| |
| |||||||
Alles rund um Windows: Trojaner Verseucht kommplettes WindosWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
22.08.2015, 09:51
| #1 |
| |  Problem: Trojaner Verseucht kommplettes Windos Ich kann viele online games nicht mehr starten und viele programme nicht mehr öffnen habe gesten schon 2 programme über meinem pc laufen lassen bis ich endlich wider ins internet konnte |
|
22.08.2015, 10:01
| #2 |
| /// the machine /// TB-Ausbilder    | Trojaner Verseucht kommplettes Windos Anleitung / Hilfe hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
22.08.2015, 10:25
| #3 |
| | Trojaner Verseucht kommplettes Windos DetailsCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-08-2015 03
durchgeführt von Flori (2015-08-22 11:23:26)
Gestartet von G:\D
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3467504263-19935394-2474285127-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3467504263-19935394-2474285127-1004 - Limited - Enabled)
Flori (S-1-5-21-3467504263-19935394-2474285127-1000 - Administrator - Enabled) => C:\Users\Flori
Gast (S-1-5-21-3467504263-19935394-2474285127-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3467504263-19935394-2474285127-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Der Herr der Ringe Online™“ v03.08.00.8025 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8025 - Turbine, Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.1.1.110 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
APPptooiU (HKLM-x32\...\{01B91C29-337A-1FFD-7CFC-473451D2F861}) (Version: - ApptoU) <==== ACHTUNG
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.1 - Electronic Arts)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version: - )
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cheatbook 12.2012 (HKLM-x32\...\Cheatbook 12.2012) (Version: - )
Cinema Plus v6V23.07 (HKLM-x32\...\Cinema Plus v6V23.07) (Version: 1.36.01.22 - Cinema Plus v6V23.07) <==== ACHTUNG
CooOlSaleeCouppon (HKLM-x32\...\{0C516764-8CFC-C2FE-7BB0-A50A646E4DCD}) (Version: - CoolSaleCoupon) <==== ACHTUNG
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
COupScanner (HKLM-x32\...\{80E8B0A0-117D-1402-7CDE-688156237115}) (Version: - CoupScanner) <==== ACHTUNG
CPU Miner (HKLM\...\cpuminer) (Version: 1.1 - Open Source)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CulickForSale (HKLM-x32\...\{6C998B44-82D8-CC7E-D847-4CD73036412A}) (Version: - "") <==== ACHTUNG
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
ddeal4oreeAl (HKLM-x32\...\{2FA77785-00C3-A920-6452-D4FE5C9C129F}) (Version: - "")
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo III Beta (HKLM-x32\...\Diablo III Beta) (Version: - Blizzard Entertainment)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{A5A55BFF-DCFE-4771-A1FF-84716C386E17}) (Version: 8.0.319.1 - ESET, spol s r. o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.0.7.1 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.0.7.1 Alpha - ETS2MP Team)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FFleexiibleSShOPpeRR (HKLM-x32\...\{A30F3754-C0DC-8242-F3A9-52B360AE9798}) (Version: - FlexibleShopper) <==== ACHTUNG
fixerfixing (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{baf5b66}) (Version: - Software Publisher) <==== ACHTUNG
Foxtab (HKLM-x32\...\foxtab) (Version: - FoxTab) <==== ACHTUNG
Free YouTube to MP3 Converter version 3.12.48.1015 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.48.1015 - DVDVideoSoft Ltd.)
Ge-Force (HKLM-x32\...\Ge-Force) (Version: 1.36.01.22 - Webar) <==== ACHTUNG
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
greaatsuaviNag (HKLM-x32\...\{439763FF-59EC-FF1D-B0B5-CB9E213A7A5C}) (Version: - "") <==== ACHTUNG
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
ICQ 8.0 (build 5989, für aktuellen Benutzer) (HKU\S-1-5-21-3467504263-19935394-2474285127-1000\...\ICQ) (Version: 8.0.5989.0 - Mail.Ru)
Image Editor Packages (HKU\S-1-5-21-3467504263-19935394-2474285127-1000\...\Image Editor Packages) (Version: - ) <==== ACHTUNG
Instant Translate (HKLM-x32\...\{CC17A332-9555-AD95-3985-0BDD9BF0EC71}) (Version: - "") <==== ACHTUNG
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LiveUpdateWPP (HKLM-x32\...\LiveUpdateWPP) (Version: - Anti-phishing database updater for Web Protector Plus. This service keeps your computer updated with the newest database of known Internet threats.)
Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla)
Open Tweet Filter (HKLM-x32\...\{BA5D43C9-D633-D0EC-CFEA-2ABA974B333D}) (Version: - "")
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
PowerInbox (HKLM-x32\...\{4E5FE462-1A84-47B4-3411-C72434AAD86C}) (Version: - "") <==== ACHTUNG
PowerNap (HKLM-x32\...\{922A8108-6233-4AD6-AFBB-6404D8FA80AF}) (Version: 1.3.5 - Dell)
PriceuDDowunlOOaaderr (HKLM-x32\...\{2D471A31-4FA7-95BA-1880-D441113ED736}) (Version: - "") <==== ACHTUNG
Pro Evolution Soccer 2014 (HKLM-x32\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.00.0000 - KONAMI)
ProSuhoppeor (HKLM-x32\...\{8F213470-964F-4092-6B31-BC7570F31B5A}) (Version: - ProShopper) <==== ACHTUNG
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QueeenCouupon (HKLM-x32\...\{3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}) (Version: - "") <==== ACHTUNG
Radio Canyon (HKLM-x32\...\Radio Canyon) (Version: 1.35.9.29 - Radio Canyon) <==== ACHTUNG
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
SaovErona (HKLM-x32\...\{66951628-3E5A-9C96-37EA-490E187974D5}) (Version: - "") <==== ACHTUNG
saVingtoyyouu (HKLM-x32\...\{A2616871-3463-BCEE-5AFA-73773317A381}) (Version: - "") <==== ACHTUNG
Search By eSpeedCheck (HKLM-x32\...\{D86C82B0-1F02-816A-5F3D-6466F6A67566}) (Version: - "")
Search module (HKLM-x32\...\Search module) (Version: - Goobzo)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 3.0.10.64 - Client Connect LTD) <==== ACHTUNG
Shopndrop (HKLM-x32\...\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}) (Version: - "") <==== ACHTUNG
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version: - ) <==== ACHTUNG
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version: - Ironclad Games)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
soaveitkeeeP. (HKLM-x32\...\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}) (Version: - "") <==== ACHTUNG
Spotify (HKU\S-1-5-21-3467504263-19935394-2474285127-1000\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Starcraft 2 Stream Browser (HKLM-x32\...\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}) (Version: - "") <==== ACHTUNG
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sticky Notes Just popped up (HKLM-x32\...\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}) (Version: - "") <==== ACHTUNG
suirfkeeepait (HKLM-x32\...\{594FD08C-0622-F9B8-CB02-7C1355D33CB8}) (Version: - "") <==== ACHTUNG
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Hunter 2014 (HKLM-x32\...\TheHunter2014_is1) (Version: 1.0 - Rondomedia)
theHunter Launcher (HKLM-x32\...\FBDFBE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1) (Version: 631 - Expansive Worlds)
topadeal (HKLM-x32\...\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}) (Version: - "") <==== ACHTUNG
Torchlight II (HKLM-x32\...\{55F7D521-17CA-454D-9D4D-975EF2E10708}_is1) (Version: - White Rabbit Interactive)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VideoPlayer v2.0.6 (HKLM-x32\...\VideoPlayer) (Version: v2.0.6 - TUGUU SL) <==== ACHTUNG
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Beta (HKLM-x32\...\World of Warcraft Beta) (Version: - Blizzard Entertainment)
YTDownloader (HKLM-x32\...\YTDownloader) (Version: - YTDownloader) <==== ACHTUNG
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3467504263-19935394-2474285127-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3467504263-19935394-2474285127-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Wiederherstellungspunkte =========================
20-08-2015 00:26:46 Windows Update
21-08-2015 18:00:52 ESET NOD32 Antivirus wurde installiert
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-08-21 17:28 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06908E30-A429-4540-AD4B-2123AD0B601E} - \SPBIW_UpdateTask_Time_313638323633303335362d5b5b4a346c4123452a5a556c -> Keine Datei <==== ACHTUNG
Task: {07643D5A-2778-44FC-89A3-44BF2D20FEE4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {0852C4B4-06B7-44F1-A7E8-9924F38E7567} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3467504263-19935394-2474285127-1000UA => C:\Users\Flori\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-24] (Facebook Inc.)
