| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Schwarzer Bildschirm danach seltsame MeldungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.08.2015, 10:13
| #1 |
 |  Schwarzer Bildschirm danach seltsame Meldung Guten Tag allerseits  Meine Mutter hatte heute ein sehr interessantes Phänomen als sie am PC Spider Solitär spielte. Zuerst wurde der Bildschirm schwarz, kam kurze Zeit wieder und auf einmal tauchte eine Meldung auf in der stand "Wenn du das hier liest, dann bin ich an einem besseren Ort". Schwarzer Hintergrund mit Weißer Schrift. Oben rechts in der Ecke wo schließen stand war wohl ein Bild von einem Hund... ein ... Seitenporträt wo man wohl sehr zackige Zähne sehen konnte... Sie konnte allerdings einfach auf Schließen klicken und dann war es weg... Sie meinte, dass Sie eine solche Meldung schonmal auf Arbeit bekam und naja. Jetzt sind wir etwas verwundert was sich hier abspielt... Makaberer weise bekam Sie die Nachricht auf Arbeit kurze Zeit nachdem meine Oma verstorben war und jetzt kam sie wieder wo vor etwas mehr als einem Monat unser Hund verstorben ist  Ich hab versucht es nachzustellen um die Meldung zu provozieren aber hatte kein Erfolg. Ich wollte mal fragen ob jemand eine Ahnung hat was das ist und wenn es ein Virus sein sollte wie ich ihn loswerde. Ich selbst habe die Nachricht, wie gesagt, nicht gesehen. Bis jetzt habe ich nichts auf eigene Faust unternommen, lediglich im Taskmanager nach Prozessen gesucht die sonst nicht da sind, aber Fehlanzeige. Ich bedanke mich im Voraus Mit freundlichen Grüßen Brille65. |
|
30.08.2015, 10:40
| #2 |
| /// the machine /// TB-Ausbilder    | Schwarzer Bildschirm danach seltsame Meldung hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
30.08.2015, 16:43
| #3 |
| | Schwarzer Bildschirm danach seltsame Meldung Hallo hier die Logs
__________________FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015 durchgeführt von Hermann (Administrator) auf COMPUTER (30-08-2015 17:21:27) Gestartet von C:\Users\Hermann\Desktop Geladene Profile: Hermann (Verfügbare Profile: Hermann) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Opera) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Valve Corporation) F:\Programme\Steam\Steam.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Valve Corporation) F:\Programme\Steam\bin\steamwebhelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Windows\SysWOW64\PnkBstrA.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\OverwolfBrowser.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\OverwolfBrowser.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Piotr Pawlowski) C:\Program Files (x86)\foobar2000\foobar2000.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera_crashreporter.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Valve Corporation) F:\Programme\Steam\bin\steamwebhelper.exe (Valve Corporation) F:\Programme\Steam\bin\steamwebhelper.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [Logitech G35] => C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-08-10] (Logitech(c)) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-25] (Avast Software s.r.o.) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6421592 2014-03-06] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [Steam] => F:\Programme\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation) HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] () HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [18923008 2015-06-16] () HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-19] (Overwolf LTD) IFEO\mediabuilder.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\spotfluxagent.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\spotfluxsupportrequestor.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\systemreport.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\trueimagelauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\trueimagetools.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-24] (Avast Software s.r.o.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97 Tcpip\..\Interfaces\{CDAAC6D2-322B-4A0A-A934-F4E359FA0B50}: [DhcpNameServer] 83.169.184.33 83.169.184.97 Tcpip\..\Interfaces\{F644497B-F1B1-4056-92A5-E3E0EE771A09}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKU\S-1-5-21-3540704453-1494989713-834082015-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-25] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-24] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-25] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-25] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-24] (Avast Software s.r.o.) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-25] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Hermann\AppData\Roaming\Mozilla\Firefox\Profiles\34052ydq.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation) FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2015-02-22] (Reto-Moto ApS) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.) FF Plugin-x32: @vizzed.com/VizzedRGR -> C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll [2013-01-11] (Vizzed.com) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3540704453-1494989713-834082015-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-28] () FF Extension: Advanced Cookie Manager - C:\Users\Hermann\AppData\Roaming\Mozilla\Firefox\Profiles\34052ydq.default\Extensions\cookiemgr@jayapal.com [2015-02-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-23] Chrome: ======= CHR Profile: C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-30] CHR Extension: (Google Docs) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-30] CHR Extension: (Google Drive) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-30] CHR Extension: (YouTube) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-30] CHR Extension: (APK Downloader) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2015-07-30] CHR Extension: (Google Search) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-30] CHR Extension: (Google Sheets) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-30] CHR Extension: (Avast Online Security) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-30] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-30] CHR Extension: (Chrome Web Store Payments) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30] CHR Extension: (Gmail) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-30] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-15] Opera: ======= OPR Extension: (mypermissions) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\abcaompdicgopneodlnpdoghdkgmfmnb [2015-01-29] OPR Extension: (Adguard) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2014-11-08] OPR Extension: (ZenMate for Opera™) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhbkkedmelfmalgjpkngiaoifpdfcnl [2015-03-12] OPR Extension: (HTTPS Everywhere) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2015-01-29] OPR Extension: (weboftrust) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2014-11-13] OPR Extension: (jdavid214) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2014-11-13] OPR Extension: (sarahavilov) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\njnemcgegcggpnfiamegohgfagecldcg [2014-11-13] OPR Extension: (Magic Actions for YouTube™) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlffnljnicbkfhnlomjhjlebndachaka [2015-02-21] StartMenuInternet: (HKLM) OperaStable - F:\Programme\Opera\Launcher.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-24] (Avast Software s.r.o.) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-24] (Avast Software s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-07-22] () S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.) S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2015-01-18] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation) S3 Origin Client Service; F:\Programme\Origin\OriginClientService.exe [2007048 2015-07-25] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-07-24] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-08-02] () S4 SpotfluxConnectionManager; C:\Program Files (x86)\Spotflux\services\SpotfluxConnectionManager.exe [105472 2015-01-23] (Spotflux) [Datei ist nicht signiert] S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5400848 2014-11-03] (TeamViewer GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-24] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-06-24] (Avast Software s.r.o.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-24] (Avast Software s.r.o.) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-06-24] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-24] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-24] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-24] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-24] (Avast Software s.r.o.) S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-11-08] (The OpenVPN Project) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-24] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-05-25] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-11] (Disc Soft Ltd) R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [22728 2015-05-04] (Mobile Stream) R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech) R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-05-25] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-30] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 nocashio; C:\Windows\SysWOW64\drivers\nocashio.sys [4096 2015-07-12] () [Datei ist nicht signiert] R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) R3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-03-10] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-03-10] (Acronis) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-05-15] (TuneUp Software) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-03-10] (Acronis International GmbH) S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-30 17:21 - 2015-08-30 17:21 - 00022870 _____ C:\Users\Hermann\Desktop\FRST.txt 2015-08-30 17:20 - 2015-08-30 17:20 - 00000000 ____D C:\Users\Hermann\Desktop\FRST-OlderVersion 2015-08-30 17:19 - 2015-08-30 17:21 - 00000000 ____D C:\FRST 2015-08-30 12:04 - 2015-08-30 17:20 - 02188288 _____ (Farbar) C:\Users\Hermann\Desktop\FRST64.exe 2015-08-30 11:22 - 2015-07-23 10:30 - 27893155 _____ C:\Users\Hermann\Desktop\Bunker Constructor v1.0.apk 2015-08-30 11:20 - 2015-08-30 11:20 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\uplay 2015-08-29 22:46 - 2015-08-29 22:46 - 01751231 _____ C:\Users\Hermann\videoplayback.m4a 2015-08-26 04:43 - 2015-08-26 04:43 - 00000000 _____ C:\Windows\setuperr.log 2015-08-25 13:28 - 2015-08-28 22:02 - 00000000 ____D C:\Users\Hermann\AppData\Local\Warframe 2015-08-23 07:02 - 2015-08-23 07:02 - 00381192 _____ C:\Windows\Minidump\082315-19141-01.dmp 2015-08-22 23:55 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-08-22 23:55 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-08-19 23:02 - 2015-08-29 01:24 - 00000000 ____D C:\Program Files (x86)\Overwolf 2015-08-19 23:02 - 2015-08-19 23:02 - 00003728 _____ C:\Windows\System32\Tasks\Overwolf Updater Task 2015-08-19 23:02 - 2015-08-19 23:02 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2015-08-19 23:01 - 2015-08-30 08:24 - 00000000 ____D C:\Users\Hermann\AppData\Local\Overwolf 2015-08-19 23:01 - 2015-08-19 23:02 - 00000000 ____D C:\ProgramData\Overwolf 2015-08-18 10:54 - 2015-08-23 07:02 - 1230775025 _____ C:\Windows\MEMORY.DMP 2015-08-14 17:14 - 2015-08-16 21:33 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Tropico 5 2015-08-14 14:33 - 2015-08-14 14:33 - 00042813 _____ C:\GF_Excpt.txt 2015-08-14 14:26 - 2015-08-14 14:28 - 00299008 _____ C:\Windows\SysWOW64\miccyhook.dll 2015-08-14 13:55 - 2015-08-14 14:05 - 00000000 ____D C:\Users\Hermann\Documents\corleone 2015-08-13 19:08 - 2015-08-14 20:20 - 00000000 ____D C:\Users\Hermann\Desktop\Fallout Shelter v1.1 [Mod] 2015-08-13 18:37 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-08-13 18:35 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-08-13 18:35 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-08-11 00:54 - 2015-08-11 00:54 - 00009541 _____ C:\Users\Hermann\Documents\0.Shelter_150805.CT 2015-08-10 21:57 - 2015-08-10 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sheltered 2015-08-10 12:29 - 2015-08-10 12:30 - 00000000 ____D C:\Program Files\Virtual Audio Cable 2015-08-10 12:29 - 2015-08-10 12:29 - 00098464 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2015-08-10 12:29 - 2015-08-10 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2015-08-10 12:25 - 2015-08-10 12:25 - 00000000 ____D C:\Program Files\Mega-Nerd 2015-08-10 12:23 - 2015-08-10 12:23 - 00000149 _____ C:\Users\Hermann\f.hls 2015-08-10 10:03 - 2015-08-10 10:03 - 00034223 _____ C:\Windows\SysWOW64\hs_err_pid2856.log 2015-08-09 21:05 - 2015-08-09 21:05 - 00000340 _____ C:\Users\Hermann\Documents\Bloody_9B5E5131.bld 2015-08-09 08:41 - 2015-08-14 03:05 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Tropico 3 2015-08-04 13:30 - 2015-08-04 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody 2015-08-04 13:29 - 2015-08-04 13:30 - 00000000 ____D C:\Program Files (x86)\Bloody5 2015-08-04 00:00 - 2015-08-04 00:00 - 00002713 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk 2015-08-04 00:00 - 2015-08-04 00:00 - 00000000 ____D C:\Program Files (x86)\MSECache 2015-08-04 00:00 - 2015-08-04 00:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-08-03 23:49 - 2015-08-03 23:49 - 00000000 ____D C:\Users\Hermann\Documents\DIE SIEDLER - DEdK 2015-08-03 23:31 - 2015-08-03 23:31 - 00000000 ____D C:\Users\Hermann\Documents\Egosoft 2015-08-03 15:54 - 2015-08-03 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X Rebirth 2015-08-01 20:14 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll 2015-08-01 20:14 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll 2015-08-01 00:12 - 2015-08-01 00:12 - 00000000 ___HD C:\$Windows.~WS ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-30 17:19 - 2014-11-09 01:00 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\tropico 4 2015-08-30 17:19 - 2014-11-08 12:48 - 02035421 _____ C:\Windows\WindowsUpdate.log 2015-08-30 17:18 - 2015-07-16 16:42 - 00000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-08-30 17:06 - 2015-07-30 13:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-30 16:27 - 2014-11-08 21:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-30 12:27 - 2014-11-08 13:05 - 00000000 ____D C:\Program Files (x86)\Opera 2015-08-30 11:33 - 2014-11-11 20:07 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-08-30 11:29 - 2015-06-01 00:31 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project 3 Interactive 2015-08-30 11:20 - 2014-11-08 20:33 - 00000000 ____D C:\Users\Hermann\Desktop\Ordner mit Krimskrams 2015-08-30 11:14 - 2014-11-08 13:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-30 10:44 - 2014-11-11 17:25 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\foobar2000 2015-08-30 10:29 - 2014-11-08 13:18 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-30 08:33 - 2009-07-14 06:45 - 00031920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-30 08:33 - 2009-07-14 06:45 - 00031920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-30 08:25 - 2009-07-14 06:51 - 00080514 _____ C:\Windows\setupact.log 2015-08-30 08:22 - 2015-07-30 13:52 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-30 08:22 - 2014-11-09 22:03 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-30 08:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-30 04:12 - 2014-11-08 14:16 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\TS3Client 2015-08-30 01:25 - 2015-01-01 14:15 - 00015360 ___SH C:\Users\Hermann\Thumbs.db 2015-08-30 01:10 - 2015-02-01 13:51 - 06006272 ___SH C:\Users\Hermann\Desktop\Thumbs.db 2015-08-29 22:52 - 2014-11-08 12:59 - 00000000 ____D C:\Users\Hermann 2015-08-29 21:53 - 2015-07-30 14:12 - 00000000 ____D C:\Users\Hermann\Downloads\apk-downloader 2015-08-29 21:40 - 2014-11-08 22:30 - 00004748 _____ C:\Windows\windefendam.log 2015-08-29 21:40 - 2014-11-08 22:30 - 00000020 _____ C:\Windows\capsys184523.log 2015-08-29 18:46 - 2015-02-23 15:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-08-28 03:56 - 2014-12-04 09:38 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\OBS 2015-08-28 01:01 - 2015-07-30 13:52 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-28 01:01 - 2015-07-30 13:52 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-27 13:13 - 2010-11-21 05:47 - 00964510 _____ C:\Windows\PFRO.log 2015-08-26 17:31 - 2014-11-09 21:38 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\vlc 2015-08-26 04:36 - 2014-11-12 03:06 - 00000000 ____D C:\Windows\Minidump 2015-08-25 13:29 - 2014-11-08 14:23 - 00493890 _____ C:\Windows\DirectX.log 2015-08-25 12:15 - 2014-11-11 18:56 - 00000000 ____D C:\Users\Hermann\AppData\Local\JDownloader v2.0 2015-08-25 00:55 - 2015-04-09 04:03 - 00038488 _____ C:\Users\Hermann\Documents\Lets Play Fallout 3 Part ##.veg 2015-08-24 22:59 - 2015-04-09 04:03 - 00038488 _____ C:\Users\Hermann\Documents\Lets Play Fallout 3 Part ##.veg.bak 2015-08-23 00:12 - 2014-11-08 13:29 - 00000000 ____D C:\Users\Hermann\AppData\Local\NVIDIA Corporation 2015-08-23 00:12 - 2014-11-08 13:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-20 16:02 - 2014-12-01 22:50 - 00000000 ____D C:\Users\Hermann\AppData\Local\ArmA 2 OA 2015-08-20 11:51 - 2014-11-12 03:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2015-08-19 22:57 - 2015-04-07 16:12 - 00000000 ____D C:\ProgramData\Zoom Player 2015-08-19 17:20 - 2015-06-18 11:46 - 00000000 ____D C:\Program Files (x86)\DayZLauncher 2015-08-19 14:14 - 2015-06-15 22:11 - 00003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434399095 2015-08-19 12:54 - 2014-11-08 22:30 - 00000000 ____D C:\Users\Hermann\Documents\Action! 