 - 00000000 ____D C:\Users\Asoka2\AppData\Local\Opera Software
2015-07-26 05:09 - 2015-07-27 17:42 - 00001245 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-07-26 05:09 - 2015-07-26 16:44 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-26 05:09 - 2015-07-26 05:09 - 00001440 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-07-26 05:09 - 2015-07-26 05:09 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-07-24 22:58 - 2015-07-24 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-24 22:56 - 2015-07-24 22:56 - 00001230 _____ C:\Users\Asoka2\Desktop\Dropbox.lnk
2015-07-24 22:23 - 2015-08-01 21:30 - 00000000 ____D C:\Users\Asoka2\AppData\Local\Dropbox
2015-07-24 22:23 - 2015-08-01 21:28 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-07-24 22:23 - 2015-08-01 12:28 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-07-24 22:23 - 2015-07-24 22:58 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-07-24 22:23 - 2015-07-24 22:23 - 00004210 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-07-24 22:23 - 2015-07-24 22:23 - 00003958 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-07-24 22:23 - 2015-07-24 22:23 - 00000000 ____D C:\ProgramData\Dropbox
2015-07-24 22:22 - 2015-07-24 22:22 - 00660960 _____ (Dropbox, Inc.) C:\Users\Asoka2\Downloads\DropboxInstaller.exe
2015-07-22 22:33 - 2015-07-22 22:33 - 00000000 ____D C:\Users\Asoka\Desktop\Backup
2015-07-22 04:48 - 2015-07-22 04:55 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Survival Launcher
2015-07-22 04:48 - 2015-07-22 04:48 - 03264344 _____ (Survival Launcher) C:\Users\Asoka2\Downloads\setup.exe
2015-07-22 01:22 - 2015-07-22 01:22 - 00000000 ____D C:\Users\Asoka2\AppData\Local\CEF
2015-07-21 20:55 - 2015-07-21 20:58 - 00000000 ____D C:\Users\Asoka2\Desktop\lol
2015-07-21 16:22 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 16:22 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 16:22 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 16:22 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 16:22 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 16:22 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 16:22 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 16:22 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 16:22 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 16:22 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 04:55 - 2015-07-21 04:55 - 05692220 _____ C:\Users\Asoka2\Desktop\Tyranitar_A4.zip
2015-07-20 17:23 - 2015-07-20 17:23 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\library_dir
2015-07-20 17:23 - 2015-07-20 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-07-20 17:23 - 2015-07-20 17:23 - 00000000 ____D C:\ProgramData\ATI
2015-07-20 17:22 - 2015-07-20 17:22 - 00058877 _____ C:\Windows\SysWOW64\CCCInstall_201507201722163695.log
2015-07-20 17:22 - 2015-07-20 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-19 22:22 - 2015-07-19 22:22 - 02882400 _____ C:\Users\Asoka2\Desktop\video-1437337367.mp4.mp4
2015-07-19 22:22 - 2015-07-19 22:22 - 02766161 _____ C:\Users\Asoka2\Desktop\video-1437337325.mp4.mp4
2015-07-19 22:21 - 2015-07-19 22:22 - 02814989 _____ C:\Users\Asoka2\Desktop\video-1437337280.mp4.mp4
2015-07-16 18:38 - 2015-07-16 18:38 - 00000000 ____D C:\Users\Asoka2\Desktop\AT
2015-07-16 16:30 - 2015-07-28 02:11 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-07-15 14:20 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 14:20 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 14:20 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 14:20 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 14:20 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 14:20 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 14:20 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 14:20 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 14:20 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 14:20 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 14:20 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 14:20 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 14:20 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 14:20 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 14:20 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 14:20 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 14:20 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 14:20 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 14:20 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 14:20 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 14:20 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 14:20 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 14:20 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 14:20 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 14:20 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 14:20 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 14:20 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 14:20 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 14:20 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 14:20 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 14:20 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 14:20 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 14:19 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 14:19 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 14:19 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 14:19 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 14:19 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 14:19 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 14:19 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 14:19 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 14:19 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 14:19 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 14:19 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 14:19 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 14:19 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 14:19 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 14:19 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 14:19 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 14:19 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 14:19 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 14:19 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 14:19 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 14:19 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 14:19 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 14:19 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 14:19 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 14:19 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 14:19 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 14:19 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 14:19 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 14:19 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 14:19 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 14:19 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 14:19 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 14:19 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 14:19 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 14:19 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 14:19 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 14:19 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 14:19 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 14:19 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 14:19 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 14:19 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 14:19 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 14:19 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 14:19 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 14:18 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 14:18 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 14:18 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 14:18 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 14:18 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 14:18 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 14:18 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 14:18 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 14:18 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 14:18 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 14:18 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 14:18 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 14:18 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 14:18 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 14:18 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 14:18 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 14:18 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 14:17 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 14:17 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 14:17 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 14:17 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 14:17 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 14:17 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 14:17 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 14:17 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 14:17 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 14:17 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 14:17 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 14:17 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 14:17 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 14:17 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 14:17 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 14:17 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 14:17 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 14:17 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 14:17 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 14:17 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 14:17 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 14:17 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 14:17 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 14:17 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 14:17 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 14:17 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 14:17 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 14:17 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 14:17 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 14:17 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 14:17 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 14:17 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 14:17 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 01:39 - 2015-07-15 01:39 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-07-15 01:39 - 2015-07-15 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-07-15 01:39 - 2015-07-15 01:39 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-13 20:59 - 2015-07-15 15:38 - 00000000 ____D C:\Users\Asoka2\Desktop\Frauenfeld
2015-07-10 19:28 - 2015-07-28 22:44 - 00000000 ____D C:\$Windows.~BT
2015-07-07 12:10 - 2015-07-07 12:12 - 00000000 ____D C:\Users\Asoka2\Desktop\DJ Sweap und DJ Pfund 500 - Ein Fall Für Zwei (2011)
2015-07-07 08:47 - 2014-02-06 16:07 - 613444480 _____ C:\Users\Asoka2\Desktop\Lara_In_Trouble_720p_FOW.mkv
2015-07-07 05:48 - 2015-07-07 05:48 - 00001023 _____ C:\Users\Public\Desktop\Seduce Me.lnk
2015-07-05 23:26 - 2015-07-05 23:26 - 00000923 _____ C:\Users\Public\Desktop\DS3 Tool.lnk
2015-07-03 08:10 - 2015-07-03 08:10 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-03 08:10 - 2015-07-03 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-03 08:10 - 2015-07-03 08:10 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-03 08:10 - 2015-07-03 08:10 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-02 07:08 - 2015-07-02 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
2015-07-02 07:08 - 2015-07-02 07:08 - 00000000 ____D C:\Program Files (x86)\MixMeister BPM Analyzer