Task: {1756F64A-D067-4F73-BBF7-15B6F150707F} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ACHTUNG
Task: {1A41CE2C-A688-4C6D-9B87-020998B5FF0F} - \Feven 2.5-codedownloader -> Keine Datei <==== ACHTUNG
Task: {22BE191E-695C-4F5E-9811-12CD071D9316} - \Super Optimizer Schedule -> Keine Datei <==== ACHTUNG
Task: {2A3BF3F4-D0CD-4B2A-9548-CDAE80CDEF80} - \Desk 365 RunAsStdUser -> Keine Datei <==== ACHTUNG
Task: {32C39472-C9A5-4E5B-8B71-77D8C5B136D7} - \Digital Sites -> Keine Datei <==== ACHTUNG
Task: {34433B2A-B220-4ACF-BE93-9F819281D569} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {34C2B1EF-88D6-4C73-9D3F-54717C8F2E2D} - \Web Protector Plus -> Keine Datei <==== ACHTUNG
Task: {374FECAC-3058-4AF3-ACFC-92141A52CD97} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ACHTUNG
Task: {37B07658-599A-4773-98C9-A400500AFB03} - System32\Tasks\FoxTab => C:\Users\Flori\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: {40BE3A37-1EFA-43DD-9C40-A82954A6A25D} - System32\Tasks\{8C7BB5F5-33C1-490A-9C06-2B98EF67D970} => Chrome.exe hxxp://ui.skype.com/ui/0/6.2.60.106/de/abandoninstall?page=tsProgressBar
Task: {49C6D6C9-8825-4DB1-913B-A26199703618} - \ShopperProJSUpd -> Keine Datei <==== ACHTUNG
Task: {4A4E4BA5-07A7-46A9-BD12-1A31F04D640A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3467504263-19935394-2474285127-1000Core => C:\Users\Flori\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-24] (Facebook Inc.)
Task: {4D3326D8-1415-4F20-849D-2D090A0FD711} - System32\Tasks\{20B2A162-71F0-4541-8C7D-CD3BA25AFF3D} => pcalua.exe -a "C:\Program Files (x86)\Feven 2.5\Uninstall.exe" -c /fromcontrolpanel=1
Task: {5D4C1131-AB28-473B-8593-72C27BD3EB3A} - \SMW_UpdateTask_Time_313638323633303335362d5b5b4a346c4123452a5a556c -> Keine Datei <==== ACHTUNG
Task: {771E76A4-7100-4A2F-A261-329089F929D0} - System32\Tasks\Run_Browser => C:\Users\Flori\AppData\Local\UnicoBrowser\Application\unicobrowser.exe <==== ACHTUNG
Task: {7DB49D23-FC09-4963-AEF1-E7BBA36CD5EB} - \bvxvyxvec -> Keine Datei <==== ACHTUNG
Task: {7E6BE0C1-1644-406E-B5C3-E24D22D033B5} - System32\Tasks\Smp => C:\Program Files\Common Files\Goobzo\GBUpdate\smp.exe <==== ACHTUNG
Task: {7E84AF4A-9EE5-4FB1-8363-5A149BE3569E} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ACHTUNG
Task: {808320B1-B66B-46EA-B53D-B7C83A7C8FFD} - \ShopperPro -> Keine Datei <==== ACHTUNG
Task: {895D584F-4755-4322-849C-9C0B8F217E97} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ACHTUNG
Task: {8ADFF2FC-7688-4175-A439-8373E98164ED} - \gtaUpt -> Keine Datei <==== ACHTUNG
Task: {9009F6CD-B88D-4A1A-91A4-A9D71549D014} - System32\Tasks\AdobeAAMUpdater-1.0-Flori-PC-Flori => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {922FF73D-5200-4B8D-B164-E87278AFE1C0} - \PhraseProfessor Auto Updater 1.10.0.21 Core -> Keine Datei <==== ACHTUNG
Task: {9514A226-3558-4EF4-B731-AEE4598CA3A1} - System32\Tasks\KCHDV => C:\ProgramData\7ab908b490c44993b797d817bd42cf5f\7ab908b490c44993b797d817bd42cf5f.exe <==== ACHTUNG
Task: {9E905EF6-D74A-4C98-B9F9-924AA969E710} - \Web Protector Plus Server -> Keine Datei <==== ACHTUNG
Task: {A0EC7E4D-CAF0-497E-AC23-71A34FFF3C86} - \SMupdate1 -> Keine Datei <==== ACHTUNG
Task: {A1C1019A-6872-4A3A-97C4-57295EA78352} - System32\Tasks\PostPoneInstall => C:\Users\Flori\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ACHTUNG
Task: {B120368A-E8A7-4031-8331-7AD06A8C307A} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ACHTUNG
Task: {B587F032-FC8D-470B-A291-9F279F474D6A} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ACHTUNG
Task: {BF29CC78-67E7-4DEF-B8FC-C573137344A2} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {C3C4D2F3-AFF5-4297-8020-D72C1DFC31A9} - \SMWUpd -> Keine Datei <==== ACHTUNG
Task: {C888E2F0-BD8F-48D1-8CB9-19EE105B758B} - \PhraseProfessor Auto Updater 1.10.0.21 Pending Update -> Keine Datei <==== ACHTUNG
Task: {CA4B58F7-7724-4C51-B02F-360F6538DCF3} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {D16B499B-728D-455D-A7B5-4C6BBBC50D7D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {D4B65E8A-480E-496D-886B-FEE61DBA7F7A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-21] (Adobe Systems Incorporated)
Task: {D64D1314-BDE3-42FE-8081-8213B2510B2A} - \SPDriver -> Keine Datei <==== ACHTUNG
Task: {E19DA052-5BF8-4AA3-B81E-1B32D9882820} - System32\Tasks\fun_coupons_notification_service => C:\Program Files (x86)\fun coupons\fun_coupons_notification_service.exe <==== ACHTUNG
Task: {EB30BF1A-05A2-4664-AB3D-2DA4BF932DB1} - \Feven 2.5-updater -> Keine Datei <==== ACHTUNG
Task: {F5E3FA93-6770-44F1-8F67-536B930DCF5C} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ACHTUNG
Task: {FA26D967-1D37-4A0A-841A-A039E639421E} - \BlockAndSurf Update -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3467504263-19935394-2474285127-1000Core.job => C:\Users\Flori\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3467504263-19935394-2474285127-1000UA.job => C:\Users\Flori\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FoxTab.job => 0x01060100E77114C1E567F644939DC0B66E0917D14600EE000000000044440000200000000014730F030007800013040000208021DF07080005001500170016000000BE0000003C0043003A005C00550073006500720073005C0046006C006F00720069005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C0046006F0078005400610062005C005500500044004100540045007E0031005C005500500044004100540045007E0031002E00450058004500000007002F0043006800650063006B0000000000060046006C006F007200690000000000000008000000000000000000010030000000D207030007000000000000000E001600A00500003C0000000000000001000000010000000000000000000000
Task: C:\Windows\Tasks\fun_coupons_notification_service.job => C:\Program Files (x86)\fun coupons\fun_coupons_notification_service.exeǧ/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='fun coupons' /appid='73143' /srcid='2913' /bic='76957094bf0727e68af597d3981b4172' /verifier='a56e2a19a49aef4835d21763b015e519' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ACHTUNG
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-06-14 10:32 - 2011-06-14 10:32 - 00011776 _____ () C:\Program Files (x86)\Dell\PowerNap\PowerNap.Service.exe
2011-06-14 10:32 - 2011-06-14 10:32 - 00057856 _____ () C:\Program Files (x86)\Dell\PowerNap\PowerNap.Core.dll
2015-06-13 14:17 - 2015-06-13 14:17 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2012-12-08 14:20 - 2012-02-07 18:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2012-08-30 13:46 - 2014-04-08 09:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2013-01-07 23:29 - 2013-12-13 14:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-01-26 00:37 - 2013-01-26 00:37 - 00851456 _____ () C:\Users\Flori\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2012-08-30 13:39 - 2014-04-08 09:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2015-06-09 22:36 - 2015-06-09 22:36 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libcef.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libGLESv2.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\platforms\qwindows.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\libEGL.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qgif.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qico.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qjpeg.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qmng.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qsvg.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\imageformats\qtiff.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick.2\qtquick2plugin.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-13 23:44 - 2015-08-13 23:44 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6087\qml\QtQml\Models.2\modelsplugin.dll
2014-10-16 18:31 - 2014-10-16 18:31 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2012-12-08 14:18 - 2011-11-29 21:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-12-08 14:20 - 2012-02-07 18:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-08-11 18:48 - 2015-08-21 10:48 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Flori:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Flori\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Flori\Cookies:gs5sys
AlternateDataStreams: C:\Users\Flori\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\Flori\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Flori\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Flori\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Flori\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Flori\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Flori\AppData\Local\Verlauf:gs5sys
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwf.sys => ""="Driver" <==== ACHTUNG
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cmwr.sys => ""="Driver" <==== ACHTUNG
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cmwf.sys => ""="Driver" <==== ACHTUNG
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cmwr.sys => ""="Driver" <==== ACHTUNG
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3467504263-19935394-2474285127-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Flori\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PowerNap.lnk => C:\Windows\pss\PowerNap.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PowerNapWatcher.lnk => C:\Windows\pss\PowerNapWatcher.lnk.CommonStartup
MSCONFIG\startupreg: EADM => "G:\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Flori\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleChromeAutoLaunch_FBC730D6C6ED6F33B0D1F432BE9B6770 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: icq => C:\Users\Flori\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{151D30D1-1E60-41BD-9803-D4FB8CD9151F}E:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) E:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{9DA68541-E215-4613-B1A6-0FD279DEF7C5}E:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) E:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [{79811BBC-0922-45BA-BC09-288335B8322C}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [{885A8CEC-ABE6-466E-8838-12C1A604DAFD}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [{415FC420-CEEB-4CCE-A9FD-6B64BD320881}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{16348616-BC52-4290-AC12-8BEFA0AE391F}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [TCP Query User{7591C154-7105-401A-AC2E-597F641B9058}E:\tdu2\testdrive2.exe] => (Allow) E:\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{DBFD46F6-CA6A-4643-87A1-2DFDF31532A3}E:\tdu2\testdrive2.exe] => (Allow) E:\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{F2A782FD-BC76-4FBD-9ED6-8FAB95219D13}E:\torchlight ii\tl2.runic.launcher.exe] => (Allow) E:\torchlight ii\tl2.runic.launcher.exe