2015-08-18 01:30 - 2014-11-08 13:29 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-08-18 01:30 - 2014-11-08 13:29 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-08-18 01:29 - 2014-11-08 13:29 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-08-18 01:29 - 2014-11-08 13:29 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-08-17 23:08 - 2014-11-11 22:18 - 00000000 ____D C:\Users\Hermann\AppData\Local\Windows Live 2015-08-14 17:44 - 2015-05-16 15:52 - 00000000 ____D C:\Program Files (x86)\BlueStacks 2015-08-14 14:26 - 2014-11-18 00:46 - 00000000 ____D C:\Users\Hermann\Desktop\Chhhiiita 2015-08-14 13:55 - 2014-11-10 11:52 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-08-14 12:22 - 2014-11-11 21:00 - 00000000 ____D C:\Windows\SysWOW64\directx 2015-08-13 18:57 - 2015-04-04 21:55 - 00000000 ____D C:\Users\Hermann\Desktop\Memecenter Bilder 2015-08-13 18:45 - 2014-11-08 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-08-12 13:32 - 2014-12-11 12:31 - 00000000 ____D C:\ProgramData\Origin 2015-08-12 12:03 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-12 04:27 - 2014-11-08 21:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-12 04:27 - 2014-11-08 21:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-12 04:27 - 2014-11-08 21:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-11 22:49 - 2011-04-12 09:43 - 00713026 _____ C:\Windows\system32\perfh007.dat 2015-08-11 22:49 - 2011-04-12 09:43 - 00155796 _____ C:\Windows\system32\perfc007.dat 2015-08-11 22:49 - 2009-07-14 07:13 - 01661072 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-11 06:52 - 2014-11-08 13:22 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-08-11 03:41 - 2014-11-13 13:37 - 00000000 ____D C:\Users\Hermann\Documents\My Games 2015-08-11 03:40 - 2014-11-20 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-08-11 03:40 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-08-10 12:25 - 2014-12-03 12:43 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2015-08-10 12:25 - 2014-12-03 12:43 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2015-08-10 12:25 - 2014-12-03 12:43 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2015-08-10 12:25 - 2014-12-03 12:43 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2015-08-10 00:34 - 2014-12-04 09:38 - 00000000 ____D C:\Program Files (x86)\OBS 2015-08-08 08:55 - 2014-11-10 17:58 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Skype 2015-08-07 13:06 - 2015-06-23 00:28 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-08-07 13:06 - 2015-06-13 14:44 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-08-07 13:06 - 2015-03-02 04:48 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-08-07 13:06 - 2014-11-09 22:02 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-08-07 13:06 - 2014-11-09 22:02 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-08-07 13:06 - 2014-11-09 21:55 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-08-07 13:06 - 2014-11-09 21:55 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-08-07 13:06 - 2014-11-09 21:55 - 00033050 _____ C:\Windows\system32\nvinfo.pb 2015-08-07 12:11 - 2015-07-26 14:35 - 00000000 ____D C:\Users\Hermann\AppData\Local\UnofficialWhatsApp 2015-08-07 12:11 - 2015-06-28 17:23 - 00001247 _____ C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unofficial WhatsApp.lnk 2015-08-07 10:19 - 2014-11-08 22:07 - 00033456 _____ C:\Users\Hermann\Documents\Lets Play War of the Roses Part ##.veg 2015-08-07 10:12 - 2014-11-08 22:07 - 00033456 _____ C:\Users\Hermann\Documents\Lets Play War of the Roses Part ##.veg.bak 2015-08-07 06:34 - 2014-11-09 22:02 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-08-07 06:34 - 2014-11-09 22:02 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-08-07 06:34 - 2014-11-09 22:02 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-08-07 06:34 - 2014-11-09 22:02 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-08-07 06:34 - 2014-11-09 22:02 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-08-07 06:34 - 2014-11-09 22:02 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-08-06 20:15 - 2015-03-21 19:51 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2015-08-06 20:15 - 2014-12-23 01:53 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2015-08-06 20:04 - 2014-12-23 01:53 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2015-08-05 12:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-08-05 11:32 - 2014-11-08 14:16 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-08-04 05:35 - 2014-11-09 21:21 - 00000000 ____D C:\Users\Hermann\SimpleJavaYoutubeUploader 2015-08-04 00:23 - 2015-04-14 01:56 - 00000000 ____D C:\Users\Hermann\Documents\Rockstar Games 2015-08-03 12:12 - 2014-11-09 22:02 - 05133709 _____ C:\Windows\system32\nvcoproc.bin 2015-08-02 19:29 - 2014-12-23 01:53 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2015-08-02 19:23 - 2015-02-03 12:42 - 00000000 ____D C:\Users\Hermann\AppData\Local\PunkBuster 2015-08-01 00:48 - 2014-11-09 21:28 - 00000000 ____D C:\Users\Hermann\Desktop\Streams ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-11-29 02:47 - 2014-11-29 02:48 - 222875441 _____ () C:\Users\Hermann\AppData\Roaming\.minecraft.rar 2014-11-21 20:42 - 2015-02-12 01:50 - 0000015 _____ () C:\Users\Hermann\AppData\Roaming\A.ce7911766fde05aca1083872e180532a2.resizer_settings 2015-04-27 05:30 - 2015-05-26 20:39 - 0000097 _____ () C:\Users\Hermann\AppData\Roaming\LauncherSettings_live.cfg 2015-04-27 04:41 - 2015-04-27 04:41 - 0008146 _____ () C:\Users\Hermann\AppData\Roaming\TheHunterSettings_live.bin 2015-04-27 04:40 - 2015-04-27 04:40 - 0000040 _____ () C:\Users\Hermann\AppData\Roaming\TheHunterSettings_steam_live.cfg 2015-04-07 16:05 - 2015-04-07 16:05 - 0004608 _____ () C:\Users\Hermann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-18 10:47 - 2015-03-18 10:47 - 0000000 ___SH () C:\Users\Hermann\AppData\Local\LumaEmu 2015-05-18 18:11 - 2015-06-24 22:06 - 0007608 _____ () C:\Users\Hermann\AppData\Local\Resmon.ResmonCfg 2014-11-08 13:51 - 2014-11-08 13:51 - 0000003 _____ () C:\Users\Hermann\AppData\Local\updater.log 2014-11-08 13:51 - 2015-04-23 21:25 - 0000424 _____ () C:\Users\Hermann\AppData\Local\UserProducts.xml 2015-04-19 20:16 - 2015-04-19 20:26 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip 2014-12-04 16:41 - 2014-12-04 16:41 - 0012391 _____ () C:\ProgramData\mptmqteo.hmi Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Hermann\AmazonMusicInstaller.exe C:\Users\Hermann\GamersGoMakers.exe C:\Users\Hermann\Vivaldi_TP_1.0.83.38.exe C:\Users\Hermann\xobglu16.dll C:\Users\Hermann\xobglu32.dll Einige Dateien in TEMP: ==================== C:\Users\Hermann\AppData\Local\Temp\A~NSISu_.exe C:\Users\Hermann\AppData\Local\Temp\proxy_vole4700644092182781752.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-23 01:26 ==================== Ende von FRST.txt ============================ |
|
30.08.2015, 16:44
| #4 |
| | Schwarzer Bildschirm danach seltsame Meldung Und Addition.txt : Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-08-2015
durchgeführt von Hermann (2015-08-30 17:21:53)
Gestartet von C:\Users\Hermann\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3540704453-1494989713-834082015-500 - Administrator - Disabled)
Gast (S-1-5-21-3540704453-1494989713-834082015-501 - Limited - Disabled)
Hermann (S-1-5-21-3540704453-1494989713-834082015-1000 - Administrator - Enabled) => C:\Users\Hermann
HomeGroupUser$ (S-1-5-21-3540704453-1494989713-834082015-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.4.1695 - Open Media LLC)
60 Seconds! (HKLM-x32\...\NjBTZWNvbmRz_is1) (Version: 1 - )
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.26.1 - Mirillis)
Acubix PicoZip 4.02 (HKLM-x32\...\Acubix PicoZip_is1) (Version: 4.02 - Acubix)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
Aftermath version 1.0 (HKLM-x32\...\{024D0ADC-6846-4B7A-B12F-D571DF826068}}_is1) (Version: 1.0 - Free Reign Entertainment)
Alpha Protocol (HKLM-x32\...\Steam App 34010) (Version: - Obsidian Entertainment)
Amazon Music (HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
American Conquest (HKLM-x32\...\Steam App 115210) (Version: - GSC Game World)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 1602 Königs-Edition (HKLM-x32\...\ANNO 1602 Königs-Edition) (Version: - )
Another Life Client 2.2 (HKLM-x32\...\{03C4FBA5-C5D6-48A8-A80A-A2D4A9D84484}}_is1) (Version: 2.2 - Tim Witschel Serververmietung)
Another Life Client 2.3 (HKLM-x32\...\{CCA8971F-3C14-476B-BBE4-287A7ECE6D35}}_is1) (Version: 2.3 - Tim Witschel Serververmietung)
Another Life Client 2.5 (HKLM-x32\...\{E7D8836D-F108-4356-B00F-FC04F088E422}}_is1) (Version: 2.5 - Tim Witschel Serververmietung)
Another Life Client 2.6 (HKLM-x32\...\{34829E49-03BF-4146-97EF-AA46A66CF206}}_is1) (Version: 2.6 - Tim Witschel Serververmietung)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version: - )
Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
ARMA 2: Private Military Company - Data cache removal (HKLM-x32\...\A2PMC Data cache removal) (Version: - )
Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.8.0 - Asmedia Technology)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.518 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.518 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.518 - AVG Technologies) Hidden
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.1.0.5 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games)
BinMake Uninstall (HKLM-x32\...\BinMake) (Version: - )
BinPBO Personal Edition Uninstall (HKLM-x32\...\BinPBO Personal Edition) (Version: - )
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.06.0005 - Bloody)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cities XL Platinum (HKLM-x32\...\Steam App 231140) (Version: - Focus Home Interactive)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - )
Commander: Conquest of the Americas Gold (HKLM-x32\...\Steam App 254020) (Version: - )
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version: - Relic Entertainment)
Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version: - Relic Entertainment)
Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version: - Relic Entertainment)
Confrontation (HKLM-x32\...\Steam App 204560) (Version: - Cyanide)
Cosmonautica (HKLM-x32\...\1434623024_is1) (Version: 2.0.0.1 - GOG.com)
Cossacks: Back to War (HKLM-x32\...\Steam App 4850) (Version: - GSC Game World)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crazy Taxi (HKLM-x32\...\Steam App 71230) (Version: - SEGA)
Crazy Taxi 3 (HKLM-x32\...\{831ADB7A-8882-41B1-82F7-2746FEC3FA91}) (Version: - )
CrazySchool entfernen (HKLM-x32\...\LECS_2CODER_is1) (Version: - Limbic Entertainment GmbH)
CrystalDiskMark 3.0.3b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3b - Crystal Dew World)
Cultures2 - Die Tore Asgards (HKLM-x32\...\Cultures2) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version: - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Horde (HKLM-x32\...\Steam App 27940) (Version: - DnS Development)
Dead State (HKLM-x32\...\1207666333_is1) (Version: 2.0.0.1 - GOG.com)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games)
Dev Guy (HKLM-x32\...\Steam App 351800) (Version: - )
Divinity II: Developer's Cut (HKLM-x32\...\Steam App 219780) (Version: - Larian Studios)
Donation-Tracker (HKLM-x32\...\Donation-Tracker) (Version: - )
East India Company Gold (HKLM-x32\...\Steam App 254000) (Version: - )
EasyTether (HKLM-x32\...\{f35c852c-fc42-4050-ae97-8c15d2e00cf3}) (Version: 1.3.2 - Mobile Stream)
EasyTether (Version: 1.3.2 - Mobile Stream) Hidden
EasyTether ADB USB driver (HKLM\...\{C7D0182C-824E-4795-88B0-418B8FED0203}) (Version: 1.0.5 - Mobile Stream)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Empire Earth Gold Edition (HKLM-x32\...\GOGPACKEMPIREEARTHGOLD_is1) (Version: 2.0.0.14 - GOG.com)
Enclave (HKLM-x32\...\Steam App 253980) (Version: - Topware)
Enforcer - Police Crime Action (HKLM-x32\...\{4D19FB7D-69F6-4421-B456-187536DF9F2F}) (Version: 1.0.3.1 - Odin Game Studio, Excalibur Publishing)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.3 R3 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.3 R3 Alpha - ETS2MP Team)
Evil Genius (HKLM-x32\...\Steam App 3720) (Version: - Elixir Studios)
Fallout (HKLM-x32\...\Steam App 38400) (Version: - Interplay Inc.)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Farming World version 3.9.8 (HKLM-x32\...\Farming World_is1) (Version: 3.9.8 - Excalibur)
Fishing Planet (HKLM-x32\...\Steam App 380600) (Version: - Fishing Planet LLC)
foobar2000 v1.3.5 (HKLM-x32\...\foobar2000) (Version: 1.3.5 - Peter Pawlowski)
Force Feedback Driver for XInput (HKLM\...\{FFB10368-5623-49AA-BD51-B321DB9625CE}) (Version: 6.1.7600.16385 - Masahiko Morii)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fractured Space (HKLM-x32\...\Steam App 310380) (Version: - Edge Case Games Ltd.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FSM Editor Personal Edition Uninstall (HKLM-x32\...\FSM Editor Personal Edition) (Version: - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gods Will Be Watching (HKLM-x32\...\1207664883_is1) (Version: 2.0.0.1 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Gothic (HKLM-x32\...\Steam App 65540) (Version: - Piranha – Bytes)
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version: - Piranha – Bytes)
Gothic II Addon-Datenbank (HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\www.mondgesaenge.de - G2ADB) (Version: 4.0 Beta - www.mondgesaenge.de)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version: - Piranha – Bytes)
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: - Rockstar Games)
Grand Theft Auto San Andreas (HKLM-x32\...\{2BB114DA-C718-45FE-8AB9-DEFFF0EA5569}_is1) (Version: v1.0/1.1 - Grosses_K)
Grand Theft Auto San Andreas Version 1.01 (HKLM-x32\...\Grand Theft Auto San Andreas_is1) (Version: 1.01 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: - Rockstar Games)
GT Interactive - Driver (HKLM-x32\...\GT Interactive - Driver) (Version: - )
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
Hacker Evolution - Untold (HKLM-x32\...\Steam App 70110) (Version: - exosyphen studios)
Hacker Evolution (HKLM-x32\...\Steam App 70100) (Version: - exosyphen studios)
Hacker Evolution Duality (HKLM-x32\...\Steam App 70120) (Version: - exosyphen studios)
Haeuser bauen mit Willy Werkel (HKLM-x32\...\{7A24E395-6515-4147-8489-3170836A94BB}) (Version: 1.00.0000 - Terzio Verlag)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version: - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
Halo: Spartan Assault (HKLM-x32\...\Steam App 277430) (Version: - Vanguard Games)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Hatred MULTi9 1.0 (HKLM-x32\...\Hatred MULTi9 1.0) (Version: - )
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Hidden & Dangerous 2 (HKLM-x32\...\InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}) (Version: 1.01.0000 - Illusion Softworks)
Hidden & Dangerous 2 (x32 Version: 1.01.0000 - Illusion Softworks) Hidden
Hidden & Dangerous 2 Sabre Squadron (HKLM-x32\...\InstallShield_{E2222809-FDED-4C7E-8F25-2337A8F39F03}) (Version: 1.00.0000 - Illusion Softworks)
Hidden & Dangerous 2 Sabre Squadron (x32 Version: 1.00.0000 - Illusion Softworks) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive)
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{ECFFD23C-3111-4685-8118-E1F79644203F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Hilfe (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Indeo® Software (HKLM-x32\...\Indeo® Software) (Version: - )
Into The War (HKLM-x32\...\Steam App 346370) (Version: - Small Town Studios)
Jagged Alliance - Back in Action (HKLM-x32\...\Steam App 57740) (Version: - Coreplay GmbH)
Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Knights Of Honor (HKLM-x32\...\{7911C404-9AFA-4BB2-B9B7-E47423D87528}) (Version: 1.00 - )
Knights of Honor (HKLM-x32\...\Steam App 25830) (Version: - Black Sea Studios Ltd)
KnightShift (HKLM-x32\...\Steam App 254060) (Version: - )
LAV Filters 0.64 (HKLM-x32\...\lavfilters_is1) (Version: 0.64 - Hendrik Leppkes)
libsndfile-1.0.25 (HKLM\...\{C776FEF6-2F0E-11DD-1194-001422FBF4CC}_is1) (Version: - Mega-Nerd)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Lionheart: Legacy of the Crusader (TM) (HKLM-x32\...\Lionheart_is1) (Version: - Black Isle)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - )
Logitech G35 (HKLM\...\{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}) (Version: 1.1.0 - Logitech)
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.)