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-01 22:18 - 2015-04-15 19:53 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2015-08-01 22:07 - 2013-11-17 21:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-01 21:56 - 2014-11-10 05:14 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\TS3Client
2015-08-01 21:47 - 2013-08-09 11:34 - 01100118 _____ C:\Windows\WindowsUpdate.log
2015-08-01 21:37 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-01 21:37 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-01 21:33 - 2013-08-10 04:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-01 21:30 - 2014-12-09 21:53 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Raptr
2015-08-01 21:30 - 2014-11-10 03:57 - 00000000 ___RD C:\Users\Asoka2\Dropbox
2015-08-01 21:29 - 2014-11-10 03:49 - 00000000 ____D C:\Users\Asoka2\AppData\Local\LogMeIn Hamachi
2015-08-01 21:29 - 2014-05-09 08:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-01 21:28 - 2014-12-23 00:04 - 00000000 ____D C:\Users\Asoka2\AppData\Local\TSVNCache
2015-08-01 21:28 - 2014-08-02 19:19 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-08-01 21:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-01 21:27 - 2010-11-21 05:47 - 01944250 _____ C:\Windows\PFRO.log
2015-08-01 10:00 - 2015-06-19 03:50 - 00000000 ____D C:\Users\Asoka2\Desktop\Porn
2015-08-01 09:50 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-01 08:35 - 2015-03-30 12:44 - 00000000 ____D C:\Users\Asoka2\Desktop\Programm
2015-08-01 06:43 - 2014-11-10 07:56 - 00000000 ____D C:\Users\Asoka2\Documents\My Games
2015-08-01 06:10 - 2015-02-14 15:35 - 00000000 ____D C:\Users\Asoka2\AppData\Local\JDownloader 2.0
2015-08-01 05:36 - 2014-11-10 05:14 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\vlc
2015-08-01 02:00 - 2014-11-10 03:49 - 00000000 ____D C:\Users\Asoka2\AppData\Local\Adobe
2015-08-01 00:07 - 2014-12-06 21:10 - 00000000 ____D C:\Users\Asoka2\AppData\Local\Apps\2.0
2015-07-31 23:37 - 2014-11-30 01:14 - 00000000 ____D C:\Users\Asoka2\Desktop\Programme
2015-07-30 21:19 - 2015-05-28 01:09 - 00000000 ____D C:\AdwCleaner
2015-07-30 21:19 - 2014-11-10 03:49 - 00000997 _____ C:\Users\Asoka2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-30 21:19 - 2013-08-11 01:38 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-30 21:19 - 2013-08-09 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-30 21:03 - 2015-06-26 01:54 - 00000000 ____D C:\Program Files (x86)\Anno 2070 Complete Edition
2015-07-30 21:03 - 2015-05-25 10:29 - 00000000 ____D C:\Program Files (x86)\Reddit Hover Text
2015-07-30 21:03 - 2014-12-24 16:45 - 00000000 ____D C:\Program Files (x86)\FreeHideIP
2015-07-30 08:32 - 2014-06-08 01:38 - 00002565 _____ C:\Windows\diagwrn.xml
2015-07-30 08:32 - 2014-06-08 01:38 - 00001908 _____ C:\Windows\diagerr.xml
2015-07-29 20:30 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-29 20:22 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-29 19:24 - 2014-12-09 21:53 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-29 03:00 - 2014-05-06 17:04 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 22:31 - 2013-08-09 12:27 - 00000000 ____D C:\Windows\Panther
2015-07-28 05:02 - 2014-11-10 03:48 - 00000000 ____D C:\Users\Asoka2
2015-07-28 00:51 - 2015-03-17 06:30 - 00000000 ____D C:\Users\Asoka2\Downloads\codex-never alone
2015-07-27 22:27 - 2013-10-20 23:00 - 00000000 ____D C:\Windows\Minidump
2015-07-27 19:52 - 2015-02-24 18:40 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\OBS
2015-07-27 17:42 - 2014-11-10 05:13 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\DVDVideoSoft
2015-07-27 17:42 - 2013-09-16 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-07-27 17:42 - 2013-09-16 03:19 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-07-27 04:26 - 2015-02-24 18:40 - 00000000 ____D C:\Program Files\OBS
2015-07-27 01:28 - 2015-05-25 10:30 - 00000000 ____D C:\Program Files (x86)\CutterMaker
2015-07-27 00:45 - 2014-11-03 00:45 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-07-26 23:37 - 2014-10-28 21:33 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-07-26 05:15 - 2014-12-09 08:52 - 00000000 ____D C:\Users\Asoka2\Desktop\Laura
2015-07-25 18:53 - 2013-09-01 23:17 - 00000000 ____D C:\Program Files (x86)\Diablo II