FirewallRules: [UDP Query User{8F3364E8-C76C-43C8-9D62-70926036F2BC}E:\torchlight ii\tl2.runic.launcher.exe] => (Allow) E:\torchlight ii\tl2.runic.launcher.exe
FirewallRules: [TCP Query User{9A1A2093-D289-47F2-8328-4E377B591238}E:\torchlight ii\torchlight2.exe] => (Allow) E:\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{C8CEDFAB-776D-4C54-BF33-2EDE2865EB1C}E:\torchlight ii\torchlight2.exe] => (Allow) E:\torchlight ii\torchlight2.exe
FirewallRules: [TCP Query User{86EF8EBE-EA10-4516-91E1-A71C7E4C8381}E:\guild wars 2\gw2.exe] => (Allow) E:\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{ECF04945-B1EF-4C84-9B21-357BCAC7C29B}E:\guild wars 2\gw2.exe] => (Allow) E:\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{13C55EDA-90B3-4FC6-9E6B-F21AE367B8EF}E:\tdu2\uplauncher.exe] => (Allow) E:\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{58F62F76-10C1-4279-8FF4-E443ECD3F78C}E:\tdu2\uplauncher.exe] => (Allow) E:\tdu2\uplauncher.exe
FirewallRules: [{E6D3C161-1EB5-47DB-8345-27F7051D3A11}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield 3\bf3.exe
FirewallRules: [{903903AF-282B-4DE7-8418-B0684A0E3DF4}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield 3\bf3.exe
FirewallRules: [{8C087859-372D-4A40-A0D2-94AB019D7586}] => (Allow) C:\Users\Flori\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{4C8964C7-8ADF-4CFD-9C5D-92B794D87F44}] => (Allow) C:\Users\Flori\AppData\Roaming\ICQM\icq.exe
FirewallRules: [TCP Query User{46792ABF-C153-4B91-9E9B-E632F493D76A}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{4F17D02B-6EE3-4682-B5F1-11AC94BF618D}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [{6AB6385B-6246-4BF5-9788-B89E3979C317}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A0C6170A-9E3D-41F1-B76A-2E006EEC5E6B}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{001320A8-5DD6-49D3-BA75-474E1ED79917}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{D56033FF-6268-4348-9C14-52EF9EE85CC5}] => (Allow) E:\FarCry 3\bin\farcry3.exe
FirewallRules: [{AC339CAE-51F6-4A9B-B1D4-7CCBF4D43914}] => (Allow) E:\FarCry 3\bin\farcry3.exe
FirewallRules: [{A7953430-C88E-487A-9267-98309AAAC15D}] => (Allow) E:\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{FC528A02-5A95-4DF4-BEE4-E9835F80B7FA}] => (Allow) E:\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{997780B0-7D29-4281-9EF7-EA377A682241}] => (Allow) E:\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{14AD29C1-84F2-406E-BB75-A9883AD4AD98}] => (Allow) E:\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{27CBD00D-825A-42F5-A6BB-E6D9766EBACA}] => (Allow) E:\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{4C14E6B3-457A-4721-BF81-DEE7F206A7A6}] => (Allow) E:\FarCry 3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{7915E8CF-ACB1-4C78-99CD-F2DA752FF459}E:\farcry 3\bin\farcry3_d3d11.exe] => (Allow) E:\farcry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{3F6E9711-DB30-469C-81D9-CBF3600E7AD4}E:\farcry 3\bin\farcry3_d3d11.exe] => (Allow) E:\farcry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{B07EE1EF-94BB-4437-ACF9-5E4526FCDB1D}E:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) E:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [UDP Query User{DE7F0103-9157-4AEF-B823-5FD3BE7AFC72}E:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) E:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [{34341A5D-83FD-49C2-8A50-1EC02986C256}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{57681242-694C-4948-95D0-751AA562DCB8}] => (Allow) E:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [TCP Query User{3E67AE19-7695-41A0-8A68-44D3BDF5895D}E:\torchlight ii\tl2.runic.launcher.exe] => (Allow) E:\torchlight ii\tl2.runic.launcher.exe
FirewallRules: [UDP Query User{B8993202-0F4D-490D-8EFE-1370C9251CC1}E:\torchlight ii\tl2.runic.launcher.exe] => (Allow) E:\torchlight ii\tl2.runic.launcher.exe
FirewallRules: [{FB875587-0040-4DAC-81D3-736B9E115E4F}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FF013B24-75AB-487E-AA08-A3A5777CEFFA}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D2749801-D9CA-4F50-AE9B-32D00FFDFA9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{3C6198F6-717E-4540-8FAF-861C82A030CF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [TCP Query User{33583863-AE53-4282-B3FA-32FC87F61861}C:\users\flori\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flori\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B9A0203D-D8E8-4260-A876-190297AB6622}C:\users\flori\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flori\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EEC03CDB-9A90-4180-9F59-492DA5CF3818}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{73DBB4B4-CD56-4CF1-A921-B309E5BF4554}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{045DFBC3-B7B5-4BE5-9318-F8625CB69F29}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1CBFEC35-AC53-4D13-9C6F-B780B1DED0BE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{87FDA321-5C53-4B25-8CB8-B84892633155}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [UDP Query User{00EE1B03-2939-4BDA-BB43-8B5841DFE83D}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [TCP Query User{67E87333-11AA-4679-9F0F-795C75CC8C5F}C:\programdata\battle.net\agent\agent.beta.2426\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2426\agent.exe
FirewallRules: [UDP Query User{83AC4CFF-C950-4F33-9BBE-4277D2CBD642}C:\programdata\battle.net\agent\agent.beta.2426\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2426\agent.exe
FirewallRules: [{6EB0C30C-D786-46CB-80A3-2335A057D732}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{BC3DEF06-4A49-432D-9996-F831753DCC85}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{C63790EF-987E-4181-A90A-6847DD8B29BD}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{732B42E3-D10F-46B8-8E64-E497A9AAFC37}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [TCP Query User{5291D727-D8F2-4FF8-8E4B-AF756DC6CE07}E:\pes2014.exe] => (Allow) E:\pes2014.exe
FirewallRules: [UDP Query User{03B634BA-CCFE-4C08-9135-2F9833580280}E:\pes2014.exe] => (Allow) E:\pes2014.exe
FirewallRules: [{5650E581-60E4-48B6-8D23-A3128DB09608}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6FB29AC5-8F2B-4790-862D-E1C69B78B935}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4B74E570-5890-4D97-B5AB-3BE20928E9C9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8AD69826-C62A-4D5E-B1FC-86C732C0F8DD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{999D2B2D-EE46-43F8-A204-ABA3CA50CCD5}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{DFB004B3-0A14-46C7-94C6-B34E4F08D5D1}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{34F84F11-4832-4312-BCA8-BEBA9534E1AD}] => (Allow) C:\Program Files (x86)\Diablo III Beta 2013\Diablo III.exe
FirewallRules: [{E936E6DF-494B-483C-992E-90F9867E1006}] => (Allow) C:\Program Files (x86)\Diablo III Beta 2013\Diablo III.exe
FirewallRules: [TCP Query User{F3E73ABE-760A-4FF0-BEC5-662AE412B1DD}C:\programdata\battle.net\agent\agent.beta.2514\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2514\agent.exe
FirewallRules: [UDP Query User{7E35BF55-AA07-4511-9D2F-8DA536469E41}C:\programdata\battle.net\agent\agent.beta.2514\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2514\agent.exe
FirewallRules: [TCP Query User{1D0B05E5-6AC9-401A-8096-414DC3D26415}C:\users\flori\appdata\roaming\icqm\icq.exe] => (Allow) C:\users\flori\appdata\roaming\icqm\icq.exe
FirewallRules: [UDP Query User{4419D7D3-4003-4115-BCF5-858BA3BB63BC}C:\users\flori\appdata\roaming\icqm\icq.exe] => (Allow) C:\users\flori\appdata\roaming\icqm\icq.exe
FirewallRules: [{463343EB-65DC-4C3E-B471-3D467D722283}] => (Allow) E:\Electronic Arts\Battlefield 4\bf4_x86.exe
FirewallRules: [{6CD6A835-88C9-4FB5-A7B4-E411956F19DF}] => (Allow) E:\Electronic Arts\Battlefield 4\bf4_x86.exe
FirewallRules: [{0D86747A-2398-42CE-80C3-CBD856F71BD1}] => (Allow) E:\Electronic Arts\Battlefield 4\bf4.exe
FirewallRules: [{7D67361F-F480-4258-B138-D48E591A5880}] => (Allow) E:\Electronic Arts\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{1D240F4A-6981-432F-BE34-2AE250CC0DD9}C:\users\flori\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\flori\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D4E4BFE9-523E-4B07-97E4-2A97E8A15476}C:\users\flori\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\flori\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B742F7F2-BC98-48E6-813F-2E97627B7D3E}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [UDP Query User{7B5C2BFF-384B-4656-924A-391A7BD5CDBB}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [TCP Query User{CEDBA42B-BC70-41ED-8FE9-D720CD797D1D}E:\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe] => (Allow) E:\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe
FirewallRules: [UDP Query User{61934912-C480-44A0-9818-8CF1B5E885CC}E:\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe] => (Allow) E:\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe
FirewallRules: [{45A37D39-BEF7-424A-9F12-AB798E67F5E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{A85E215B-52D9-4CBE-AAC3-E2FBF915587F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{27AFFD40-8592-4D64-AE20-FBF5E09CAC9E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{BEDED5A7-1682-4DE1-B367-C66ABECC0EC3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{F19D72E1-A8D3-4214-BE4A-6915D9E53AA8}] => (Allow) E:\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{80D478AC-D191-40E3-A556-7A196AB5A98B}] => (Allow) E:\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{4FBDD9FD-7089-40FF-81A0-085176F48776}] => (Allow) E:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{65002B47-1B33-4473-B44F-0FEBC2EF5DC3}] => (Allow) E:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{62F6474A-3748-482F-9E98-07378863FFBE}] => (Allow) E:\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{47AF6106-0D8F-43E9-80B9-F63EF8C83C33}] => (Allow) E:\Steam\SteamApps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{F01C22C1-FD60-4192-85C8-9919FAEAA605}] => (Allow) E:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A089AF01-D63F-4FAB-8A4A-C964099BDCD6}] => (Allow) E:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FACEB6F1-24F8-4EFC-BFF9-DFA059C45681}] => (Allow) E:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{AA9463D8-4383-4180-8082-3E77A44AD730}] => (Allow) E:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{57D203A3-76A9-4406-86FB-B532E0528B72}] => (Allow) E:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{65184EBF-4E2D-4C34-8586-5A65029CE1C9}] => (Allow) E:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{7A31D478-074F-4907-8011-E6C84A001DFC}] => (Allow) E:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{634075CD-F9AC-430B-81B8-036FBFFCC5F3}] => (Allow) E:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{4EDE9F06-659B-402C-908E-DA5B9BE98BA4}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7B1618E5-B4D9-4538-A0AF-5FF8FC168688}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{F7C05C30-DB98-47BA-BC24-C81D9909C064}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{86BEF2CC-BFDE-4154-81D3-7DCDCF7C372F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{C580B1DA-8419-4CCA-9E6F-307B5803C309}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{B57E3ED9-51EF-4BA8-BF34-EDA4320DFFDA}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{5CB2B8CA-4A3E-4F1F-8B9F-87D1D24C6FDE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{6C6DF182-7250-44E8-91E0-D6E102B9F60C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{7D15E248-E98D-4451-AE5C-46441BF4A9D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{9AAE1A61-F1DE-49B2-943B-7C8D8C3FF538}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{2510885E-EBBA-4B84-B162-759F0C03640B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{0C5D8B98-6887-459C-8755-DBD312CB4B33}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{7B91B770-A00F-40E3-86FB-6F2B55DAFE01}] => (Allow) D:\FSetup.exe