LoiLoScope 2 (HKLM-x32\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.4.2 - LoiLo inc)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{E615EB85-3E84-4F91-8C24-E37DF4608588}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (HKLM\...\MX.{EAC79752-A0A4-45DB-9F99-9F6445920F77}) (Version: 14.0.0.159 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Version: 14.0.0.159 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment)
Medieval Lords (HKLM-x32\...\{FDE0D0EB-486C-48B9-A6B5-4BEAA078AF73}) (Version: 1.0 - )
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{85317F07-8719-36EF-B19E-B196F383D0F3}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mount & Blade (HKLM-x32\...\Steam App 22100) (Version: - TaleWorlds Entertainment)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mouse Editor (HKLM-x32\...\InstallShield_{3A4218DE-B9DB-4AD5-9DB2-5853D3AA0335}) (Version: 12.08.0006 - Ihr Firmenname)
MOUSE Editor (x32 Version: 12.08.0006 - Ihr Firmenname) Hidden
Mouse Recorder Pro 2.0.7.5 (HKLM-x32\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version: - Nemex Studios)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.3 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
Neighbours from Hell (HKLM-x32\...\Steam App 260750) (Version: - JoWooD Vienna)
Neighbours from Hell 2 (HKLM-x32\...\Steam App 260770) (Version: - )
NEO Scavenger (HKLM-x32\...\Steam App 248860) (Version: - Blue Bottle Games)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 28.0.1750.40 (HKLM-x32\...\Opera 28.0.1750.40) (Version: 28.0.1750.40 - Opera Software ASA)
Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.87.58.0 - Overwolf Ltd.)
Oxygen 2 Personal Edition Uninstall (HKLM-x32\...\Oxygen 2 Personal Edition) (Version: - )
Paragon Go Virtual™ 2015 (HKLM\...\{1D81BF30-9EF6-11DF-9A33-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 - )
Pirates of Black Cove Gold (HKLM-x32\...\Steam App 254040) (Version: - ) <==== ACHTUNG
PlanetSide 2 (HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Populous (HKLM-x32\...\{476CD9DE-C45F-4443-BFA7-E51C58B7E455}) (Version: 5.0.0.2 - Electronic Arts)
Port Royale 2 (HKLM-x32\...\Steam App 12470) (Version: - Ascaron Entertainment ltd.)
Port Royale 3 (HKLM-x32\...\Steam App 205610) (Version: - Gaming Minds)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version: - The Indie Stone)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Reign Of Kings (HKLM-x32\...\Steam App 344760) (Version: - Code}{atch)
Revolver's Wings Of War (HKLM-x32\...\Revolver's Wings Of War) (Version: - )
Rig 'n' Roll (HKLM-x32\...\Steam App 46370) (Version: - SoftLab-NSK)
Robin Hood (HKLM-x32\...\Steam App 46560) (Version: - Spellbound)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version: - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version: - Croteam)
Sheltered версия Update 2 (HKLM-x32\...\{8A136B77-B26D-4D25-A6E3-6CB5F6DCBF1B}_is1) (Version: Update 2 - Team17 Digital Ltd)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
Sid Meier's Civilization III: Complete (HKLM-x32\...\Steam App 3910) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - EA - Maxis)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SMPlayer 14.9.0 (HKLM-x32\...\SMPlayer) (Version: 14.9.0 - Ricardo Villalba)
Sound Tools Uninstall (HKLM-x32\...\Sound Tools) (Version: - )
Spacebase DF-9 (HKLM-x32\...\Steam App 246090) (Version: - Double Fine Productions)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
SPORE™ Galaktische Abenteuer (HKLM-x32\...\{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}) (Version: 1.01.0001 - Electronic Arts)
Spotflux (HKLM-x32\...\Spotflux) (Version: 3.1.3 - Spotflux)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version: - LucasArts)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Starbound [Nightly] version 18.11.14 (HKLM-x32\...\Starbound [Nightly]_is1) (Version: 18.11.14 - Chucklefish)
StarForge (HKLM-x32\...\StarForge_is1) (Version: - )
Starpoint Gemini (HKLM-x32\...\Starpoint Gemini1.010 DE) (Version: 1.010 DE - LGM Games)
Startfenster (HKLM-x32\...\Startfenster) (Version: - Startfenster)
StarTopia (HKLM-x32\...\GOGPACKANSTARTOPIA_is1) (Version: 2.0.0.17 - GOG.com)
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stonehearth (HKLM-x32\...\{7C3DAF30-4382-4465-9D27-79ACF7F261AC}) (Version: 0.1.0.92 - Radiant Entertainment)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games)
Streets of Moscow (HKLM-x32\...\Steam App 46230) (Version: - Gaijin Entertainment)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.34998 Beta - TeamViewer)
TexView 2 Uninstall (HKLM-x32\...\TexView 2) (Version: - )
The Good Life v.1.0.4 (HKLM-x32\...\The Good Life_is1) (Version: - Iceberg Interactive)
The Mystery of a Lost Planet version v1.0 (HKLM-x32\...\{C503D795-40CF-4451-83F4-1ED352227E20}_is1) (Version: v1.0 - screenseven)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
theHunter (HKLM-x32\...\Steam App 253710) (Version: - Expansive Worlds)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.4 - Electronic Arts)
This War of Mine (HKLM-x32\...\{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1) (Version: 1 - 11 bit studios)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.9.6 - Electronic Arts)
Tropico (HKLM-x32\...\Steam App 33520) (Version: - PopTop Software)
Tropico 2: Pirate Cove (HKLM-x32\...\Steam App 33530) (Version: - PopTop Software)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version: - Haemimont Games)
Tropico 3: Absolute Power (HKLM-x32\...\Steam App 57600) (Version: - Haemimont Games)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version: - Haemimont Games)
Tropico 5 1.9 (HKLM-x32\...\Tropico 5 1.9) (Version: 1.9 - Black Poseidon)
True Image WD Edition (HKLM-x32\...\{48F9E716-6153-4B05-B7BB-9FB42B98CDFB}) (Version: 16.0.5962 - Acronis)
Tunatic (HKLM-x32\...\Tunatic) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-41a80c2b-e7c2-49e3-9c4d-f146da65fede) (Version: - Epic Games, Inc.)
Vegas Pro 10.0 (64-bit) (HKLM\...\{7B8F9BF0-A1D5-11E0-B4E5-0013D3D69929}) (Version: 10.0.738 - Sony)
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version: - )
Visitor 3 Uninstall (HKLM-x32\...\Visitor 3) (Version: - )
Vivaldi (HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Vivaldi) (Version: 1.0.83.38 - Vivaldi)
Vizzed Retro Game Room (HKLM-x32\...\{6D9F35D2-1D6F-4E17-A79F-991A7BD24AAD}) (Version: 2.0.0 - Vizzed)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War of the Roses (HKLM-x32\...\Steam App 42160) (Version: - Fatshark)
War of the Vikings (HKLM-x32\...\Steam App 234530) (Version: - Fatshark)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Wargame: European Escalation (HKLM-x32\...\Steam App 58610) (Version: - Eugen Systems)
Weird Worlds: Return to Infinite Space (HKLM-x32\...\Steam App 226120) (Version: - Digital Eel)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Warships (HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
World War 2: Time of Wrath (HKLM-x32\...\Steam App 305390) (Version: - Wastelands Interactive)
X Rebirth Version 3.0 (HKLM-x32\...\{3C9FDB53-6B69-4D3A-A184-EF131AEC9BCE}_is1) (Version: 3.0 - Egosoft)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
Xenonauts (HKLM-x32\...\GOGPACKXENONAUTS_is1) (Version: 2.0.0.5 - GOG.com)
Yandex (HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\YandexBrowser) (Version: 15.4.2272.3911 - YANDEX)
Yandex Alpha (HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\YandexBrowser Alpha) (Version: 37.0.2062.12544 - YANDEX LLC)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)
YouWave for Android (HKLM-x32\...\YouWave) (Version: - )
ZOMBI MULTi2 1.0 (HKLM-x32\...\ZOMBI MULTi2 1.0) (Version: - )
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: 10.0.0 - Inmatrix LTD)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3540704453-1494989713-834082015-1000_Classes\CLSID\{FFB10360-5623-49AA-BD51-B321DB9625CE}\InprocServer32 -> C:\Program Files\Force Feedback Driver for XInput\x64\xiffd.dll (Masahiko Morii)
==================== Wiederherstellungspunkte =========================
28-08-2015 07:25:11 Windows Update
30-08-2015 11:01:11 Entfernt Anno 1701
30-08-2015 11:10:31 Entfernt ANNO 1503
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0848B973-9B1B-4FE5-9282-37424BD137A1} - System32\Tasks\{60322F6E-8110-4153-8E2E-7D9F27687D5C} => c:\program files (x86)\opera\launcher.exe [2015-03-10] (Opera Software)
Task: {0E5B9485-4397-480F-84D8-9A049A700A43} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-07-19] (Overwolf LTD)
Task: {2B86AB8D-E13B-4182-9234-467353F2AAE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.)
Task: {3919870C-641A-43B9-9534-E13F9A3D49D6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3D92B4ED-5FC6-441F-9B39-EE70AF12F58F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.)
Task: {463D57E9-0A82-4D5F-82B0-596E41257414} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {74D4FD74-05C6-4C05-9B2B-2853BB6F70CE} - System32\Tasks\Security Installer => C:\Users\Hermann\AppData\Roaming\Updater\winupd.exe <==== ACHTUNG
Task: {805A97C3-962A-4EE0-B273-15210E6DCCDA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {881CEC8C-4F76-412A-B417-35384A7DCE93} - System32\Tasks\Amazon Music Helper => C:\Users\Hermann\AppData\Local\Amazon Music\Amazon Music Helper.exe
Task: {98C61430-44BF-4C8B-A4D1-719CECD4CD64} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {9E04F639-47CB-4455-A0AA-121A8E43F46D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-24] (Avast Software s.r.o.)