2015-07-24 22:23 - 2014-11-10 05:13 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Dropbox
2015-07-23 23:24 - 2015-04-15 17:27 - 00000000 ____D C:\Program Files\Rockstar Games
2015-07-23 23:24 - 2015-04-15 17:13 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-07-23 23:23 - 2015-04-15 17:29 - 00000080 _____ C:\Users\Asoka2\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-07-23 18:17 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-22 07:59 - 2013-10-18 03:06 - 00000000 ____D C:\ProgramData\Oracle
2015-07-22 07:58 - 2015-05-24 23:52 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-22 07:58 - 2014-07-20 06:23 - 00000000 ____D C:\Program Files\Java
2015-07-22 07:57 - 2014-07-20 06:23 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-22 07:21 - 2009-07-14 06:45 - 05169960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 22:37 - 2014-11-12 22:22 - 00000000 ____D C:\Users\Asoka2\Documents\Heroes of the Storm
2015-07-20 22:37 - 2014-11-10 07:57 - 00000000 ____D C:\Users\Asoka2\Documents\StarCraft II
2015-07-20 17:22 - 2014-10-06 04:25 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-20 17:22 - 2013-08-09 11:47 - 00000000 ____D C:\Program Files\AMD
2015-07-20 17:21 - 2013-08-09 11:46 - 00000000 ____D C:\ProgramData\AMD
2015-07-20 17:17 - 2014-04-30 02:10 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-20 17:15 - 2014-11-10 02:03 - 00000000 ____D C:\AMD
2015-07-20 08:01 - 2014-11-10 05:13 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\Skype
2015-07-16 22:07 - 2014-02-11 17:29 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 22:06 - 2014-12-25 21:39 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 19:20 - 2015-04-05 02:45 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 19:20 - 2015-04-05 02:45 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 18:35 - 2015-05-24 21:05 - 00000000 ____D C:\Users\Asoka2\AppData\Roaming\.minecraft
2015-07-16 03:27 - 2014-12-11 07:31 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 03:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 03:08 - 2013-08-27 14:54 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 01:07 - 2013-11-17 21:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 01:07 - 2013-11-17 21:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 01:07 - 2013-11-17 21:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 11:44 - 2014-01-28 22:23 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-07 05:48 - 2014-11-14 04:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seduce Me
2015-07-07 05:48 - 2014-11-14 04:04 - 00000000 ____D C:\Program Files (x86)\Seduce Me
2015-07-07 02:09 - 2014-11-23 07:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-07 02:09 - 2013-11-14 18:52 - 00000000 ____D C:\ProgramData\Skype
2015-07-05 23:26 - 2013-12-01 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2015-07-05 23:26 - 2013-12-01 01:15 - 00000000 ____D C:\Program Files\MotioninJoy
2015-07-05 23:15 - 2014-10-20 00:23 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-07-05 23:15 - 2014-10-20 00:23 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-07-05 23:15 - 2014-10-20 00:23 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-07-05 23:15 - 2014-10-20 00:23 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-07-05 21:03 - 2015-06-30 02:47 - 00000000 ____D C:\Program Files (x86)\Arc
2015-07-03 08:43 - 2013-08-27 14:54 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-10 05:08 - 2014-07-25 00:30 - 0011264 ___SH () C:\Users\Asoka2\AppData\Roaming\Thumbs.db
2014-11-10 05:08 - 2014-07-19 00:05 - 0000087 _____ () C:\Users\Asoka2\AppData\Roaming\WB.CFG
2014-11-16 01:05 - 2014-11-16 01:05 - 86830871 _____ (Inquisitor                                                  ) C:\Users\Asoka2\AppData\Roaming\[MeChoiGame.com] Real Girlfriend HF Patch.exe
2015-06-05 15:04 - 2015-06-05 15:06 - 0001456 _____ () C:\Users\Asoka2\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-11-10 05:15 - 2014-07-22 13:44 - 0352256 _____ () C:\Users\Asoka2\AppData\Local\iluisu.gdb
2014-11-10 05:15 - 2014-09-21 00:03 - 1042828 _____ () C:\Users\Asoka2\AppData\Local\iluisu.gss
2014-11-10 05:15 - 2014-08-27 23:49 - 0001454 _____ () C:\Users\Asoka2\AppData\Local\recently-used.xbel
2013-09-17 02:02 - 2014-09-14 20:56 - 0001682 ___SH () C:\ProgramData\KGyGaAvL.sys