FirewallRules: [{3F9D65F0-2E99-4042-AE7F-E4E5FEDA6A96}] => (Allow) D:\FSetup.exe
FirewallRules: [{BF029B8D-972A-42CC-B3C2-96A5C428FE1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{C3833921-ADFD-42C1-85A2-483B197145DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{A6A14926-3B42-490F-B001-5946C29722B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{F7D63496-A10D-4210-BD74-BE4CE050F0BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{E9D739F1-495F-4749-8974-A44A9E959DE5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{DC169119-36BB-4B61-A08B-50020DD9579C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{7916C68C-56BA-4971-86A1-3CC11198E6D0}E:\program files (x86)\rondomedia\the hunter 2014\launcher\launcher.exe] => (Allow) E:\program files (x86)\rondomedia\the hunter 2014\launcher\launcher.exe
FirewallRules: [UDP Query User{31C252CD-5F96-4E39-B437-DD44DD3C017B}E:\program files (x86)\rondomedia\the hunter 2014\launcher\launcher.exe] => (Allow) E:\program files (x86)\rondomedia\the hunter 2014\launcher\launcher.exe
FirewallRules: [{F1BE53DD-6991-4DE6-84BD-EDA0AF2F5027}] => (Allow) E:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{D37F27EA-DB27-4F1D-9B57-50BF4BDA4020}] => (Allow) E:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [TCP Query User{8CBBBF73-34DF-4D51-9B3E-D904840695A9}E:\program files (x86)\thehunter\game\thehunter.exe] => (Allow) E:\program files (x86)\thehunter\game\thehunter.exe
FirewallRules: [UDP Query User{5EB16453-95ED-4F81-8C43-73A17AFCFF2E}E:\program files (x86)\thehunter\game\thehunter.exe] => (Allow) E:\program files (x86)\thehunter\game\thehunter.exe
FirewallRules: [{68E991E3-770D-4C34-954D-F3E4994D50A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{B1ED02E7-F53B-4FA6-88B8-675099FE8D59}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{66D229B5-FD85-45D1-BE59-65466B1AB2CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{5CD76922-A44B-453A-B353-646C39919492}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{240A1954-B894-426E-AAE6-06F39E7D21C5}] => (Allow) E:\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{C4CB5B0D-C32B-4E24-B6A4-8B35CD5B0907}] => (Allow) E:\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{806FB0BC-85D0-48E8-B4A3-613935C60D59}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{E3E9DB35-9012-4335-A8A2-D681FC6B7195}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{E77C194A-929C-4166-AF18-C9D6DC46978C}] => (Allow) E:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{CA3BC6AF-7F07-45F5-A2DD-CCFEA5F9AED4}] => (Allow) E:\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{FBAEB132-0F08-48DB-9DAF-A44EE3A485BE}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{E890D701-AD1F-4F29-A59A-1B8F19435ABF}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{8CE3F4ED-C4D8-4ABA-9552-52AB8D6ECB67}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{98A37040-1C7B-4716-9D53-5FBBE990E265}] => (Allow) E:\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{4B716C05-E57A-43FB-99B6-EF7BAC3E8184}] => (Allow) E:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{3D0B1196-651F-42BF-9218-D263EAF4EDD5}] => (Allow) E:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D74A58C3-5B66-48BE-A631-4E71D4B621CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{938BC447-850E-4EDF-B092-4C5640C4C0DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{36DCE170-AE0A-4AAC-AD86-9C0FDC8B114C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{7DAC43B0-2398-46CE-AC73-696DA0E4C1D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{4E181CE4-F992-4E1A-A7EA-113CB7C4C418}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E65BC7BF-BE49-4925-8973-5F4CC824385F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{5AFBDB52-FA5D-4076-BB82-DC59A0FEA648}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{DA9508AD-3316-461F-ABF4-D04EC596BBDA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{4716053F-FE28-4773-9A8C-578765262D21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{F1A1A82F-64A8-4D0C-8B56-1FD0EB699D22}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{3F00641B-83A0-46BA-B0DD-ADD5B933D22F}] => (Allow) C:\Users\Flori\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{58704523-61B3-4657-9A19-6AB8D10D54B4}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{EEF2CA8E-0121-40D1-A6C6-42AC677ED602}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{15A3C563-906F-4AC8-A2E8-B641549C0386}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{0D9D917C-7967-4396-93FF-7A6250F8DC7D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{43C2D683-B458-4A0D-86AF-1671A83F3010}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{2923E69B-FD94-44F1-902A-F9032276999E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{EBBF4564-A27F-4DB6-BDA2-2880C282AAC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{8E555122-8096-43C5-818D-3378A4E0A532}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{CC9BE768-3517-46C1-A307-DFF4545F67C0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{BC3D4EEC-B263-4705-BC4A-7B267C01D0E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{732327CF-E234-43F5-8523-329110745B47}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{FBD4EE86-AC2A-46F1-945E-1A8F4B9FA317}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{AF2F168D-E369-4396-8F2A-C4C24E436F87}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{753FB9A6-3D53-41A2-84BD-BDBF00E170F7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{C81D684F-E367-4277-8004-7FB7F8F96E4F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{DB2B29FB-E394-47E2-8070-0D7827B16A86}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{6A0A41C1-542A-4A86-8F63-EE316EBC041A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{FE9FF99B-3E1F-46D4-891A-1EDC064167F2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{4CA5EBBC-56B2-4C50-8783-C5F10FA2767E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{E0405322-E76E-4257-8531-735083B3C54F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{9FC94A95-A853-4919-A1C7-366A91B8F925}] => (Allow) E:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{3F3B5BDB-3AF3-4235-9F1A-CD831C867571}] => (Allow) E:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{E333C9CD-6E32-4CC8-AAF5-43C77091AC3D}] => (Allow) E:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{7BD85E03-5FDA-4EDB-ADC7-322DCEEAF644}] => (Allow) E:\Program Files (x86)\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{12771DE7-6B77-477A-A088-84C14FCFB49A}] => (Allow) E:\Program Files (x86)\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{59DE2570-47A6-402F-A458-6363B748E52E}] => (Allow) E:\Program Files (x86)\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{15E06C01-D99D-4061-BFF5-51F6B474B13D}] => (Allow) E:\Program Files (x86)\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{B1DB8DA0-3F2E-431B-B81A-2ABF873E93E3}] => (Allow) E:\Program Files (x86)\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{F149136A-45D6-49CC-AE6A-F603175AD7B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{A21C8F49-D8F7-47EC-857E-7425F512BE1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{E1E2086A-5E0C-4ADF-ABD5-C6F26FB59504}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{78CF808B-FF62-4C79-92ED-3918410E3D5F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{A5E12672-271F-4463-9EAA-A50A783ABC29}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{819C20AB-7C83-4821-8D0E-4A9598F9CFB7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{D2E75137-3453-4591-91C5-10BE8A7D5EE2}G:\world of warcraft\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) G:\world of warcraft\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [UDP Query User{E1441A2D-0CB6-4C6E-8993-75DCE48C966F}G:\world of warcraft\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) G:\world of warcraft\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [{8C1040A1-8831-4704-9E53-0901ADEDCE25}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{F1912070-6B86-4B75-8B14-668A7E50C718}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{3B5EE4B8-B7D9-4B63-85A0-E99B3D46835B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{F27BB77B-97DE-45AC-9069-C9043E9EA558}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{B9693612-6389-4F85-9876-4681E175A319}G:\world of warcraft\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Block) G:\world of warcraft\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7B92282F-6DDE-4BB8-8BCE-60486BF7F466}G:\world of warcraft\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Block) G:\world of warcraft\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [{1271A988-2C8D-4174-8250-928E344BF8B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{1E3C2E9F-A299-4FEA-B36B-127BB5826FFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{84857F24-47E4-4C00-834A-D5B927B7D762}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{04029AA5-AFA3-4D3C-BB7E-D5A44BD27BEE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{F77FD719-4FE4-4A65-8DB7-D2DFA66D113F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{F9BEF7EE-A475-4DB5-BC56-917A0030AFF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{57435BBC-F844-4FD3-BB86-14E56C3A1DB1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{2B3D1C1B-02C3-4AC4-8DBE-8787C114B973}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{C9F9A197-8E1E-4A78-897A-70AAE1A9A805}] => (Allow) E:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B3173256-3678-44A9-95E3-1C6320F063B2}] => (Allow) E:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FEDED793-97AE-4AC9-B725-0322A44FE7B7}] => (Allow) E:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{90E09D6B-183B-4521-9952-4F5621F97B9E}] => (Allow) E:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{02DB6654-F6F2-4607-ABA6-BF7D07B4E9FB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D95632C2-060C-4368-927A-36752C2EBBCB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AFD0D8FF-1EAD-4B41-B14D-FDD1248FC06D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/22/2015 10:35:40 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (08/22/2015 10:35:39 AM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