Task: {BD64B113-327F-4002-871E-A41C8B328F9D} - System32\Tasks\Opera scheduled Autoupdate 1415444730 => C:\Program Files (x86)\Opera\launcher.exe [2015-03-10] (Opera Software)
Task: {C2DF248A-FA2D-4B78-9DCA-6BD6431D17FF} - System32\Tasks\Opera scheduled Autoupdate 1434399095 => F:\Programme\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {D2703DBD-28E3-48DD-9E67-034F5AC85DB8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {DD64897C-E38A-4609-8F7A-78EC0FCF408C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {E71A9277-276D-496E-BC40-10F31F44823D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-05-15] (AVG Technologies)
Task: {F589BE28-1C78-4CD2-8D76-A5B74DC39C63} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F9023364-FA7D-46AF-8F81-2E62F5DA4ED3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-11-09 22:02 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-28 21:21 - 2012-06-28 21:21 - 00019456 _____ () C:\Program Files\PBO Manager v.1.4 beta\PboShellExt.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-12-23 01:53 - 2015-08-02 19:29 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-15 15:57 - 2015-05-15 15:57 - 00718136 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2015-05-15 15:58 - 2015-05-15 15:58 - 00862008 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2015-06-24 12:44 - 2015-06-24 12:44 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-24 12:44 - 2015-06-24 12:44 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-29 22:52 - 2015-08-29 22:52 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15082902\algo.dll
2015-08-30 12:07 - 2015-08-30 12:07 - 02961920 _____ () C:\Program Files\AVAST Software\Avast\defs\15083000\algo.dll
2015-04-16 00:15 - 2015-08-18 01:31 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-15 22:11 - 2015-07-03 18:12 - 00778240 _____ () F:\Programme\Steam\SDL2.dll
2015-06-15 22:11 - 2015-07-03 18:12 - 04962816 _____ () F:\Programme\Steam\v8.dll
2015-06-15 22:11 - 2015-07-03 18:12 - 01556992 _____ () F:\Programme\Steam\icui18n.dll
2015-06-15 22:11 - 2015-07-03 18:12 - 01187840 _____ () F:\Programme\Steam\icuuc.dll
2015-06-15 22:11 - 2015-08-19 22:39 - 02413248 _____ () F:\Programme\Steam\video.dll
2015-06-15 22:11 - 2014-12-01 23:31 - 02396672 _____ () F:\Programme\Steam\libavcodec-56.dll
2015-06-15 22:11 - 2014-12-01 23:31 - 00442880 _____ () F:\Programme\Steam\libavutil-54.dll
2015-06-15 22:11 - 2014-12-01 23:31 - 00479744 _____ () F:\Programme\Steam\libavformat-56.dll
2015-06-15 22:11 - 2014-12-01 23:31 - 00332800 _____ () F:\Programme\Steam\libavresample-2.dll
2015-06-15 22:11 - 2014-12-01 23:31 - 00485888 _____ () F:\Programme\Steam\libswscale-3.dll
2015-06-15 22:11 - 2015-08-19 22:39 - 00704192 _____ () F:\Programme\Steam\bin\chromehtml.DLL
2015-07-08 12:06 - 2015-07-27 03:13 - 00171008 _____ () F:\Programme\Steam\bin\openvr_api.dll
2015-07-19 13:05 - 2015-07-19 13:05 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\CoreAudioApi.dll
2015-07-19 13:05 - 2015-07-19 13:05 - 40555008 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\libcef.DLL
2015-07-19 13:05 - 2015-07-19 13:05 - 00146432 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\OWGameEventsConsumer.dll
2015-06-15 22:11 - 2015-07-03 18:12 - 39553928 _____ () F:\Programme\Steam\bin\libcef.dll
2015-03-15 12:01 - 2015-03-15 12:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-19 13:05 - 2015-07-19 13:05 - 00985088 _____ () C:\Program Files (x86)\Overwolf\0.87.58.0\ffmpegsumo.dll
2015-08-12 03:27 - 2015-08-12 03:27 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
2013-05-04 13:57 - 2013-05-04 13:57 - 00095712 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll
2014-10-29 15:50 - 2014-10-29 15:50 - 00159184 _____ () C:\Program Files (x86)\foobar2000\shared.dll
2015-08-14 22:46 - 2015-08-14 22:46 - 00189440 _____ () C:\Users\Hermann\AppData\Roaming\foobar2000\user-components\foo_osd\foo_osd.dll
2014-10-29 00:47 - 2014-10-29 00:47 - 00530944 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2014-10-29 00:48 - 2014-10-29 00:48 - 00198656 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
2014-10-29 00:48 - 2014-10-29 00:48 - 00306176 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2014-10-29 00:47 - 2014-10-29 00:47 - 00257024 _____ () C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
2014-10-29 00:48 - 2014-10-29 00:48 - 00199680 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2014-10-29 15:50 - 2014-10-29 15:50 - 01083368 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2014-10-29 00:47 - 2014-10-29 00:47 - 00301568 _____ () C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
2014-10-29 15:50 - 2014-10-29 15:50 - 01391080 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2014-10-29 10:42 - 2014-10-29 10:42 - 00356864 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2014-10-29 00:47 - 2014-10-29 00:47 - 00289280 _____ () C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
2014-10-29 00:48 - 2014-10-29 00:48 - 00351232 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2015-08-19 14:14 - 2015-08-19 14:14 - 58600568 _____ () F:\Programme\Opera\31.0.1889.174\opera.dll
2015-08-19 14:14 - 2015-08-19 14:13 - 01781368 _____ () F:\Programme\Opera\31.0.1889.174\libglesv2.dll
2015-08-19 14:14 - 2015-08-19 14:13 - 00081528 _____ () F:\Programme\Opera\31.0.1889.174\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\Users\Hermann\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Hermann\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Hermann\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Hermann\AppData\Roaming:NT2
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\vizzed.com -> www.vizzed.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3540704453-1494989713-834082015-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 83.169.184.33 - 83.169.184.97
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\startupreg: AdBuck.exe => C:\Program Files (x86)\AdBuck\AdBuck.exe
MSCONFIG\startupreg: Amazon Music => "C:\Users\Hermann\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DriverMax => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent
MSCONFIG\startupreg: PicoZip => C:\Program Files (x86)\PicoZip\PicoZipTray.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: spotflux => C:\Program Files (x86)\Spotflux\services\SpotfluxAgent.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F85E61B4-14CF-4934-A1B9-4F2FC18C6B19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9F631623-215E-4CB3-889F-EAEEA87F39EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1FD1924D-26EB-4718-B4EA-BE748AE871E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{507E76B8-6F98-4B0F-8492-CDDBCBDF39C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{889C69CC-AE05-4F0A-8DFE-625758B267BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C393421E-1828-4DE1-A797-04E0FBBB3061}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A5B1CE85-BA9C-4237-A84C-72C02AF7741B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6D0DABA1-676C-485A-A5D9-F43A7F1CA428}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7C1546EA-1C81-4131-B23D-740C45B21280}] => (Allow) LPort=2869
FirewallRules: [{B659C009-9DAF-4D8F-9521-0F4FE8489E28}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{754B50F6-A01D-4D98-867E-CAD34E6B25D0}C:\program files (x86)\anno 1602 königs-edition\1602.exe] => (Allow) C:\program files (x86)\anno 1602 königs-edition\1602.exe
FirewallRules: [UDP Query User{26D492E0-229A-480B-AB3D-C2CA4EE32142}C:\program files (x86)\anno 1602 königs-edition\1602.exe] => (Allow) C:\program files (x86)\anno 1602 königs-edition\1602.exe
FirewallRules: [TCP Query User{B1BFFE88-BDCE-42A6-A17D-BFEDD3E27057}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F24C44FA-27A4-4BA6-8357-7E6AC1BE5441}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{AA7FACD4-3FEB-4114-94CD-0964C4C45C54}C:\program files (x86)\starforge\starforge.exe] => (Block) C:\program files (x86)\starforge\starforge.exe
FirewallRules: [UDP Query User{27F81D26-A2BE-4EC6-9472-8819FC795D2F}C:\program files (x86)\starforge\starforge.exe] => (Block) C:\program files (x86)\starforge\starforge.exe
FirewallRules: [{4D5ACCBD-0454-4CCF-B004-3DC4B234A292}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{D3AA3C76-9F38-4D6E-A591-223B863631CB}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{CFB0E41F-0C33-4748-BE9A-C0FDB266EFBA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2D2FF414-80DC-4DAA-8DB1-C544D5D84DCD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{1A2EBB8E-915E-4D73-BC86-FB9B8FD59F8B}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{DFAF3A11-44D6-463A-95E9-2037178F33E8}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{830DF924-8D1D-44BC-8ED3-23D372752B67}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [{33D83AFA-F4CA-4357-BFD8-5EA39135C3F2}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [{93EF715A-FB50-4A7B-83AE-8F7007FFEAA3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E3CA73D5-A595-41D6-88B5-4DE2A64649B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6201A16D-AA3D-4738-8C85-D82012288D0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FB69525E-3ABA-434C-B37F-DE5F7488A970}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{105ADA69-0804-45DA-9D36-88FFA12A7DDB}] => (Allow) C:\Users\Hermann\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{9E52C2E0-3C37-4B9F-923A-F968309554C7}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{C5911017-DBB5-4618-8A09-E3069944D07E}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{842167DE-08A9-4F70-A285-0259B35F6829}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4871AE93-CFE9-4924-AF54-45C9D0EC2610}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5DDB93ED-0489-4D30-8281-F5018E018FD0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{501FC4C8-FEB4-4DBA-B91B-E06F365A001F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{A1ED19C8-9F7D-481F-8D65-3C0AE3257501}] => (Allow) H:\Programme\Steam\steamapps\common\Alpha Protocol\APLauncher.exe
FirewallRules: [{1CB0DE8D-4856-4307-938F-96F64A3EC844}] => (Allow) H:\Programme\Steam\steamapps\common\Alpha Protocol\APLauncher.exe
FirewallRules: [{0CF603A4-00C4-42C4-BABC-8140BC346F68}] => (Allow) H:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{BC269B1D-1A54-46D5-AA27-DC1DDE2CEECD}] => (Allow) H:\Program Files (x86)\Origin Games\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{C6112B9D-A1BE-4BFD-9239-AAF1A8C7ABC3}] => (Allow) H:\Program Files (x86)\Origin Games\Populous\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{E04999D9-DA46-4654-A85D-C1FED2BE4E0D}] => (Allow) H:\Program Files (x86)\Origin Games\Populous\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{AAC2CBAA-48B8-4507-B9B3-8B8F7602E7D7}] => (Allow) H:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{06A3BF10-C9C1-4659-9CC9-DE93C373E965}] => (Allow) H:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{718BA97B-E6B4-429A-AA30-8D63F734C5F4}] => (Allow) H:\Programme\Steam\steamapps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{92DCD15A-149D-4D02-994D-C5BB82DB6A63}] => (Allow) H:\Programme\Steam\steamapps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{FE4DC7DE-B6AD-4DCE-A8EB-CB89BFCDA197}] => (Allow) H:\Programme\Steam\steamapps\common\Weird Worlds\weirdworlds.exe
FirewallRules: [{0A5465A4-E335-4160-9E1B-907AE479AFBD}] => (Allow) H:\Programme\Steam\steamapps\common\Weird Worlds\weirdworlds.exe
FirewallRules: [{06CC1284-FA05-4AB8-B517-09D5EAAFA91F}] => (Allow) H:\Programme\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{4FB5AA40-EB57-4B9D-AA03-966D45E6C0BB}] => (Allow) H:\Programme\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{AFEFFAE8-075F-475E-B8F8-48111613729A}] => (Allow) H:\Programme\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{FB7DF27C-8624-48B3-994D-2DF6EF2357F7}] => (Allow) H:\Programme\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{BF11EA50-5491-47BB-B238-377FE879CD7F}] => (Allow) H:\Programme\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{B0F3BAB2-128C-4E3C-9056-5004A3E88298}] => (Allow) H:\Programme\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{EB7B0EC2-D5C5-4167-9D46-639009E78B54}] => (Allow) H:\Programme\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{93EF49BF-A53D-42BD-A4AC-1BB36A9BBE9E}] => (Allow) H:\Programme\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{104657E4-3590-4577-9C0A-1987BDAE5F09}] => (Allow) H:\Programme\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{8B964781-D2CD-4300-92D5-C4FC844032E3}] => (Allow) H:\Programme\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe
FirewallRules: [{7F4B9016-27DA-4B2F-BEB7-7DAF3B7A458D}] => (Allow) H:\Programme\Steam\steamapps\common\Hitman Blood Money\configure.exe
FirewallRules: [{4FBE4BCA-1094-452F-AA23-5042E064E07B}] => (Allow) H:\Programme\Steam\steamapps\common\Hitman Blood Money\configure.exe
FirewallRules: [{A816A73D-9B6C-45F5-8E02-109278DF32AF}] => (Allow) H:\Programme\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{0250C0E7-1D79-4399-9DAC-297738F28FF8}] => (Allow) H:\Programme\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{C4FB3CD2-52D2-4701-B313-448A8E84BB4A}] => (Allow) H:\Programme\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{54758588-5472-494D-9F87-E4281B8B5E76}] => (Allow) H:\Programme\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{B9D5ECDE-DDC4-46D2-8BAE-4FBFB153703E}] => (Allow) H:\Programme\Steam\steamapps\common\World War 2 Time of Wrath\tow_setup.exe
FirewallRules: [{57D0C7F7-49FA-492E-A374-81563BD429D7}] => (Allow) H:\Programme\Steam\steamapps\common\World War 2 Time of Wrath\tow_setup.exe
FirewallRules: [{A9F573A3-97C5-4E0F-B4FF-8BB7AF8AD4FD}] => (Allow) H:\Programme\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{396DA8C8-EF59-4FED-BB8A-A41830BF328C}] => (Allow) H:\Programme\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{757CA227-CA40-4E09-9DAA-90DE9DAE8745}] => (Allow) H:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{09957D6D-005C-4F66-8036-9418B725B46E}] => (Allow) H:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8A197C46-C705-4B3D-B789-14FD92D4BCF0}] => (Allow) H:\Programme\Steam\steamapps\common\SpacebaseDF9\Space.exe
FirewallRules: [{EDBF995F-2744-4F37-BD57-BABC79D4318B}] => (Allow) H:\Programme\Steam\steamapps\common\SpacebaseDF9\Space.exe
FirewallRules: [{0F1F796A-DEC1-447F-86FE-1763163D93EE}] => (Allow) H:\Programme\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F100F70E-C027-46DD-8968-80528E72865F}] => (Allow) H:\Programme\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{62DF72D6-014E-4C99-83A6-29F1BE4EA8B3}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution\HackerEvolution.exe