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\C__Users_Asoka_AppData_Local_Temp_Rar$EXa0.323_RealHideIP.exe
C:\ProgramData\C__Users_Asoka_Desktop_RealHideIP.exe


Einige Dateien in TEMP:
====================
C:\Users\Asoka2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxzxii0.dll
C:\Users\Asoka2\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Asoka2\AppData\Local\Temp\proxy_vole4296321646870098682.dll
C:\Users\Asoka2\AppData\Local\Temp\Quarantine.exe
C:\Users\Asoka2\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-05-04 20:37

==================== Ende von log ============================

schrauber · 02.08.2015, 11:37

Proxyfier neu installieren, oder ganz weg damit.

asoka90 · 03.08.2015, 05:05

Cool, es funktioniert wieder alles. Vielen dank für deine Hilfe. Gibt es hier einen Bedank-Button oder sowas?

01.08.2015, 15:08	#12
schrauber /// the machine /// TB-Ausbilder	Seit 2 Tagen pc sehr langsam und hohe Pingspitzen das frische FRST log fehlt noch __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

02.08.2015, 11:37	#14
schrauber /// the machine /// TB-Ausbilder	Seit 2 Tagen pc sehr langsam und hohe Pingspitzen Proxyfier neu installieren, oder ganz weg damit. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Seit 2 Tagen pc sehr langsam und hohe Pingspitzen

Plagegeister aller Art und deren Bekämpfung: Seit 2 Tagen pc sehr langsam und hohe Pingspitzen