Error: (08/21/2015 11:25:27 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (08/21/2015 11:25:26 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
Error: (08/21/2015 11:24:21 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (08/21/2015 11:24:20 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
Error: (08/21/2015 11:23:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a6a196
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006eea2
ID des fehlerhaften Prozesses: 0x94c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3
Error: (08/21/2015 10:55:12 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (08/21/2015 08:42:17 PM) (Source: Google Update) (EventID: 20) (User: Flori-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned
Error: (08/21/2015 07:38:51 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Systemfehler:
=============
Error: (08/22/2015 10:37:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet:
%%-2147014790
Error: (08/22/2015 10:37:47 AM) (Source: WMPNetworkSvc) (EventID: 14348) (User: )
Description: 0x80070057
Error: (08/22/2015 10:37:47 AM) (Source: WMPNetworkSvc) (EventID: 14323) (User: )
Description: WMPNetworkSvc0xc00d4268
Error: (08/22/2015 10:37:47 AM) (Source: WMPNetworkSvc) (EventID: 14356) (User: )
Description: 0x80070057
Error: (08/22/2015 10:37:47 AM) (Source: WMPNetworkSvc) (EventID: 14323) (User: )
Description: WMPNetworkSvc0xc00d4268
Error: (08/22/2015 10:37:47 AM) (Source: WMPNetworkSvc) (EventID: 14323) (User: )
Description: WMPNetworkSvc0xc00d4268
Error: (08/22/2015 10:37:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/22/2015 10:37:44 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147014790.
Error: (08/22/2015 10:37:44 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des BITS-Dienstes. Fehler: 2147952506.
Error: (08/22/2015 10:36:34 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Microsoft Office:
=========================
Error: (08/22/2015 10:35:40 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (08/22/2015 10:35:39 AM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
Error: (08/21/2015 11:25:27 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (08/21/2015 11:25:26 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
Error: (08/21/2015 11:24:21 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (08/21/2015 11:24:20 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
Error: (08/21/2015 11:23:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.1893355a6a196c000000d000000000006eea294c01d0dc53abea3f39C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllebab9366-484a-11e5-a9c8-bc5ff45e1593
Error: (08/21/2015 10:55:12 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (08/21/2015 08:42:17 PM) (Source: Google Update) (EventID: 20) (User: Flori-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned
Error: (08/21/2015 07:38:51 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
CodeIntegrity:
===================================
Date: 2015-08-10 23:00:16.640
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-10 22:45:43.206
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-10 22:45:43.075
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-10 22:45:42.922
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-10 22:45:42.783
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-10 22:45:42.621
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-10 22:24:11.540
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-10 21:55:37.208
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-10 21:47:08.585
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-10 19:45:49.450
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8087.06 MB
Verfügbarer physikalischer RAM: 5435.72 MB
Summe virtueller Speicher: 16172.33 MB
Verfügbarer virtueller Speicher: 12969.92 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:2.38 GB) NTFS
Drive d: (Lightroom 6) (CDROM) (Total:1.51 GB) (Free:0 GB) CDFS
Drive e: (Spiele) (Fixed) (Total:489.06 GB) (Free:42.55 GB) NTFS
Drive f: (Musik und Videos) (Fixed) (Total:449.22 GB) (Free:393.3 GB) NTFS
Drive g: (Daten) (Fixed) (Total:458.98 GB) (Free:317.22 GB) NTFS
Drive h: (Volume) (Fixed) (Total:244.14 GB) (Free:122.13 GB) NTFS
Drive i: (Volume) (Fixed) (Total:221.62 GB) (Free:86.41 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 6FBEE458)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 6FBEE44D)
Partition 1: (Not Active) - (Size=489.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=459 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BFEB508C)
Partition 1: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)
==================== Ende von Ergebnis ============================
|
|
22.08.2015, 10:26
| #4 |
| | Lösung: Trojaner Verseucht kommplettes WindosCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015 03 durchgeführt von Flori (Administrator) auf FLORI-PC (22-08-2015 11:23:10) Gestartet von G:\D Geladene Profile: Flori (Verfügbare Profile: Flori) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AMD) C:\Windows\System32\atieclxx.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe () C:\Program Files (x86)\Dell\PowerNap\PowerNap.Service.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Imfinity Pte Ltd) C:\Program Files (x86)\Dell\PowerNap\PowerNapWatcher.exe (Spotify Ltd) C:\Users\Flori\AppData\Roaming\Spotify\SpotifyWebHelper.exe (ICQ) C:\Users\Flori\AppData\Roaming\ICQM\icq.exe () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Adobe Systems Incorporated) C:\Windows\Temp\CreativeCloudSet-Up.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4318\Agent.exe (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6087\Battle.net.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-06-13] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: igfxdev.dll [X] Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-3467504263-19935394-2474285127-1000\...\Run: [Spotify Web Helper] => C:\Users\Flori\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-04] (Spotify Ltd) HKU\S-1-5-21-3467504263-19935394-2474285127-1000\...\Run: [icq] => C:\Users\Flori\AppData\Roaming\ICQM\icq.exe [26599784 2013-01-26] (ICQ) HKU\S-1-5-21-3467504263-19935394-2474285127-1000\...\Run: [Spotify] => C:\Users\Flori\AppData\Roaming\Spotify\Spotify.exe [7675448 2015-08-04] (Spotify Ltd) HKU\S-1-5-21-3467504263-19935394-2474285127-1000\...\Run: [CrashService] => "C:\Users\Flori\AppData\Local\UnicoBrowser\Application\crash_service.exe" --max-reports=50 --no-window HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-21] (Microsoft Corporation) AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll Datei nicht gefunden AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" Datei nicht gefunden Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-29] ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] () GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:49352;https=127.0.0.1:49352 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-3467504263-19935394-2474285127-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKU\S-1-5-21-3467504263-19935394-2474285127-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie URLSearchHook: HKLM-x32 -> Standard = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-3467504263-19935394-2474285127-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3467504263-19935394-2474285127-1000 -> {57740DD2-9084-4C2C-93E5-355F972C99F4} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3467504263-19935394-2474285127-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE Toolbar: HKU\S-1-5-21-3467504263-19935394-2474285127-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll File Not ' & $found1 & ' Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll File Not ' & $found1 & ' Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll File Not ' & $found1 & ' Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll File Not ' & $found1 & ' Winsock: Catalog9-x64 15 C:\Windows\system32\ColorMedia64.dll File Not ' & $found1 & ' Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{FD104947-4903-4E49-9683-F182AF59C890}: [DhcpNameServer] 192.168.2.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Flori\AppData\Roaming\Mozilla\Firefox\Profiles\kjz23z7z.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-21] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-01-09] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-06-13] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-21] () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-01-09] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-06-13] (Adobe Systems) FF Plugin HKU\S-1-5-21-3467504263-19935394-2474285127-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Flori\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-3467504263-19935394-2474285127-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-05-09] (Ubisoft) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012-12-08] FF HKU\S-1-5-21-3467504263-19935394-2474285127-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-21] Chrome: ======= CHR Profile: C:\Users\Flori\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-08-21] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14] CHR Extension: (Kein Name) - C:\Users\Flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\nefahkmlidbmfcahifdnedaidfmmclie [2015-08-11] CHR Extension: (Google Wallet) - C:\Users\Flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-14] CHR HKLM\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\Flori\AppData\Local\foxtab_speeddial.crx <nicht gefunden> CHR HKU\S-1-5-21-3467504263-19935394-2474285127-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\Flori\AppData\Local\foxtab_speeddial.crx <nicht gefunden> CHR HKU\S-1-5-21-3467504263-19935394-2474285127-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3467504263-19935394-2474285127-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - https://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3467504263-19935394-2474285127-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\Flori\AppData\Local\foxtab_speeddial.