FirewallRules: [{D922A71A-1AAB-4EE2-9603-4FDFE944B87C}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution\HackerEvolution.exe
FirewallRules: [{03BF66C5-CA6E-4D6D-96D9-CF8B7499BE98}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution\HackerEvolutionModEditor.exe
FirewallRules: [{601FB6B7-D119-47B8-818D-A4AE66B4E978}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution\HackerEvolutionModEditor.exe
FirewallRules: [{B3CD21FB-1950-4160-A94C-760A2B5E9897}] => (Allow) H:\Programme\Steam\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{2841F337-D1F9-4610-BD9B-016581888F3C}] => (Allow) H:\Programme\Steam\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{C570C3C1-0639-49EF-9DBF-77587E31DAB4}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution Untold\Hacker Evolution Untold.exe
FirewallRules: [{BC51D887-14DF-4010-8FFF-2FE90A57213A}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution Untold\Hacker Evolution Untold.exe
FirewallRules: [{31727D0C-0FAC-4DE3-B959-13FBB1B682DF}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution Untold\Hacker Evolution Mod Editor.exe
FirewallRules: [{E9C46609-C416-4A6D-A9B9-31EAD31B9CF0}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution Untold\Hacker Evolution Mod Editor.exe
FirewallRules: [{1ED51D7A-0A8A-41A6-8EAB-990A195285B7}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution Duality\Hacker Evolution Duality.exe
FirewallRules: [{30F27766-45E5-47F2-BF57-C248B6218D8C}] => (Allow) H:\Programme\Steam\steamapps\common\Hacker Evolution Duality\Hacker Evolution Duality.exe
FirewallRules: [{3C243ABD-A419-4405-919E-EFBF0859BFC4}] => (Allow) H:\Programme\Steam\steamapps\common\Confrontation\Confrontation.exe
FirewallRules: [{5CFF7FDA-E8CB-4963-9938-9914A5F71FB3}] => (Allow) H:\Programme\Steam\steamapps\common\Confrontation\Confrontation.exe
FirewallRules: [{8CBCC74B-7A93-48BC-AD9B-5D3853B140B8}] => (Allow) H:\Programme\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{FCB8E2F7-157B-454E-8FC9-FD8E5ECF8E4F}] => (Allow) H:\Programme\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{BC711C91-D10E-4600-ACDC-FB0BBA1D60DC}] => (Allow) H:\Programme\Steam\steamapps\common\divinity2_dev_cut\Autorun.exe
FirewallRules: [{7D4FDE93-2D42-4000-B0C6-F24AB3A284D5}] => (Allow) H:\Programme\Steam\steamapps\common\divinity2_dev_cut\Autorun.exe
FirewallRules: [{3D99D714-44B7-4504-B338-FFA5809A8108}] => (Allow) H:\Programme\Steam\steamapps\common\Enclave\Enclave.exe
FirewallRules: [{4CE050D6-20BE-4B40-BF80-6A1E10AA88DC}] => (Allow) H:\Programme\Steam\steamapps\common\Enclave\Enclave.exe
FirewallRules: [{5FA0CF8B-F49B-4A54-BE27-CCCA11257E45}] => (Allow) H:\Programme\Steam\steamapps\common\East India Company Gold\eastindia.exe
FirewallRules: [{69DB2A3E-F007-45B5-818C-D0D1B5D0FEDB}] => (Allow) H:\Programme\Steam\steamapps\common\East India Company Gold\eastindia.exe
FirewallRules: [{1F981DC9-ADB6-48D2-9606-E9ED1D4019CD}] => (Allow) H:\Programme\Steam\steamapps\common\East India Company Gold\piratebay.exe
FirewallRules: [{F0644B27-ABE8-483D-A974-094F20F322C5}] => (Allow) H:\Programme\Steam\steamapps\common\East India Company Gold\piratebay.exe
FirewallRules: [{AA02CA06-5D53-4057-BAFD-B431F3D74D50}] => (Allow) H:\Programme\Steam\steamapps\common\East India Company Gold\privateer.exe
FirewallRules: [{54381B14-6C28-4CB0-B656-98844150C52A}] => (Allow) H:\Programme\Steam\steamapps\common\East India Company Gold\privateer.exe
FirewallRules: [{8F332786-D8C2-48AB-A20C-13FF9F666247}] => (Allow) H:\Programme\Steam\steamapps\common\East India Company Gold\trafalgar.exe
FirewallRules: [{34EEA843-D630-4991-88D4-39E0F5507A3D}] => (Allow) H:\Programme\Steam\steamapps\common\East India Company Gold\trafalgar.exe
FirewallRules: [{CB44CDDC-C85A-4172-A08B-718D46421B99}] => (Allow) H:\Programme\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{CBD7F0EB-7345-496D-97D0-FEDD6D0E58ED}] => (Allow) H:\Programme\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{B50868B2-240E-4BBC-AAA6-31727CC8E1A9}] => (Allow) H:\Programme\Steam\steamapps\common\Defy Gravity\DefyGravity.exe
FirewallRules: [{35578D65-0A2D-4063-9B32-B03D52AE5956}] => (Allow) H:\Programme\Steam\steamapps\common\Defy Gravity\DefyGravity.exe
FirewallRules: [{B95C938E-781E-4501-9A33-ADA598BEF5C7}] => (Allow) H:\Programme\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{2ACEEF9D-3F71-4F32-AF0F-AD48803DD3A3}] => (Allow) H:\Programme\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{13B038CD-1A28-4CCF-9942-69D3A9799ADF}] => (Allow) H:\Programme\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{48340A4D-CF8C-41FD-9E2A-E3AE53A6D675}] => (Allow) H:\Programme\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{13888797-76F5-4D08-A70E-8B18DB121B91}] => (Allow) H:\Programme\Steam\steamapps\common\Cities XL Platinum\CitiesXL_Platinum.exe
FirewallRules: [{0002F6C5-50DC-4824-9462-D86AC945D20A}] => (Allow) H:\Programme\Steam\steamapps\common\Cities XL Platinum\CitiesXL_Platinum.exe
FirewallRules: [{F77C0424-4382-411C-B6D2-1A3E4F7575F5}] => (Allow) H:\Programme\Steam\steamapps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{7F7D25E4-CE9A-4F4A-8451-00C4BFF6DD3B}] => (Allow) H:\Programme\Steam\steamapps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{402BFC26-8CC4-4A30-A255-657005AB15E7}] => (Allow) H:\Programme\Steam\steamapps\common\Tropico 3\Tropico3.exe
FirewallRules: [{1C898D55-D63A-477D-A0C3-FB7C1245F486}] => (Allow) H:\Programme\Steam\steamapps\common\Tropico 3\Tropico3.exe
FirewallRules: [{2B91A7A2-94E8-4F2F-8237-FB46BE83D9D9}] => (Allow) H:\Programme\Steam\steamapps\common\Tropico\Tropico.EXE
FirewallRules: [{69C460BC-34C1-4B60-BA13-D0A7C4714232}] => (Allow) H:\Programme\Steam\steamapps\common\Tropico\Tropico.EXE
FirewallRules: [{DB8A4335-643E-49D9-B6A0-EB82F7B26627}] => (Allow) H:\Programme\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{7B6FAFB4-612D-46B7-AB7A-40BF01E8DBF4}] => (Allow) H:\Programme\Steam\steamapps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{7927F4DF-07F2-472E-B8E7-86C1277AB5BA}] => (Allow) H:\Programme\Steam\steamapps\common\KnightShift\KnightShift.exe
FirewallRules: [{82C5CB05-859E-40D9-9C16-6997C347E794}] => (Allow) H:\Programme\Steam\steamapps\common\KnightShift\KnightShift.exe
FirewallRules: [{1B6F16BE-5326-4BF7-BEE5-494B8A14E8C5}] => (Allow) H:\Programme\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{2024E6A4-367C-42BA-A6C4-86CDC9414AC9}] => (Allow) H:\Programme\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{25CB12F4-67C0-4876-852F-7B906578AE7F}] => (Allow) H:\Programme\Steam\steamapps\common\American Conquest\DMCR.EXE
FirewallRules: [{64F08CD1-41D7-4D24-B4D9-856E2E833052}] => (Allow) H:\Programme\Steam\steamapps\common\American Conquest\DMCR.EXE
FirewallRules: [{4C809C71-450D-4400-97C5-34EB26ADCA1F}] => (Allow) H:\Programme\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{3A2891F3-32A4-4AE7-B671-4C17B93E8CEB}] => (Allow) H:\Programme\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{B9271606-8518-4F73-9002-657B46ABF6EC}] => (Allow) H:\Programme\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{EB94DD03-F158-423D-B0F1-0F3CE7E4BC5F}] => (Allow) H:\Programme\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{0FA50A71-046E-4D6F-B8A1-F0A090750FD1}] => (Allow) H:\Programme\Steam\steamapps\common\Commander Conquest of the Americas Gold\Commander.exe
FirewallRules: [{32AE58B2-1DBD-4F21-A556-53BD247CB38B}] => (Allow) H:\Programme\Steam\steamapps\common\Commander Conquest of the Americas Gold\Commander.exe
FirewallRules: [{B98794B6-AB24-4784-B516-80E2BF4A20B3}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{6048E2F8-057A-4CCB-9315-4CA51C8F51AB}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{B6E6C4E6-BC0F-4282-8E36-AFCA39A3AA59}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{BC00149F-9D5C-4A2F-8D13-62FA39B53CD8}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{1E344430-8D5F-477E-9B86-B0094E3F6183}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{1D9CFCD8-3C77-473E-88DA-48092B171401}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{657B2D90-FF80-464B-B328-06397D1CF266}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{2DA2C5AE-E391-4977-8DB2-635868F90B01}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{F6E60C20-E0F7-45DE-BC32-3F3A9A45CC69}] => (Allow) H:\Programme\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A45A2156-6535-4B9E-8426-F6EDAAEA4E92}] => (Allow) H:\Programme\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1B64AF8F-9128-49D3-A50F-5B146930695F}] => (Allow) H:\Programme\Steam\steamapps\common\DeadHorde\deadhorde.exe
FirewallRules: [{52CB53E8-6D76-4743-A2FF-143C9E660473}] => (Allow) H:\Programme\Steam\steamapps\common\DeadHorde\deadhorde.exe
FirewallRules: [{5D982AC7-8D83-4553-9442-A3339BF4BC3F}] => (Allow) H:\Programme\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{4005E923-57E8-421A-B3BF-AECA862E0F75}] => (Allow) H:\Programme\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{1DFB3760-F6AB-47D5-AE81-52ABCD3F3E1C}] => (Allow) H:\Programme\Steam\steamapps\common\Halo Spartan Assault\HaloSpartanAssault.exe
FirewallRules: [{68A1391C-77B9-4153-8A32-19EDD77A33F2}] => (Allow) H:\Programme\Steam\steamapps\common\Halo Spartan Assault\HaloSpartanAssault.exe
FirewallRules: [{108174CA-A06C-418B-8CA2-6236144AC1B1}] => (Allow) H:\Programme\Steam\steamapps\common\Pirates of Black Cove Gold\bin\x86\dx9\BlackCove.exe
FirewallRules: [{2DF19B6F-34C6-4A22-AE7C-B73D6B3A68A2}] => (Allow) H:\Programme\Steam\steamapps\common\Pirates of Black Cove Gold\bin\x86\dx9\BlackCove.exe
FirewallRules: [{7C0B5741-C91F-4247-BEB9-013749134E68}] => (Allow) H:\Programme\Steam\steamapps\common\Port Royale 2\PR2.exe
FirewallRules: [{EDE02E8B-33EC-45E5-A0B7-8585C4E3BA61}] => (Allow) H:\Programme\Steam\steamapps\common\Port Royale 2\PR2.exe
FirewallRules: [{38CC8B82-2AD8-4613-91A8-D27E6CA8C5E6}] => (Allow) H:\Programme\Steam\steamapps\common\Port Royale 2\PR2Config.exe
FirewallRules: [{541BAB51-9D9C-44A3-8159-20457E3616BE}] => (Allow) H:\Programme\Steam\steamapps\common\Port Royale 2\PR2Config.exe
FirewallRules: [{B71408EE-CC3E-48F4-A597-722D6DB75C12}] => (Allow) H:\Programme\Steam\steamapps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{B2F59E73-BF96-4844-867C-F8ADDB03DC96}] => (Allow) H:\Programme\Steam\steamapps\common\Port Royale 3\PortRoyale3.exe
FirewallRules: [{C0DF81DA-2EB0-4D7E-A629-2AD0EAAE08D5}] => (Allow) H:\Programme\Steam\steamapps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [{E03E58A2-8A8D-4D2B-93B2-6AB096EE67D0}] => (Allow) H:\Programme\Steam\steamapps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [{F40DF8EA-1F55-4830-97BB-B137DFA38A12}] => (Allow) H:\Programme\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{FA26DD0C-5EDE-4C14-A856-2B9FD0FF55CC}] => (Allow) H:\Programme\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{CE4D5DD2-B220-49B0-ABD0-8ED686D53095}] => (Allow) H:\Programme\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{8D212ECC-1397-48C7-A1FF-19E9A42DFB6B}] => (Allow) H:\Programme\Steam\steamapps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{1A90ED08-16FE-4A57-88A8-291EAA267F73}] => (Allow) H:\Programme\Steam\steamapps\common\Streets of Moscow\launcher.exe
FirewallRules: [{E395AB90-3078-403F-AC04-CE3586B2AE33}] => (Allow) H:\Programme\Steam\steamapps\common\Streets of Moscow\launcher.exe
FirewallRules: [{E04BB4EA-E382-4A15-BEB7-6666D0626E9B}] => (Allow) H:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{78254A13-EFD0-4ED9-8A40-962145AAA83A}] => (Allow) H:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{B0F17502-167A-4760-8701-89B922D05591}] => (Allow) H:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{8FC0292C-B26E-46DC-83E8-8EEBA124F712}] => (Allow) H:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{0FF85162-F41E-461C-90D2-CDD950617184}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{86CBFE91-5498-4F4C-B7BF-169818C3AF71}] => (Allow) H:\Programme\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{0985C0E2-ED92-4393-9251-C2421E73C59C}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{39F18B36-969B-4E01-AC7C-6316F977BBE9}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{51FC4853-1916-4FAF-9352-2A6D6AE4EF20}] => (Allow) H:\Programme\Steam\steamapps\common\Reign Of Kings\ROK.exe
FirewallRules: [{E456F974-E373-4C50-8B02-99D303793755}] => (Allow) H:\Programme\Steam\steamapps\common\Reign Of Kings\ROK.exe
FirewallRules: [{415DB409-FEE5-42CC-9E36-DACC5348B7E6}] => (Allow) H:\Programme\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{ED924630-6BAD-4EE1-B455-33ED0C7BFA53}] => (Allow) H:\Programme\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [TCP Query User{2C9C8A24-2F16-40D6-8717-89ED1DA87329}H:\programme\anno 1404 königsedition\tools\addonweb.exe] => (Block) H:\programme\anno 1404 königsedition\tools\addonweb.exe
FirewallRules: [UDP Query User{25DDE9AF-0924-41A3-BF7D-8A5A361EE75F}H:\programme\anno 1404 königsedition\tools\addonweb.exe] => (Block) H:\programme\anno 1404 königsedition\tools\addonweb.exe
FirewallRules: [TCP Query User{C3DEE68D-2FA1-4405-9162-DBA91715EE87}H:\programme\anno 1701\anno1701.exe] => (Allow) H:\programme\anno 1701\anno1701.exe
FirewallRules: [UDP Query User{8C1016D1-3A53-4C35-B93E-AC633FED465F}H:\programme\anno 1701\anno1701.exe] => (Allow) H:\programme\anno 1701\anno1701.exe
FirewallRules: [{C3A0CA08-473A-47F0-B978-701A597B0314}] => (Allow) H:\Programme\MAGIX\Video deluxe 2015 Premium\Videodeluxe.exe
FirewallRules: [TCP Query User{1F96B448-0009-4D20-A650-059812DF5E98}H:\programme\aftermath\amlauncher.exe] => (Allow) H:\programme\aftermath\amlauncher.exe
FirewallRules: [UDP Query User{D7A68C67-AD87-46A9-9A46-E1A4D251B9F5}H:\programme\aftermath\amlauncher.exe] => (Allow) H:\programme\aftermath\amlauncher.exe
FirewallRules: [{7DD2DD47-FD42-4973-8D6B-C860A61538C0}] => (Allow) H:\Programme\Aftermath\Aftermath.exe
FirewallRules: [{2BAD69BE-9B72-45F3-A30F-F9B958D89710}] => (Allow) H:\Programme\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{7B15FADE-A31E-4680-846D-796F4905FBE9}] => (Allow) H:\Programme\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{FDEFC920-EC7F-407A-92D7-6D86F2203C18}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B7E14D36-EC94-4DE4-9FD6-B6374B8CC98A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6600AC3F-549B-4D71-B8C7-237564516505}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{095A0918-88AE-4732-9052-185EA8BFB99A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{889BFDD4-1542-4C79-8EDB-46877131C71D}C:\program files (x86)\mirillis\action!\action.exe] => (Allow) C:\program files (x86)\mirillis\action!\action.exe