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [ealchnonpofjocgofjpopjdoegbbkofj] - C:\Program Files (x86)\HappyLyrics\Chrome.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2012-12-08] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 dell_power_nap_service; C:\Program Files (x86)\Dell\PowerNap\PowerNap.Service.exe [11776 2011-06-14] () [Datei ist nicht signiert] R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [Datei ist nicht signiert] R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-13] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58528 2015-08-11] (YTDownloader) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-08-22] () S1 afmvaxws; \??\C:\Windows\system32\drivers\afmvaxws.sys [X] S1 bnxbyrkt; \??\C:\Windows\system32\drivers\bnxbyrkt.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-22 11:22 - 2015-08-22 11:23 - 00000000 ____D C:\FRST 2015-08-22 10:41 - 2015-08-22 10:41 - 00000000 ____D C:\Users\Flori\AppData\Local\Macromedia 2015-08-21 18:09 - 2015-08-21 23:12 - 00001421 _____ C:\Users\Flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-08-21 18:03 - 2015-08-21 18:03 - 00000000 ____D C:\Users\Flori\AppData\Local\ESET 2015-08-21 18:01 - 2015-08-21 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2015-08-21 18:01 - 2015-08-21 18:01 - 00000000 ____D C:\ProgramData\ESET 2015-08-21 18:01 - 2015-08-21 18:01 - 00000000 ____D C:\Program Files\ESET 2015-08-21 17:50 - 2015-08-21 17:50 - 00000000 ____D C:\ProgramData\AVAST Software 2015-08-21 17:49 - 2015-08-22 10:36 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-21 17:49 - 2015-08-21 17:49 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-21 17:49 - 2015-08-21 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-21 17:48 - 2015-08-21 17:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-08-21 17:48 - 2015-08-21 17:48 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-08-21 17:48 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-21 17:48 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-08-21 17:48 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-08-21 17:45 - 2015-08-22 10:40 - 00000000 ____D C:\Users\Flori\AppData\Local\Mozilla 2015-08-21 17:45 - 2015-08-21 23:12 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-08-21 17:45 - 2015-08-21 23:12 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-08-21 17:45 - 2015-08-21 17:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-21 17:41 - 2015-08-21 17:39 - 41785048 ____N C:\Users\Flori\Desktop\Firefox Setup 40.0.2.exe 2015-08-21 17:28 - 2015-08-21 10:49 - 00000030 _____ C:\AVScanner.ini 2015-08-21 09:13 - 2015-08-22 10:35 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2015-08-20 00:26 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-08-20 00:26 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-08-20 00:26 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-08-20 00:26 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-08-16 09:31 - 2015-08-16 09:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer 2015-08-14 14:07 - 2015-08-14 14:38 - 00000000 ____D C:\Windows\rescache 2015-08-13 00:42 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-13 00:42 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-12 19:20 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-08-12 19:20 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-08-12 19:20 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-08-12 19:20 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-08-12 19:20 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-08-12 19:20 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-08-12 19:20 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-08-12 19:20 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-08-12 19:20 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-08-12 19:20 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-08-12 19:20 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-08-12 19:20 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-08-12 19:20 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-08-12 19:20 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-08-12 19:20 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-08-12 19:20 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-08-12 19:20 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-08-12 19:20 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-08-12 19:20 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-08-12 19:20 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-08-12 19:20 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-08-12 19:20 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-08-12 19:20 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-08-12 19:20 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-08-12 19:20 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-08-12 19:20 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-08-12 19:20 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-08-12 19:20 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-08-12 19:20 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-08-12 19:20 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-08-12 19:20 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-08-12 19:20 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-08-12 19:20 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-08-12 19:20 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-08-12 19:20 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-08-12 19:20 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-08-12 19:20 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-08-12 19:20 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-08-12 19:20 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-08-12 19:20 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-08-12 19:20 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-08-12 19:20 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-08-12 19:20 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-08-12 19:20 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-08-12 19:20 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-08-12 19:20 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-08-12 19:20 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-08-12 19:20 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-08-12 19:20 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2015-08-12 19:20 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2015-08-12 19:20 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-08-12 19:20 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2015-08-12 19:20 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2015-08-12 19:20 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-08-12 19:20 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-08-12 19:20 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-08-12 19:20 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-08-12 19:20 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-08-12 19:20 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-08-12 19:20 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-08-12 19:20 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-08-12 19:20 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-08-12 19:20 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-08-12 19:20 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-08-12 19:20 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-08-12 19:20 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-08-12 19:20 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-08-12 19:20 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-08-12 19:20 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-08-12 19:20 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-08-12 19:20 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-08-12 19:20 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-08-12 19:20 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-08-12 19:20 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-08-12 19:20 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-08-12 19:20 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-08-12 19:20 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-08-12 19:20 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-08-12 19:20 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-08-12 19:20 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-08-12 19:20 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-08-12 19:20 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-08-12 19:20 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-08-12 19:20 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-08-12 19:20 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-08-12 19:20 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-08-12 19:20 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-08-12 19:20 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-08-12 19:20 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-08-12 19:20 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-08-12 19:20 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-08-12 19:20 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-08-12 19:20 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-08-12 19:20 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-08-12 19:20 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-08-12 19:20 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-08-12 19:20 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-08-12 19:20 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-08-12 19:20 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-08-12 19:20 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-08-12 19:20 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-08-12 19:20 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-08-12 19:20 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-08-12 19:20 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-08-12 19:20 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-08-12 19:20 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-08-12 19:20 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-08-12 19:20 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2015-08-12 19:20 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2015-08-12 19:20 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2015-08-12 19:20 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2015-08-12 19:20 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2015-08-12 19:20 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2015-08-12 19:19 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-08-12 19:19 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-08-12 19:19 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-08-12 19:19 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-08-12 19:19 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-08-12 19:19 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-08-12 19:19 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-08-12 19:19 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-08-12 19:19 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-08-12 19:19 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-08-12 19:19 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-08-12 19:19 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-08-12 19:19 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-08-12 19:19 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-08-12 19:19 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-08-12 19:19 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-08-12 19:19 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-12 19:19 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-12 19:19 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-12 19:19 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-12 19:19 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-12 19:19 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-08-12 19:19 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-12 19:19 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-12 19:19 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-12 19:19 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-12 19:19 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-12 19:19 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-12 19:19 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-12 19:19 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-12 19:19 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-08-12 19:19 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-08-12 19:19 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-12 19:19 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-08-12 19:19 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-08-12 19:19 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-12 19:19 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-12 19:19 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-12 19:19 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-12 19:19 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-08-12 19:19 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-08-12 19:19 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-08-12 19:19 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-08-12 19:19 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-08-12 19:19 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-08-12 19:19 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-08-12 19:19 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-08-12 19:19 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-08-12 19:19 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-08-12 19:19 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-08-12 19:19 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2015-08-12 19:19 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2015-08-12 19:19 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2015-08-12 19:19 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2015-08-11 18:30 - 2015-08-21 18:45 - 00000000 ____D C:\Program Files (x86)\2b1c2aac-ecbd-45d4-8320-ab16262601f5 2015-08-11 18:25 - 2015-08-11 18:25 - 00003904 _____ C:\Windows\System32\Tasks\YTDownloaderUpd 2015-08-11 18:25 - 2015-08-11 18:25 - 00003840 _____ C:\Windows\System32\Tasks\Smp 2015-08-11 18:25 - 2015-08-11 18:25 - 00003582 _____ C:\Windows\System32\Tasks\YTDownloader 2015-08-11 18:25 - 2015-08-11 18:25 - 00000000 ____D C:\Users\Flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader 2015-08-11 18:24 - 2015-08-21 18:45 - 00000000 ____D C:\Program Files (x86)\YTDownloader 2015-08-11 18:24 - 2015-08-21 18:45 - 00000000 ____D C:\Program Files (x86)\ShopperPro 2015-08-10 19:41 - 2015-08-21 18:45 - 00000000 ____D C:\Program Files (x86)\ORBTR 2015-08-04 18:15 - 2015-08-04 18:15 - 00000000 ____D C:\Users\Flori\AppData\Local\CEF 2015-07-31 21:40 - 2015-08-21 18:05 - 00000000 ____D C:\Program Files (x86)\Open Tweet Filter 2015-07-31 21:40 - 2015-08-21 18:05 - 00000000 ____D C:\Program Files (x86)\deal4realo 2015-07-31 21:40 - 2015-08-21 18:05 - 00000000 ____D C:\Program Files (x86)\deal44real 2015-07-28 18:40 - 2015-08-21 18:05 - 00000000 ____D C:\Program Files (x86)\Search By eSpeedCheck 2015-07-28 18:40 - 2015-08-21 18:05 - 00000000 ____D C:\Program Files (x86)\SaovErona 2015-07-27 18:51 - 2015-08-21 18:05 - 00000000 ____D C:\Program Files (x86)\PriceeDOwwnloADer 2015-07-27 18:51 - 2015-08-21 18:05 - 00000000 ____D C:\Program Files (x86)\Instant Translate 2015-07-23 22:32 - 2015-08-21 23:12 - 00000000 ____D C:\Program Files (x86)\globalUpdate 2015-07-23 22:32 - 2015-08-21 18:45 - 00000000 ____D C:\Program Files (x86)\1ca46774-821f-42b2-83e9-62aaf9c4a308 2015-07-23 22:32 - 2015-07-23 22:37 - 00000000 ____D C:\Users\Flori\AppData\Local\%PRODUCTNAME% ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-22 11:23 - 2013-11-20 21:45 - 00000000 ____D C:\Users\Flori\AppData\Local\Battle.net 2015-08-22 10:57 - 2013-11-15 15:11 - 00000000 ____D C:\Users\Flori\AppData\Local\Spotify 2015-08-22 10:56 - 2013-11-15 15:10 - 00000000 ____D C:\Users\Flori\AppData\Roaming\Spotify 2015-08-22 10:42 - 2009-07-14 06:45 - 00027024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-22 10:42 - 2009-07-14 06:45 - 00027024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-22 10:40 - 2009-07-14 19:58 - 00709900 _____ C:\Windows\system32\perfh007.dat 2015-08-22 10:40 - 2009-07-14 19:58 - 00154336 _____ C:\Windows\system32\perfc007.dat 2015-08-22 10:40 - 2009-07-14 07:13 - 01649556 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-22 10:37 - 2012-12-08 14:12 - 01575607 _____ C:\Windows\WindowsUpdate.log 2015-08-22 10:35 - 2015-06-20 13:37 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-08-22 10:35 - 2015-06-19 23:22 - 00000000 ____D C:\Users\Flori\AppData\Local\Adobe 2015-08-22 10:35 - 2015-02-12 12:21 - 00013617 _____ C:\Windows\setupact.log 2015-08-22 10:35 - 2014-01-11 12:02 - 00761504 _____ C:\Windows\PFRO.log 2015-08-22 10:35 - 2012-12-08 14:22 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys 2015-08-22 10:35 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-22 10:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-21 23:24 - 2015-01-22 11:32 - 00000000 ____D C:\ProgramData\7ab908b490c44993b797d817bd42cf5f 2015-08-21 23:22 - 2014-01-11 17:22 - 00000288 _____ C:\Windows\Tasks\FoxTab.job 2015-08-21 23:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-08-21 23:13 - 2012-12-08 19:38 - 00000000 ____D C:\Users\Flori\AppData\Roaming\TS3Client 2015-08-21 23:12 - 2014-10-06 18:02 - 00000000 ____D C:\Users\Flori\AppData\Local\com 2015-08-21 23:12 - 2014-06-24 20:58 - 00000000 ____D C:\Users\Flori\AppData\Roaming\SimplyTech 2015-08-21 23:12 - 2014-01-11 17:23 - 00000000 ____D C:\Users\Flori\AppData\Roaming\systweak 2015-08-21 23:12 - 2014-01-11 17:22 - 00000000 ____D C:\Users\Flori\AppData\Roaming\FoxTab 2015-08-21 23:12 - 2014-01-11 17:22 - 00000000 ____D C:\Program Files (x86)\Foxtab 2015-08-21 23:12 - 2013-09-02 20:55 - 00000000 ____D C:\ProgramData\eSafe 2015-08-21 23:12 - 2013-06-16 11:14 - 00000000 ____D C:\Users\Flori\AppData\Roaming\BabSolution 2015-08-21 23:11 - 2014-06-24 20:58 - 00000000 ____D C:\temp 2015-08-21 22:55 - 2015-04-01 17:32 - 00001320 _____ C:\Windows\Tasks\fun_coupons_notification_service.job 2015-08-21 22:55 - 2012-12-08 14:20 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2015-08-21 20:48 - 2014-07-26 14:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-21 20:42 - 2013-03-24 21:37 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3467504263-19935394-2474285127-1000UA.job 2015-08-21 20:42 - 2013-03-24 21:37 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3467504263-19935394-2474285127-1000Core.job 2015-08-21 18:46 - 2015-04-14 07:33 - 00000000 ____D C:\Users\Flori\AppData\Roaming\Mozilla 2015-08-21 18:45 - 2015-05-29 13:50 - 00000000 ____D C:\Program Files (x86)\GamesTechStore 2015-08-21 18:45 - 2015-04-22 19:35 - 00000000 ____D C:\Program Files (x86)\1502d9d4-b7bd-4a2b-829a-c8cf6e536d7f 2015-08-21 18:45 - 2013-11-15 15:09 - 00000000 ____D C:\Program Files (x86)\VideoPlayer 2015-08-21 18:45 - 2012-12-08 14:21 - 00000000 ____D C:\Program Files (x86)\ASM106xSATA 2015-08-21 18:20 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System 2015-08-21 18:09 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2015-08-21 18:08 - 2015-04-01 18:32 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-08-21 18:06 - 2014-11-22 01:36 - 00000000 ____D C:\Program Files (x86)\documentnice 2015-08-21 18:05 - 2015-07-17 21:00 - 00000000 ____D C:\Program Files (x86)\soaveitkeeeP 2015-08-21 18:05 - 2015-07-17 21:00 - 00000000 ____D C:\Program Files (x86)\savEitkeEP.i 2015-08-21 18:05 - 2015-07-17 21:00 - 00000000 ____D C:\Program Files (x86)\JSBeautify for Chrome 2015-08-21 18:05 - 2015-07-13 17:36 - 00000000 ____D C:\Program Files (x86)\SoaveiutkEep 2015-08-21 18:05 - 2015-07-13 17:36 - 00000000 ____D C:\Program Files (x86)\PowerInbox 2015-08-21 18:05 - 2015-07-10 14:39 - 00000000 ____D C:\Program Files (x86)\suirfkeeepit 2015-08-21 18:05 - 2015-07-10 14:39 - 00000000 ____D C:\Program Files (x86)\History Eraser 2015-08-21 18:05 - 2015-06-27 00:48 - 