FirewallRules: [UDP Query User{48FFA520-9B36-414E-B71B-B1E4230211B0}C:\program files (x86)\mirillis\action!\action.exe] => (Allow) C:\program files (x86)\mirillis\action!\action.exe
FirewallRules: [{41FD4240-AD3F-48CF-A13C-4A8F7903E6F2}] => (Block) C:\program files (x86)\mirillis\action!\action.exe
FirewallRules: [{47F32C93-85E7-4D51-AB91-9116064E8E14}] => (Block) C:\program files (x86)\mirillis\action!\action.exe
FirewallRules: [{E347AA5E-F98E-433C-9238-40568A8C51C5}] => (Allow) H:\Programme\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{96A535FB-820C-4C11-A8CC-B7D17001BEF6}] => (Allow) H:\Programme\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{9FFF6EC2-2D16-4224-8338-135B6383251C}H:\programme\Steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) H:\programme\Steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [UDP Query User{C44FCD00-35AF-44A8-A12A-7FEC6428A700}H:\programme\Steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) H:\programme\Steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{84860CA6-7D27-462D-B33A-D27CE22F2C88}] => (Allow) H:\Programme\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{FFE09ADB-D630-415E-8547-D7D498821F4C}] => (Allow) H:\Programme\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{F51036CD-5FD2-4DFA-B395-364F2FD22CA3}] => (Allow) H:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{3685900F-0D18-48B1-B088-3C683237409E}] => (Allow) H:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{9D4733BA-F783-421F-9CF2-E282565209B7}] => (Allow) H:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{8A98A5AD-B575-4E4B-964F-BCAE65E3054A}] => (Allow) H:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [TCP Query User{73479644-5B74-4AF0-8A4B-5F6DC12E50D9}H:\programme\anno 1701\anno1701addon.exe] => (Block) H:\programme\anno 1701\anno1701addon.exe
FirewallRules: [UDP Query User{EE39752C-1F50-4430-B00E-971E0FF5398C}H:\programme\anno 1701\anno1701addon.exe] => (Block) H:\programme\anno 1701\anno1701addon.exe
FirewallRules: [TCP Query User{6A79AA18-0ADB-4CA2-A803-75675D5A6F75}H:\programme\anno 1404 königsedition\tools\anno4web.exe] => (Block) H:\programme\anno 1404 königsedition\tools\anno4web.exe
FirewallRules: [UDP Query User{374E724E-29BE-47D2-B8E8-486F5DD5E6F1}H:\programme\anno 1404 königsedition\tools\anno4web.exe] => (Block) H:\programme\anno 1404 königsedition\tools\anno4web.exe
FirewallRules: [{11E8F522-44E0-4AB6-97CB-4999127D0566}] => (Allow) H:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{522C84CD-77E9-4D30-91D7-40DED8CAB546}] => (Allow) H:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{45F7ED85-8A6D-447E-844D-C6FC2737F387}] => (Allow) H:\Programme\Steam\steamapps\common\Dev Guy\Binaries\Win64\Dev Guy.exe
FirewallRules: [{AB9E8CC2-7770-476C-8508-955E5869B06E}] => (Allow) H:\Programme\Steam\steamapps\common\Dev Guy\Binaries\Win64\Dev Guy.exe
FirewallRules: [{CC19B2D0-C5E5-461E-BD5B-9C7B46A11221}] => (Allow) H:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C7983C23-DBA2-43E3-9C4D-080968C008E6}] => (Allow) H:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{1582A36C-DC81-488D-847B-7415CD43A96E}H:\programme\steam\steam.exe] => (Allow) H:\programme\steam\steam.exe
FirewallRules: [UDP Query User{02566A7D-7E45-496B-9531-8806AF424710}H:\programme\steam\steam.exe] => (Allow) H:\programme\steam\steam.exe
FirewallRules: [{339DD3A4-1E13-45B5-B805-7A19A8EFAE0B}] => (Allow) H:\Programme\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{50FAD9C8-496D-43DA-8086-539D6AD602E0}] => (Allow) H:\Programme\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{E7D3C88E-572D-4A17-B6D2-B21F2B043108}H:\gog games\empire earth gold edition\empire earth\empire earth.exe] => (Allow) H:\gog games\empire earth gold edition\empire earth\empire earth.exe
FirewallRules: [UDP Query User{152B1FC5-2139-4782-8E90-54439803B999}H:\gog games\empire earth gold edition\empire earth\empire earth.exe] => (Allow) H:\gog games\empire earth gold edition\empire earth\empire earth.exe
FirewallRules: [{253C6D51-7714-4F62-989C-84F586BD0011}] => (Block) H:\gog games\empire earth gold edition\empire earth\empire earth.exe
FirewallRules: [{888EC8BD-6082-4EC5-BBAC-D64D92A08C82}] => (Block) H:\gog games\empire earth gold edition\empire earth\empire earth.exe
FirewallRules: [{95255840-26B3-48AD-A76D-7C2A4215D5DD}] => (Allow) H:\Programme\Steam\steamapps\common\NEO Scavenger\NEOScavenger.exe
FirewallRules: [{AE6A3C8B-E3E8-469B-857F-EA0DE3BA6DD5}] => (Allow) H:\Programme\Steam\steamapps\common\NEO Scavenger\NEOScavenger.exe
FirewallRules: [{077308FA-7C74-413D-BD9D-987D0BCA17B6}] => (Allow) H:\Programme\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E87885BD-39BE-495D-82AD-ECD1EC6AFC8D}] => (Allow) H:\Programme\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{374F3254-DDAB-4465-878F-E5C08D574620}] => (Allow) H:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{5F6DE566-5518-4D38-B7C8-EB47EADF38DC}] => (Allow) H:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{E07B5211-99A0-45E3-AF3E-7813A1E8AA81}] => (Allow) H:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{8D389481-0A8C-4A40-828F-A7A313BF58D3}] => (Allow) H:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{3AE53E7F-9E67-4C26-BBA7-C7AD0518F319}] => (Allow) H:\Programme\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{ACDF36B4-FF1F-4E37-B1F2-71B50EA98836}] => (Allow) H:\Programme\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{BFD1D724-A5E0-4A8C-BBB4-66336BDAD4FC}] => (Allow) H:\Programme\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{15C8EF46-2B84-4A76-8E2F-94729BA3B57D}] => (Allow) H:\Programme\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{2AF9BEA9-75E1-47D8-A177-A4D590904768}] => (Allow) H:\Programme\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{0062C932-EDA8-405D-B913-D9951D74C4EA}] => (Allow) H:\Programme\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{AA822070-DC03-4741-97D2-13C768250313}] => (Allow) H:\Programme\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{C3AA8D51-7224-4EAF-9C4F-F0604B04FBCE}] => (Allow) H:\Programme\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{2439CDDA-B9E0-4DE2-ACE7-4ADCF73C240D}] => (Allow) H:\Programme\Steam\steamapps\common\Rig n Roll\rungame.exe
FirewallRules: [{1E94785A-E4FA-440D-A46D-DA52075CC8CE}] => (Allow) H:\Programme\Steam\steamapps\common\Rig n Roll\rungame.exe
FirewallRules: [{01039F30-7CEA-4214-9253-7BAF1730BC98}] => (Allow) H:\Programme\Steam\steamapps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [{FAAB5763-AC98-406C-AEDB-BDF89708B181}] => (Allow) H:\Programme\Steam\steamapps\common\Crazy Taxi\AppLauncher.exe
FirewallRules: [TCP Query User{5E504334-EF6B-472F-9522-B65031AB6C61}H:\programme\Steam\steamapps\common\mountblade warband\mb_warband.exe] => (Allow) H:\programme\Steam\steamapps\common\mountblade warband\mb_warband.exe
FirewallRules: [UDP Query User{2F85BF11-0177-4173-A450-59D15BA05AB4}H:\programme\Steam\steamapps\common\mountblade warband\mb_warband.exe] => (Allow) H:\programme\Steam\steamapps\common\mountblade warband\mb_warband.exe
FirewallRules: [{DE82780C-C185-4C88-AF87-DB4DBBA707DD}] => (Block) H:\programme\Steam\steamapps\common\mountblade warband\mb_warband.exe
FirewallRules: [{94F131B3-B71C-4936-9468-D90A107D8BD4}] => (Block) H:\programme\Steam\steamapps\common\mountblade warband\mb_warband.exe
FirewallRules: [TCP Query User{86A85E43-99B7-4351-98E3-DA3491496F0A}H:\programme\hidden & dangerous 2\hd2.exe] => (Allow) H:\programme\hidden & dangerous 2\hd2.exe
FirewallRules: [UDP Query User{605FB3C9-92DF-4315-B5BE-5F2532FD9FAE}H:\programme\hidden & dangerous 2\hd2.exe] => (Allow) H:\programme\hidden & dangerous 2\hd2.exe
FirewallRules: [TCP Query User{6255139C-F2C5-4C86-A09D-718281FD866A}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{3BA25E90-32ED-4540-8CFA-C5D2FBFEEC51}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [TCP Query User{3D977E99-E108-42C2-96AB-11169671F901}H:\programme\hidden & dangerous 2\hd2ds.exe] => (Allow) H:\programme\hidden & dangerous 2\hd2ds.exe
FirewallRules: [UDP Query User{3A0B90A9-77DF-4AA3-B0CC-9F0CFE0231A1}H:\programme\hidden & dangerous 2\hd2ds.exe] => (Allow) H:\programme\hidden & dangerous 2\hd2ds.exe
FirewallRules: [{78268139-E845-4108-88ED-144C7C94839D}] => (Block) H:\programme\hidden & dangerous 2\hd2ds.exe
FirewallRules: [{8196254B-E6C6-4569-BC40-4E5F8C2C935A}] => (Block) H:\programme\hidden & dangerous 2\hd2ds.exe
FirewallRules: [{4CAEBEAB-FD91-4AFA-BF9B-7FF7FE916EDB}] => (Block) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{BAD949C4-8880-4673-9F17-E81E4FB5F9B0}] => (Block) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{F6C68337-990B-48B2-BD9F-DF456487296D}] => (Block) H:\programme\hidden & dangerous 2\hd2.exe
FirewallRules: [{CF98447E-D76B-45A7-A35B-9E589C3B9865}] => (Block) H:\programme\hidden & dangerous 2\hd2.exe
FirewallRules: [{4403E509-CDE5-4154-8525-3BE4462D4916}] => (Allow) H:\Programme\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{602E1B5D-806C-44AD-9E7A-BACB9833C6E6}] => (Allow) H:\Programme\Steam\steamapps\common\theHunter\launcher\launcher.exe
FirewallRules: [{F5101A22-5D3A-4EE0-8425-960476E35AFF}] => (Allow) F:\Programme\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{8878DB2C-36E1-41CC-A765-65D75BC0D884}] => (Allow) F:\Programme\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{F296C213-6BE2-4EB5-BAC7-1F2C08C6B28E}] => (Allow) F:\Programme\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{A6AAE00A-240E-4802-84DF-BC99A6EB1B1B}] => (Allow) F:\Programme\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{718E435A-BF14-4565-B269-CF23733F1823}] => (Allow) F:\Programme\Steam\steamapps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [{608C4B46-048E-4366-ABDB-B340A43D99B1}] => (Allow) F:\Programme\Steam\steamapps\common\Evil Genius\EvilGeniusLauncher.exe
FirewallRules: [{B408D515-D976-4ACC-8593-F6E6BA76B268}] => (Allow) F:\Programme\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{26FEDDCE-9308-41F6-9967-DD16F82047A9}] => (Allow) F:\Programme\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{67C899CE-7972-44C3-BCED-BE82ED14D26B}] => (Allow) F:\Programme\Steam\steamapps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{091B5B2F-4E6C-499A-A54A-73C94B907B88}] => (Allow) F:\Programme\Steam\steamapps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{16D8CB25-C8F5-4CA1-B951-C07B8DDC0702}] => (Allow) F:\Programme\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{7D8AAE85-2177-498D-97F0-8E6ED137E2D6}] => (Allow) F:\Programme\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{7C320F99-B2B8-4134-AAFF-F3C07DCE1681}] => (Allow) F:\Programme\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{B77539C5-EC57-49AD-9A2A-1F6EB1B8CB9A}] => (Allow) F:\Programme\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{E0BE4575-44E2-4309-97E4-315805C33CE5}] => (Allow) F:\Programme\Steam\steamapps\common\Mount and Blade\runme.exe
FirewallRules: [{32A970FE-92B4-44A3-BB7B-AE0F8D0CD230}] => (Allow) F:\Programme\Steam\steamapps\common\Mount and Blade\runme.exe
FirewallRules: [{7AA3C66F-7E36-4C5C-842D-0C7BA31D7B68}] => (Allow) F:\Programme\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{3A4C1C3B-50C8-47F2-AA49-89E25899A12D}] => (Allow) F:\Programme\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{F930523B-3165-4E7B-A355-A90A2190C1A3}] => (Allow) F:\Programme\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{272DD6C2-278B-4425-9BCF-3249B0FFA869}] => (Allow) F:\Programme\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{BBF72B98-0257-40BD-90AF-2D5A4944A7C6}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{7A714513-6AAA-48DE-B011-C94FBB553A23}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{DF90F53A-CB6B-44CD-B721-0D5089A76025}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{032D77A9-9817-4A9C-9757-E4E9B21A721A}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{D7C529BB-3EB6-40F9-A6F7-1CEDCE4BEBF0}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{5E884A07-F66F-47CE-9AB2-ED8015D944D8}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{3B944199-6617-495F-9942-1000C7E04C8B}] => (Allow) F:\Programme\Steam\steamapps\common\Neighbours from Hell\bin\game.exe
FirewallRules: [{7324A548-799A-47CB-8298-DFCEF3D98A1A}] => (Allow) F:\Programme\Steam\steamapps\common\Neighbours from Hell\bin\game.exe
FirewallRules: [{EE9A827A-AAD6-4CC9-B274-4F7F04FA00D2}] => (Allow) F:\Programme\Steam\steamapps\common\Neighbours from Hell 2\bin\game.exe
FirewallRules: [{6827A54A-FEAC-41DD-86DB-58435962086F}] => (Allow) F:\Programme\Steam\steamapps\common\Neighbours from Hell 2\bin\game.exe
FirewallRules: [{EBDDECCD-AC7E-4B19-8FD6-ACDC3685EACD}] => (Allow) F:\Programme\Steam\steamapps\common\Tropico 2\Tropico2.exe
FirewallRules: [{24399B9B-C109-44A0-9DA6-E1A31069167B}] => (Allow) F:\Programme\Steam\steamapps\common\Tropico 2\Tropico2.exe
FirewallRules: [{60B1B179-9A1D-4A11-9E25-D9407145B795}] => (Allow) F:\Programme\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{5608BDCD-E512-4174-B4BA-AD4702F7901D}] => (Allow) F:\Programme\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{8FE44C14-74C5-4F7E-B714-5FA70C08A01C}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{C484CFD5-3662-4633-BF1F-8B7A66A2325E}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{559F5FDB-BFC3-4D09-AEAB-7060BFF30A85}] => (Allow) F:\Programme\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{91DA8245-74FB-40EC-947A-4ABECA6CEAE7}] => (Allow) F:\Programme\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C56CF7A3-706D-4060-95D8-51FF3454341E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3327C982-6C93-4FDB-80FC-942144C86064}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A05FB900-E330-4925-91A2-AEA816C4D8E2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7354CBB2-7080-474E-9904-1F2B53D35D4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5305103-4BCA-4011-9506-9F80AACD4393}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{C9D76AB8-0107-48BE-842C-71683D6BC8E5}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{086A45AB-9DFA-4652-8AC2-F79995369902}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [{2FD17D12-44A3-410E-8BFC-DDF9E32DCB04}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [{8BEA61A0-5F7D-40C2-9805-162309F971A6}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{872B12B9-D5EF-4369-83D9-FB77C7B221BD}] => (Allow) F:\Programme\Steam\steamapps\common\Arma 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{E56B7E2F-9942-4A3A-801E-D3C18C29AD36}] => (Allow) F:\Programme\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{CA421D44-A756-486B-B7EE-771ED5913C48}] => (Allow) F:\Programme\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{5A28D5B1-FC0E-449E-B7A5-D1542347925B}] => (Allow) F:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{46967C23-B04B-4B0A-9A12-62BBB1DD1E2A}] => (Allow) F:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{EAF71874-369A-410F-890D-6F14F0009919}] => (Allow) F:\Programme\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{D2621D86-C05D-4A43-8B0B-E26C88EB2D35}] => (Allow) F:\Programme\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe
FirewallRules: [{E664E5A0-26BA-4464-83E1-D3F11ECB1E45}] => (Allow) F:\Programme\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{D8F58704-CB92-4708-817B-65C2A419025F}] => (Allow) F:\Programme\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F3E98DD4-BCD2-4356-9E30-78A52D113FEE}] => (Allow) F:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{BC65906C-6416-4D75-8635-B42FA91449D2}] => (Allow) F:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [TCP Query User{C0643E2C-0782-4CB0-B933-70FB6949FAE5}F:\programme\steam\steam.exe] => (Allow) F:\programme\steam\steam.exe
FirewallRules: [UDP Query User{BE99D169-80F7-4713-BCDC-9E8E44B6F202}F:\programme\steam\steam.exe] => (Allow) F:\programme\steam\steam.exe
FirewallRules: [TCP Query User{487FB359-A00E-49A2-8F20-8E09DEAC8A98}F:\programme\world_of_warships\wowslauncher.exe] => (Allow) F:\programme\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{ED538340-9A67-4077-99A5-727A5E1B032F}F:\programme\world_of_warships\wowslauncher.exe] => (Allow) F:\programme\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{9BB12BD9-FCF2-47B7-8100-A4BA51EEDE67}C:\users\hermann\desktop\ordner mit krimskrams\load!\load.exe] => (Allow) C:\users\hermann\desktop\ordner mit krimskrams\load!\load.exe
FirewallRules: [UDP Query User{AE5EF897-A4CD-481B-9E8C-476B009823BC}C:\users\hermann\desktop\ordner mit krimskrams\load!\load.exe] => (Allow) C:\users\hermann\desktop\ordner mit krimskrams\load!\load.exe
FirewallRules: [{F61A7BAD-8908-4F8E-A120-327489B6BC05}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{37A2F5CA-AE7B-4E76-BD2E-5ED1E2A99EFC}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{52DAFE88-34BE-43DB-90E9-F3F3A90690DD}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{D09B6015-74BD-4EEF-8076-E6D7ECBF2BAA}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [UDP Query User{D4BF098B-831F-4170-8867-EF5A9F7FF60C}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [{4AA6433E-CF86-423E-844A-B82A1B23C793}] => (Allow) F:\Programme\Steam\steamapps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{C427B947-C375-4F9E-A7F8-15A56F11E14D}] => (Allow) F:\Programme\Steam\steamapps\common\Fallout\FalloutLauncher.exe
FirewallRules: [{96A259E2-6061-45BA-A8D7-EDABB3760822}] => (Allow) F:\Programme\Steam\steamapps\common\War of the Roses\run_game.exe
FirewallRules: [{0E758910-086B-4B9A-B96D-E22C792A2E52}] => (Allow) F:\Programme\Steam\steamapps\common\War of the Roses\run_game.exe
FirewallRules: [{CEF18093-8C46-4979-AFEC-9033C5EBBD9B}] => (Allow) F:\Programme\Steam\steamapps\common\War of the Vikings\run_game.exe
FirewallRules: [{939CCC18-32AD-456C-959D-F1D1A34AA9DE}] => (Allow) F:\Programme\Steam\steamapps\common\War of the Vikings\run_game.exe
FirewallRules: [TCP Query User{6C968FE5-4C49-443A-9E53-A9B617396C5B}F:\programme\steam\steamapps\common\arma 3\arma3.exe] => (Allow) F:\programme\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{4CBA31AB-B4F5-4BEB-9FDC-A2D45C4B4638}F:\programme\steam\steamapps\common\arma 3\arma3.exe] => (Allow) F:\programme\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{8A709A8F-3905-4ED4-9F0C-5AAF30DF6B40}] => (Allow) F:\Programme\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{C34604C7-D6CC-4661-8C45-EC52EE5094A4}] => (Allow) F:\Programme\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{C27C6CD4-4086-46BC-8042-EFB704C4AF87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{37B114D8-F1A7-4FEE-BC05-84A2E6CC962B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FF2DD93D-5175-4DC3-8893-0B2EF83CDCF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{17E939CB-5F59-47AC-BA07-48946DBC7761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B35072E-D0B3-40F2-9B1F-1EE7CCD73D90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1249AD0C-8D6C-4493-B10C-830A6314DA91}] => (Allow) F:\Programme\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{42CD0293-F71D-4954-9BBD-27E439E70C20}] => (Allow) F:\Programme\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{267DCD04-0080-4F00-B495-F482DD27C03D}] => (Allow) F:\Programme\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{1274F761-9330-43A2-9C4D-B8F7797D871B}] => (Allow) F:\Programme\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{3CEE45F9-75AB-46CE-9D23-38B0292A0BC4}F:\programme\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) F:\programme\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{7CF33CD8-F3FE-47DC-AA0B-3554ABC44765}F:\programme\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) F:\programme\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [{9E5AA33D-5356-4879-AF39-4E146259DADF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3A6A1330-9400-4B26-988B-EC7CEFFBADF6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E2C6B208-6C19-4AEF-A6D9-B68A631A524D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BB3B2995-1AF6-4587-8976-E0DD65D52C98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E75AF23C-93D0-4867-A47B-27C01C7DB0FB}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{436D5F33-3A33-498B-922A-114807330757}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{BAC5EBAC-AA15-4137-9E58-B2B341D8FE72}] => (Allow) C:\Users\Hermann\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
FirewallRules: [{9960EA23-7128-4F35-A149-CE1EA8402C61}] => (Allow) F:\Programme\Steam\steamapps\common\Tropico 3\Tropico3.exe
FirewallRules: [{E99CB524-DC28-4D60-A395-9469D601BEDA}] => (Allow) F:\Programme\Steam\steamapps\common\Tropico 3\Tropico3.exe
FirewallRules: [{579CADAD-B643-4394-8D7B-3153593EE6D2}] => (Allow) F:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BBA42E19-D147-4FD4-93D8-11FF583AC989}] => (Allow) F:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{ABCD0FBD-9605-46EA-A62C-EA8AD4D62D2F}F:\programme\empyrion galactic survival v1.1.2\empyrion.exe] => (Allow) F:\programme\empyrion galactic survival v1.1.2\empyrion.exe
FirewallRules: [UDP Query User{D665E644-B919-4422-A62F-84FF163FB124}F:\programme\empyrion galactic survival v1.1.2\empyrion.exe] => (Allow) F:\programme\empyrion galactic survival v1.1.2\empyrion.exe
FirewallRules: [TCP Query User{A8558C91-E62D-417D-8910-38A32761FB18}F:\gog games\cosmonautica\bin\cosmonautica.exe] => (Allow) F:\gog games\cosmonautica\bin\cosmonautica.exe
FirewallRules: [UDP Query User{24F82BB9-E77D-46E7-AB4B-BFAC8A748BCB}F:\gog games\cosmonautica\bin\cosmonautica.exe] => (Allow) F:\gog games\cosmonautica\bin\cosmonautica.exe
FirewallRules: [{7518714A-4E8E-4C59-884B-95D6608FF1B1}] => (Allow) F:\Programme\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{0F0E59DA-B516-4461-96A6-F2C191071888}] => (Allow) F:\Programme\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{4F996CF3-263D-4EEE-A816-68E755BB814D}] => (Allow) F:\Programme\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{6B5BF52F-B7EC-4BF9-8388-B92AA83292D8}] => (Allow) F:\Programme\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{AF38ECAB-3BB7-4F34-B184-F8AFC1453C33}] => (Allow) F:\Programme\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{46EDFF4F-1796-43A9-B003-10E3400A5DF1}] => (Allow) F:\Programme\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{E67C65CB-EFC6-4F50-9BA2-2BD4A98792C6}] => (Allow) F:\Programme\Steam\steamapps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{6812FB46-9F2E-4EFD-A76A-A12476A7C870}] => (Allow) F:\Programme\Steam\steamapps\common\Beat Hazard\BeatHazard.exe
FirewallRules: [{734267EB-0157-40DB-BDF9-3330464850D8}] => (Allow) F:\Programme\Steam\steamapps\common\Beat Hazard\runme.exe
FirewallRules: [{E81469D2-19F3-4AC5-AEF0-E737C8288A6C}] => (Allow) F:\Programme\Steam\steamapps\common\Beat Hazard\runme.exe
FirewallRules: [{7767D6DA-E7A3-405F-8B08-63695AC3C9BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8F25681A-C176-4967-831F-9D8822868ADB}] => (Allow) F:\Programme\Steam\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{CDCD6DF1-29A6-4B24-9475-DF084172EE4D}] => (Allow) F:\Programme\Steam\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{16A2EB1A-2F3C-4989-93BD-918259364B14}] => (Allow) F:\Programme\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{4D243641-BE6F-44E9-9D08-9A3EDE252F24}] => (Allow) F:\Programme\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{68276B9E-10F8-4518-91B2-56B91D7CB95D}] => (Allow) F:\Programme\Steam\steamapps\common\Robin Hood\Game.exe
FirewallRules: [{CD2B75D2-DF24-468B-8F45-DC487959B533}] => (Allow) F:\Programme\Steam\steamapps\common\Robin Hood\Game.exe
FirewallRules: [{C1E6EDF3-327C-4D59-8EF7-23F026C896EB}] => (Allow) F:\Programme\Steam\steamapps\common\NEO Scavenger\NEOScavenger.exe
FirewallRules: [{365A4083-3BD3-4F79-892C-81F60BE6D9E9}] => (Allow) F:\Programme\Steam\steamapps\common\NEO Scavenger\NEOScavenger.exe
FirewallRules: [{0B3A0085-E3B0-4D0E-8FBF-CA765002C805}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{9BF6AA4F-3D2C-4C4F-9983-18AA19250556}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{4EA4FA36-7F99-460D-8DF3-93B0C0D9A488}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5FCBB3B4-A0E3-45FD-9AC1-3722DED59441}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6B20CEF7-271D-469B-8182-650C5AD9449A}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{7009EB9D-8A96-45CD-96DF-5FD2D88621F5}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{8752F118-D0E4-4A79-B035-F76713413813}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8B45E3D2-0CCF-418A-BC9D-8B99A389E01B}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{6BEEF429-3AF6-488C-A222-FDB1BC554F62}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6BC69CA6-FAAB-4D93-8B63-6D99C0D76D56}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{52E38CA5-D47E-46EF-B4F1-A40E76D4D6BB}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{38B6D155-A271-4FD5-BD49-543255A476DC}] => (Allow) F:\Programme\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{E8F28CA0-84EF-46A5-920C-B95D753380F4}] => (Allow) F:\Programme\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{C28C837C-3DB7-448C-BED8-B5AE04D17B09}] => (Allow) F:\Programme\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/30/2015 02:30:03 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (08/30/2015 02:30:03 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (08/30/2015 11:32:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeroesAndGeneralsDesktop_Run.exe, Version: 0.0.0.0, Zeitstempel: 0x5359ce1f
Name des fehlerhaften Moduls: nvd3dum.dll, Version: 10.18.13.5560, Zeitstempel: 0x55c42210
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00667e3a
ID des fehlerhaften Prozesses: 0x1e6c
Startzeit der fehlerhaften Anwendung: 0xHeroesAndGeneralsDesktop_Run.exe0
Pfad der fehlerhaften Anwendung: HeroesAndGeneralsDesktop_Run.exe1
Pfad des fehlerhaften Moduls: HeroesAndGeneralsDesktop_Run.exe2
Berichtskennung: HeroesAndGeneralsDesktop_Run.exe3
Error: (08/30/2015 11:31:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeroesAndGeneralsDesktop_Run.exe, Version: 0.0.0.0, Zeitstempel: 0x5359ce1f
Name des fehlerhaften Moduls: nvd3dum.dll, Version: 10.18.13.5560, Zeitstempel: 0x55c42210
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00667e3a
ID des fehlerhaften Prozesses: 0x21b8
Startzeit der fehlerhaften Anwendung: 0xHeroesAndGeneralsDesktop_Run.exe0
Pfad der fehlerhaften Anwendung: HeroesAndGeneralsDesktop_Run.exe1
Pfad des fehlerhaften Moduls: HeroesAndGeneralsDesktop_Run.exe2
Berichtskennung: HeroesAndGeneralsDesktop_Run.exe3
Error: (08/30/2015 11:31:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeroesAndGeneralsDesktop_Run.exe, Version: 0.0.0.0, Zeitstempel: 0x5359ce1f
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0x4000001f
Fehleroffset: 0x00056a2d
ID des fehlerhaften Prozesses: 0x1664
Startzeit der fehlerhaften Anwendung: 0xHeroesAndGeneralsDesktop_Run.exe0
Pfad der fehlerhaften Anwendung: HeroesAndGeneralsDesktop_Run.exe1
Pfad des fehlerhaften Moduls: HeroesAndGeneralsDesktop_Run.exe2
Berichtskennung: HeroesAndGeneralsDesktop_Run.exe3
Error: (08/30/2015 11:31:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeroesAndGeneralsDesktop_Run.exe, Version: 0.0.0.0, Zeitstempel: 0x5359ce1f
Name des fehlerhaften Moduls: nvd3dum.dll, Version: 10.18.13.5560, Zeitstempel: 0x55c42210
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00667e3a
ID des fehlerhaften Prozesses: 0x1fd8
Startzeit der fehlerhaften Anwendung: 0xHeroesAndGeneralsDesktop_Run.exe0
Pfad der fehlerhaften Anwendung: HeroesAndGeneralsDesktop_Run.exe1
Pfad des fehlerhaften Moduls: HeroesAndGeneralsDesktop_Run.exe2
Berichtskennung: HeroesAndGeneralsDesktop_Run.exe3
Error: (08/30/2015 11:28:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: kult.exe, Version: 17.4.0.3, Zeitstempel: 0x414c16cf
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000332d0
ID des fehlerhaften Prozesses: 0x1ad8
Startzeit der fehlerhaften Anwendung: 0xkult.exe0
Pfad der fehlerhaften Anwendung: kult.exe1
Pfad des fehlerhaften Moduls: kult.exe2
Berichtskennung: kult.exe3
Error: (08/30/2015 08:30:02 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (08/30/2015 08:30:02 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (08/30/2015 08:25:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (08/30/2015 05:18:11 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 37.5.11.143192.168.137.0255.255.255.0
Error: (08/30/2015 10:28:23 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 37.5.11.143192.168.137.0255.255.255.0
Error: (08/30/2015 08:25:43 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 37.5.11.143192.168.137.0255.255.255.0
Error: (08/30/2015 08:25:43 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (08/30/2015 08:23:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/30/2015 08:23:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.
Error: (08/29/2015 06:48:12 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 37.5.15.173192.168.137.0255.255.255.0
Error: (08/29/2015 06:48:12 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (08/29/2015 06:45:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/29/2015 06:45:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.