00000000 ____D C:\Program Files (x86)\Sticky Notes Just popped up 2015-08-21 18:05 - 2015-06-27 00:48 - 00000000 ____D C:\Program Files (x86)\APPptooiU 2015-08-21 18:05 - 2015-06-08 20:47 - 00000000 ____D C:\Program Files (x86)\PhotoMania 2015-08-21 18:05 - 2015-05-27 20:34 - 00000000 ____D C:\Program Files (x86)\Starcraft 2 Stream Browser 2015-08-21 18:05 - 2015-05-27 20:34 - 00000000 ____D C:\Program Files (x86)\CooOlSaleeCouppon 2015-08-21 18:05 - 2015-05-21 20:29 - 00000000 ____D C:\Program Files (x86)\gemoji chrome 2015-08-21 18:05 - 2015-05-21 20:29 - 00000000 ____D C:\Program Files (x86)\CulickForSale 2015-08-21 18:05 - 2015-01-10 22:37 - 00000000 ____D C:\ProgramData\fbpkcghnafnnclgmhbhedkiogfpfffaa 2015-08-21 18:05 - 2013-12-24 12:36 - 00000000 ____D C:\Users\Flori\AppData\Local\genienext 2015-08-21 18:00 - 2012-12-08 14:35 - 00001912 _____ C:\Windows\epplauncher.mif 2015-08-21 17:54 - 2014-12-10 21:29 - 00000000 ____D C:\ProgramData\LauckyShoppEEr 2015-08-21 17:45 - 2013-06-16 11:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-21 12:12 - 2012-12-08 14:20 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2015-08-21 10:49 - 2013-01-07 20:55 - 00000000 ____D C:\Users\Flori\AppData\Local\CrashDumps 2015-08-21 10:48 - 2014-07-26 14:13 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-21 10:48 - 2014-07-26 14:13 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-21 10:48 - 2014-07-26 14:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-21 09:44 - 2012-12-30 15:31 - 00000000 ____D C:\Users\Flori\Desktop\spiel 2015-08-21 09:30 - 2012-12-08 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-08-18 20:44 - 2014-01-24 18:24 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-08-18 13:38 - 2013-11-20 21:45 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-08-13 17:19 - 2014-12-11 19:19 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-13 17:19 - 2014-05-06 06:37 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-13 17:19 - 2009-07-14 06:45 - 00267816 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-13 00:41 - 2014-08-31 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-08-13 00:41 - 2014-08-31 02:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-08-13 00:41 - 2014-08-31 02:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-08-13 00:38 - 2013-07-16 23:00 - 00000000 ____D C:\Windows\system32\MRT 2015-08-13 00:31 - 2012-12-08 16:03 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-08-11 18:48 - 2015-01-23 19:48 - 09284296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-08-10 19:33 - 2014-02-18 18:51 - 00000008 _____ C:\END 2015-08-06 17:25 - 2014-11-22 11:35 - 00000020 _____ C:\Users\Flori\AppData\Roaming\appdataFr2.bin 2015-07-23 22:37 - 2012-12-08 14:12 - 00000000 ____D C:\Users\Flori 2015-07-23 19:18 - 2015-07-05 19:09 - 00000000 ____D C:\Program Files (x86)\Massive Insect ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-11-22 11:35 - 2015-08-06 17:25 - 0000020 _____ () C:\Users\Flori\AppData\Roaming\appdataFr2.bin 2015-06-28 00:22 - 2015-06-28 00:22 - 0000024 _____ () C:\Users\Flori\AppData\Roaming\appdataFr25.bin 2015-01-27 13:54 - 2015-04-22 18:19 - 0000020 _____ () C:\Users\Flori\AppData\Roaming\appdataFr3.bin 2015-06-22 20:47 - 2015-06-22 22:23 - 0000112 _____ () C:\Users\Flori\AppData\Roaming\JP2K CS6 Prefs 2015-06-20 17:07 - 2015-06-21 21:43 - 0000028 _____ () C:\Users\Flori\AppData\Roaming\kulerdata.json 2014-01-11 17:22 - 2015-06-28 01:22 - 0000361 _____ () C:\Users\Flori\AppData\Roaming\WB.CFG 2014-01-11 17:22 - 2014-02-01 01:22 - 0000005 _____ () C:\Users\Flori\AppData\Roaming\WBPU-TTL.DAT 2013-05-18 23:12 - 2013-05-18 23:12 - 0000093 _____ () C:\Users\Flori\AppData\Local\fusioncache.dat Einige Dateien in TEMP: ==================== C:\Users\Flori\AppData\Local\Temp\10224.exe C:\Users\Flori\AppData\Local\Temp\10435.exe C:\Users\Flori\AppData\Local\Temp\12590.exe C:\Users\Flori\AppData\Local\Temp\12739.exe C:\Users\Flori\AppData\Local\Temp\12953.exe C:\Users\Flori\AppData\Local\Temp\13656.exe C:\Users\Flori\AppData\Local\Temp\14142.exe C:\Users\Flori\AppData\Local\Temp\14819.exe C:\Users\Flori\AppData\Local\Temp\16235.exe C:\Users\Flori\AppData\Local\Temp\16251.exe C:\Users\Flori\AppData\Local\Temp\17300.exe C:\Users\Flori\AppData\Local\Temp\1807.exe C:\Users\Flori\AppData\Local\Temp\18839.exe C:\Users\Flori\AppData\Local\Temp\18876669-1650-4c82-9fe8-ec467308849d.exe C:\Users\Flori\AppData\Local\Temp\20260.exe C:\Users\Flori\AppData\Local\Temp\21393.exe C:\Users\Flori\AppData\Local\Temp\21499.exe C:\Users\Flori\AppData\Local\Temp\21901.exe C:\Users\Flori\AppData\Local\Temp\24538.exe C:\Users\Flori\AppData\Local\Temp\24987.exe C:\Users\Flori\AppData\Local\Temp\25619.exe C:\Users\Flori\AppData\Local\Temp\27013.exe C:\Users\Flori\AppData\Local\Temp\27519.exe C:\Users\Flori\AppData\Local\Temp\28165.exe C:\Users\Flori\AppData\Local\Temp\29058.exe C:\Users\Flori\AppData\Local\Temp\29750.exe C:\Users\Flori\AppData\Local\Temp\31477.exe C:\Users\Flori\AppData\Local\Temp\32069.exe C:\Users\Flori\AppData\Local\Temp\32447.exe C:\Users\Flori\AppData\Local\Temp\3698.exe C:\Users\Flori\AppData\Local\Temp\60804_updater.exe C:\Users\Flori\AppData\Local\Temp\6798.exe C:\Users\Flori\AppData\Local\Temp\6877.exe C:\Users\Flori\AppData\Local\Temp\6df64429-f63e-4780-a7d7-193abf41ec21.exe C:\Users\Flori\AppData\Local\Temp\7279.exe C:\Users\Flori\AppData\Local\Temp\7642.exe C:\Users\Flori\AppData\Local\Temp\7804.exe C:\Users\Flori\AppData\Local\Temp\877.exe C:\Users\Flori\AppData\Local\Temp\AAMHelper.exe C:\Users\Flori\AppData\Local\Temp\AdobeApplicationManager.exe C:\Users\Flori\AppData\Local\Temp\InstHelper.exe C:\Users\Flori\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-12 18:35 ==================== Ende von Ergebnis ============================ |
|
23.08.2015, 05:56
| #5 |
| /// the machine /// TB-Ausbilder | Wie Trojaner Verseucht kommplettes Windos Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.08.2015, 16:39
| #6 |
| | Wo Trojaner Verseucht kommplettes Windos Lösung! Ich kann die 2 seiten zu dem programm nicht aufmachen.. |
|
23.08.2015, 18:30
| #7 | |
  | Trojaner Verseucht kommplettes WindosZitat:
 Ne, Spaß bei Seite, unser Downloadportal war down, sollte jetzt wieder funktionieren.  Und wieder weg |
|
23.08.2015, 19:42
| #8 |
| | Trojaner Verseucht kommplettes Windos HAHA Witzbold oder wie   Code:
ATTFilter ComboFix 15-08-20.01 - Flori 23.08.2015 20:32:57.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8087.2992 [GMT 2:00]
ausgeführt von:: g:\d\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\deal4realo
c:\program files (x86)\deal4realo\mHzlrOXv7wZrQl.dat
c:\program files (x86)\deal4realo\mHzlrOXv7wZrQl.tlb
c:\program files (x86)\savEitkeEP.i
c:\program files (x86)\savEitkeEP.i\0NMoTAapu7yd6X.dat
c:\program files (x86)\savEitkeEP.i\0NMoTAapu7yd6X.tlb
c:\program files (x86)\ShopperPro
c:\program files (x86)\ShopperPro\config.json
c:\program files (x86)\ShopperPro\database1_0_0.ej
c:\program files (x86)\ShopperPro\database1_0_0.json
c:\program files (x86)\ShopperPro\FireFox\chrome.manifest
c:\program files (x86)\ShopperPro\FireFox\content\overlay.xul
c:\program files (x86)\ShopperPro\FireFox\content\shopperpro_128.png
c:\program files (x86)\ShopperPro\FireFox\install.rdf
c:\program files (x86)\ShopperPro\JSDriver\1.42.1.2285\config.json
c:\program files (x86)\ShopperPro\JSDriver\1.42.1.2285\database1_0_0.ej
c:\program files (x86)\ShopperPro\JSDriver\jsdrv.sys
c:\programdata\ntuser.pol
c:\users\Flori\AppData\Local\lollipop
c:\users\Public\sdelevURL.tmp
G:\install.exe
H:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-07-23 bis 2015-08-23 ))))))))))))))))))))))))))))))
.
.
2015-08-23 18:36 . 2015-08-23 18:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-22 09:22 . 2015-08-22 09:23 -------- d-----w- C:\FRST
2015-08-22 08:41 . 2015-08-22 08:41 -------- d-----w- c:\users\Flori\AppData\Local\Macromedia
2015-08-21 16:26 . 2015-08-20 02:18 11745192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B135595E-81D0-4891-8080-24AC8653D5B9}\mpengine.dll
2015-08-21 16:03 . 2015-08-21 16:03 -------- d-----w- c:\users\Flori\AppData\Local\ESET
2015-08-21 15:50 . 2015-08-21 15:50 -------- d-----w- c:\programdata\AVAST Software
2015-08-21 15:48 . 2015-08-21 15:48 -------- d-----w- c:\programdata\Malwarebytes
2015-08-21 07:13 . 2015-08-23 18:39 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2015-08-19 22:26 . 2015-08-11 01:20 25191936 ----a-w- c:\windows\system32\mshtml.dll
2015-08-19 22:26 . 2015-08-11 01:14 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-19 22:26 . 2015-08-11 00:33 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-08-14 12:07 . 2015-08-14 12:38 -------- d-----w- c:\windows\rescache
2015-08-12 22:42 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:42 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 17:19 . 2015-07-30 18:06 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-08-11 16:30 . 2015-08-21 16:45 -------- d-----w- c:\program files (x86)\2b1c2aac-ecbd-45d4-8320-ab16262601f5
2015-08-11 16:24 . 2015-08-21 16:45 -------- d-----w- c:\program files (x86)\YTDownloader
2015-08-11 16:24 . 2015-08-11 16:29 -------- d-----w- c:\users\Flori\AppData\Local\Installer
2015-08-11 09:59 . 2015-08-11 09:59 820656 ----a-w- c:\program files\Common Files\System\SysMenu64.dll
2015-08-10 17:41 . 2015-08-21 16:45 -------- d-----w- c:\program files (x86)\ORBTR
2015-08-04 16:15 . 2015-08-04 16:15 -------- d-----w- c:\users\Flori\AppData\Local\CEF
2015-07-31 19:40 . 2015-08-21 16:05 -------- d-----w- c:\program files (x86)\Open Tweet Filter
2015-07-31 19:40 . 2015-08-21 16:05 -------- d-----w- c:\program files (x86)\deal44real
2015-07-28 16:40 . 2015-08-21 16:05 -------- d-----w- c:\program files (x86)\SaovErona
2015-07-28 16:40 . 2015-08-21 16:05 -------- d-----w- c:\program files (x86)\Search By eSpeedCheck
2015-07-27 16:51 . 2015-08-21 16:05 -------- d-----w- c:\program files (x86)\Instant Translate
2015-07-27 16:51 . 2015-08-21 16:05 -------- d-----w- c:\program files (x86)\PriceeDOwwnloADer
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
|
|
24.08.2015, 15:04
| #9 |
| /// the machine /// TB-Ausbilder | Trojaner Verseucht kommplettes Windos Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Trojaner Verseucht kommplettes Windos |
| arten, dos, games, inter, interne, internet, konnte, laufe, laufen, nicht mehr, nicht mehr öffnen, online, online games, programme, starte, starten, troja, trojaner, verseucht, wider, windos, öffnen |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