Microsoft Office:
=========================
Error: (08/30/2015 02:30:03 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (08/30/2015 02:30:03 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (08/30/2015 11:32:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeroesAndGeneralsDesktop_Run.exe0.0.0.05359ce1fnvd3dum.dll10.18.13.556055c42210c000000500667e3a1e6c01d0e306b7aa5ad3F:\Programme\Steam\steamapps\common\Heroes & Generals\HeroesAndGeneralsDesktop_Run.exeC:\Windows\system32\nvd3dum.dllf8320c81-4ef9-11e5-b81f-5404a668ff84
Error: (08/30/2015 11:31:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeroesAndGeneralsDesktop_Run.exe0.0.0.05359ce1fnvd3dum.dll10.18.13.556055c42210c000000500667e3a21b801d0e306aeb4379cF:\Programme\Steam\steamapps\common\Heroes & Generals\HeroesAndGeneralsDesktop_Run.exeC:\Windows\system32\nvd3dum.dllef5c1bf2-4ef9-11e5-b81f-5404a668ff84
Error: (08/30/2015 11:31:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeroesAndGeneralsDesktop_Run.exe0.0.0.05359ce1fntdll.dll6.1.7601.18869556363174000001f00056a2d166401d0e3069e01fc66F:\Programme\Steam\steamapps\common\Heroes & Generals\HeroesAndGeneralsDesktop_Run.exeC:\Windows\SysWOW64\ntdll.dlle0de2e20-4ef9-11e5-b81f-5404a668ff84
Error: (08/30/2015 11:31:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HeroesAndGeneralsDesktop_Run.exe0.0.0.05359ce1fnvd3dum.dll10.18.13.556055c42210c000000500667e3a1fd801d0e306882ef748F:\Programme\Steam\steamapps\common\Heroes & Generals\HeroesAndGeneralsDesktop_Run.exeC:\Windows\system32\nvd3dum.dlld28ea3fb-4ef9-11e5-b81f-5404a668ff84
Error: (08/30/2015 11:28:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: kult.exe17.4.0.3414c16cfntdll.dll6.1.7601.1886955636317c0000005000332d01ad801d0e306439450dfC:\Program Files (x86)\Project 3 Interactive\Kult Heretic Kingdoms\kult.exeC:\Windows\SysWOW64\ntdll.dll82b82797-4ef9-11e5-b81f-5404a668ff84
Error: (08/30/2015 08:30:02 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (08/30/2015 08:30:02 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (08/30/2015 08:25:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity:
===================================
Date: 2015-08-30 03:38:23.507
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-30 03:38:23.435
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-30 03:34:15.240
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-30 03:34:15.179
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-30 03:34:15.131
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-30 03:34:15.085
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-30 03:34:14.963
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-30 03:34:14.902
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-30 03:34:14.858
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-30 03:34:14.815
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 16351.13 MB
Verfügbarer physikalischer RAM: 10728.54 MB
Summe virtueller Speicher: 32700.47 MB
Verfügbarer virtueller Speicher: 27246.35 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:215.13 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive f: (Seagate) (Fixed) (Total:2589.63 GB) (Free:2147.43 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: D81880EB)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CB7225E5)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
31.08.2015, 07:12
| #5 |
| /// the machine /// TB-Ausbilder | Schwarzer Bildschirm danach seltsame Meldung hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.08.2015, 11:06
| #6 |
| | Schwarzer Bildschirm danach seltsame Meldung Guten Tag Malwarebytes hat so weit nichts gefunden Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.08.31.01
rootkit: v2015.08.16.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Hermann :: COMPUTER [administrator]
31.08.2015 11:44:13
mbar-log-2015-08-31 (11-44-13).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 348009
Time elapsed: 1 minute(s), 31 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
31.08.2015, 11:13
| #7 |
| | Schwarzer Bildschirm danach seltsame Meldung Der TDSSKiller-Log ist leider zu lang & zu groß. Darum als Anhang in einem .rar Verzeichnis. Tut mir leid. Kurz gesagt: 2 Sachen wurden gefunden, einmal die mitgelieferte Software meiner alten Maus (Ein .. Mauseditor..) und einmal die Software meiner neuen Maus... |
|
01.09.2015, 05:33
| #8 |
| /// the machine /// TB-Ausbilder | Schwarzer Bildschirm danach seltsame Meldung hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2015, 13:11
| #9 |
| | Schwarzer Bildschirm danach seltsame Meldung Guten Tag, hier der log Code:
ATTFilter ComboFix 15-09-01.01 - Hermann 01.09.2015 13:34:50.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16351.10014 [GMT 2:00]
ausgeführt von:: c:\users\Hermann\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Hermann\AppData\Local\Temp\INS_2eadcffd.TMP
c:\users\Hermann\AppData\Local\Temp\INS_688c22e0.TMP
c:\users\Hermann\AppData\Local\Temp\INS_73c2be8f.TMP
c:\users\Hermann\AppData\Local\Temp\nvSCPAPI.dll
c:\users\Hermann\AppData\Local\Temp\nvSCPAPI64.dll
c:\users\Hermann\GamersGoMakers.exe
c:\users\Hermann\xobglu32.dll
c:\windows\capsys184523.log
c:\windows\IsUn0407.exe
c:\windows\security\logs\scecomp.log
c:\windows\SysWow64\miccyhook.dll
c:\windows\SysWow64\SET1A0E.tmp
c:\windows\SysWow64\SET5B7.tmp
c:\windows\SysWow64\SETCFD.tmp
c:\windows\windefendam.log
F:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-08-01 bis 2015-09-01 ))))))))))))))))))))))))))))))
.
.
2015-09-01 12:07 . 2015-09-01 12:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-09-01 04:01 . 2015-08-25 14:08 574072 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-09-01 04:00 . 2015-09-01 04:00 -------- d-----w- c:\windows\LastGood
2015-09-01 00:59 . 2015-09-01 00:59 -------- d-----w- c:\users\Hermann\AppData\Roaming\Octane
2015-09-01 00:59 . 2015-09-01 00:59 -------- d-----w- c:\users\Hermann\AppData\Local\Game.exe_Url_snvcmaaeno2wmkw21ojsmc2vhaeghmtz
2015-08-31 20:58 . 2015-09-01 11:32 -------- d-----w- c:\users\Hermann\AppData\Roaming\uTorrent
2015-08-31 09:44 . 2015-08-31 09:46 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-08-31 03:11 . 2015-08-31 03:11 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{580130E7-8361-4273-B548-D4B917AC68A5}\offreg.2840.dll
2015-08-31 03:09 . 2015-07-31 09:21 11745192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{580130E7-8361-4273-B548-D4B917AC68A5}\mpengine.dll
2015-08-30 15:19 . 2015-08-30 15:22 -------- d-----w- C:\FRST
2015-08-30 09:20 . 2015-08-30 09:20 -------- d-----w- c:\users\Hermann\AppData\Roaming\uplay
2015-08-25 11:28 . 2015-08-28 20:02 -------- d-----w- c:\users\Hermann\AppData\Local\Warframe
2015-08-22 21:55 . 2015-08-11 04:52 69416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-08-22 21:55 . 2015-08-11 04:52 50472 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-08-19 21:02 . 2015-08-28 23:24 -------- d-----w- c:\program files (x86)\Overwolf
2015-08-19 21:02 . 2015-08-27 11:22 -------- d-----w- c:\program files (x86)\Common Files\Overwolf
2015-08-19 21:01 . 2015-08-19 21:02 -------- d-----w- c:\programdata\Overwolf
2015-08-19 21:01 . 2015-08-30 06:24 -------- d-----w- c:\users\Hermann\AppData\Local\Overwolf
2015-08-14 15:14 . 2015-08-16 19:33 -------- d-----w- c:\users\Hermann\AppData\Roaming\Tropico 5
2015-08-13 16:35 . 2015-08-07 11:06 1558832 ----a-w- c:\windows\system32\nvdispgenco6435560.dll
2015-08-13 16:35 . 2015-08-07 11:06 1898104 ----a-w- c:\windows\system32\nvdispco6435560.dll
2015-08-10 10:29 . 2015-08-10 10:30 -------- d-----w- c:\program files\Virtual Audio Cable
2015-08-10 10:29 . 2015-08-10 10:29 98464 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2015-08-10 10:25 . 2015-08-10 10:25 -------- d-----w- c:\program files\Mega-Nerd
2015-08-09 06:41 . 2015-08-14 01:05 -------- d-----w- c:\users\Hermann\AppData\Roaming\Tropico 3
2015-08-04 11:30 . 2015-01-06 16:22 4800000 ----a-w- c:\programdata\Microsoft\Windows\Templates\Bloody5\Setup.exe
2015-08-04 11:29 . 2015-08-04 11:30 -------- d-----w- c:\program files (x86)\Bloody5
2015-08-03 22:00 . 2015-08-03 22:00 -------- d-----w- c:\program files (x86)\MSECache
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-01 11:31 . 2014-11-08 11:18 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-31 09:42 . 2014-11-08 11:18 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-27 00:37 . 2014-11-08 11:29 1423120 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-08-27 00:37 . 2014-11-08 11:29 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-08-27 00:36 . 2014-11-08 11:29 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-08-27 00:36 . 2014-11-08 11:29 1710568 ----a-w- c:\windows\system32\nvspcap64.dll
2015-08-25 18:46 . 2015-06-22 22:28 17082392 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-08-25 18:46 . 2015-06-13 12:44 3112904 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-08-25 18:46 . 2015-03-02 02:48 14635792 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-08-25 18:46 . 2014-11-09 20:02 112760 ----a-w- c:\windows\system32\OpenCL.dll
2015-08-25 18:46 . 2014-11-09 20:02 105264 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-08-25 18:46 . 2014-11-09 19:55 3527696 ----a-w- c:\windows\system32\nvapi64.dll
2015-08-25 18:46 . 2014-11-09 19:55 12515016 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-08-25 14:24 . 2014-11-09 20:02 937776 ----a-w- c:\windows\system32\nvvsvc.exe
2015-08-25 14:24 . 2014-11-09 20:02 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-08-25 14:24 . 2014-11-09 20:02 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-08-25 14:24 . 2014-11-09 20:02 3496752 ----a-w- c:\windows\system32\nvsvc64.dll
2015-08-25 14:24 . 2014-11-09 20:02 2558584 ----a-w- c:\windows\system32\nvsvcr.dll
2015-08-25 14:24 . 2014-11-09 20:02 6884984 ----a-w- c:\windows\system32\nvcpl.dll
2015-08-25 12:35 . 2014-11-09 20:02 5165808 ----a-w- c:\windows\system32\nvcoproc.bin
2015-08-12 02:27 . 2014-11-08 19:20 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-12 02:27 . 2014-11-08 19:20 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-11 04:52 . 2014-11-08 11:22 72504 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-08-10 10:25 . 2014-12-03 10:43 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2015-08-10 10:25 . 2014-12-03 10:43 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2015-08-10 10:25 . 2014-12-03 10:43 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2015-08-10 10:25 . 2014-12-03 10:43 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2015-08-07 11:06 . 2015-06-22 22:28 17124832 ----a-w- c:\windows\system32\SET55.tmp
2015-08-07 11:06 . 2014-11-09 19:55 3518248 ----a-w- c:\windows\system32\SETDE67.tmp
2015-08-06 18:15 . 2015-03-21 17:51 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-08-06 18:15 . 2014-12-22 23:53 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-08-06 18:04 . 2014-12-22 23:53 226680 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-08-02 17:29 . 2014-12-22 23:53 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2015-07-24 16:49 . 2015-07-24 16:49 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2015-07-23 04:06 . 2015-08-01 18:14 1898128 ----a-w- c:\windows\system32\nvdispco6435362.dll
2015-07-23 04:06 . 2015-08-01 18:14 1557648 ----a-w- c:\windows\system32\nvdispgenco6435362.dll
2015-07-15 03:19 . 2015-07-24 21:42 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-15 03:19 . 2015-07-24 21:42 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-15 03:19 . 2015-07-24 21:42 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-15 03:19 . 2015-07-24 21:42 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-15 02:55 . 2015-07-24 21:42 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-15 02:55 . 2015-07-24 21:42 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-15 02:55 . 2015-07-24 21:42 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-15 02:54 . 2015-07-24 21:42 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-15 01:59 . 2015-07-24 21:42 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-15 01:52 . 2015-07-24 21:42 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-07-12 04:32 . 2015-07-11 23:40 4096 ----a-w- c:\windows\SysWow64\drivers\nocashio.sys
2015-07-09 17:59 . 2015-07-16 11:03 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-09 17:58 . 2015-07-16 11:03 37888 ----a-w- c:\windows\system32\wups2.dll
2015-07-09 17:58 . 2015-07-16 11:03 36864 ----a-w- c:\windows\system32\wups.dll
2015-07-09 17:58 . 2015-07-16 11:03 192000 ----a-w- c:\windows\system32\wuwebv.dll
2015-07-09 17:58 . 2015-07-16 11:03 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-07-09 17:58 . 2015-07-16 11:03 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-07-09 17:58 . 2015-07-16 11:03 3154944 ----a-w- c:\windows\system32\wucltux.dll
2015-07-09 17:58 . 2015-07-16 11:03 2603008 ----a-w- c:\windows\system32\wuaueng.dll
2015-07-09 17:58 . 2015-07-16 11:03 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-09 17:58 . 2015-07-16 11:03 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-07-09 17:58 . 2015-07-16 11:03 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-09 17:58 . 2015-07-16 11:03 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-09 17:58 . 2015-07-16 11:03 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-07-09 17:58 . 2015-07-16 11:03 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-09 17:58 . 2015-07-16 11:03 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-09 17:58 . 2015-07-16 11:03 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-09 17:58 . 2015-07-16 11:03 37376 ----a-w- c:\windows\system32\wuapp.exe
2015-07-09 17:58 . 2015-07-16 11:03 139776 ----a-w- c:\windows\system32\wuauclt.exe
2015-07-09 17:50 . 2015-07-16 11:03 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-09 17:43 . 2015-07-16 11:03 93184 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-07-09 17:43 . 2015-07-16 11:03 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-07-09 17:43 . 2015-07-16 11:03 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-07-09 17:43 . 2015-07-16 11:03 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-07-09 17:42 . 2015-07-16 11:03 34816 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-07-04 18:07 . 2015-07-16 11:03 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-04 17:48 . 2015-07-16 11:03 1414656 ----a-w- c:\windows\SysWow64\ole32.dll
2015-07-03 06:43 . 2014-11-09 09:21 130333168 ----a-w- c:\windows\system32\MRT.exe
2015-07-02 21:08 . 2015-07-16 11:03 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-07-02 20:49 . 2015-07-16 11:03 25193984 ----a-w- c:\windows\system32\mshtml.dll
2015-07-02 20:40 . 2015-07-16 11:03 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-07-02 20:23 . 2015-07-16 11:03 2885632 ----a-w- c:\windows\system32\iertutil.dll
2015-07-02 20:12 . 2015-07-16 11:03 615936 ----a-w- c:\windows\system32\ieui.dll
2015-07-02 19:20 . 2015-07-16 11:03 14453248 ----a-w- c:\windows\system32\ieframe.dll
2015-07-02 18:59 . 2015-07-16 11:03 1545728 ----a-w- c:\windows\system32\urlmon.dll
2015-07-01 20:56 . 2015-07-16 11:03 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-07-01 20:56 . 2015-07-16 11:03 155584 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-07-01 20:49 . 2015-07-16 11:03 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-07-01 20:49 . 2015-07-16 11:03 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-07-01 20:49 . 2015-07-16 11:03 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-07-01 20:49 . 2015-07-16 11:03 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-07-01 20:49 . 2015-07-16 11:03 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-01 20:49 . 2015-07-16 11:03 28160 ----a-w- c:\windows\system32\secur32.dll
2015-07-01 20:49 . 2015-07-16 11:03 1216512 ----a-w- c:\windows\system32\rpcrt4.dll
2015-07-01 20:49 . 2015-07-16 11:03 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-07-01 20:49 . 2015-07-16 11:03 315392 ----a-w- c:\windows\system32\msv1_0.dll
2015-07-01 20:49 . 2015-07-16 11:03 729088 ----a-w- c:\windows\system32\kerberos.dll
2015-07-01 20:49 . 2015-07-16 11:03 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-07-01 20:48 . 2015-07-16 11:03 44032 ----a-w- c:\windows\system32\cryptbase.dll
2015-07-01 20:48 . 2015-07-16 11:03 22016 ----a-w- c:\windows\system32\credssp.dll
2015-07-01 20:47 . 2015-07-16 11:03 31232 ----a-w- c:\windows\system32\lsass.exe
2015-07-01 20:47 . 2015-07-16 11:03 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-07-01 20:43 . 2015-07-16 11:03 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-07-01 20:43 . 2015-07-16 11:03 146432 ----a-w- c:\windows\system32\msaudite.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="f:\programme\Steam\steam.exe" [2015-08-19 2899136]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2012-08-16 3333632]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Bloody2"="c:\program files (x86)\Bloody5\Bloody5\Bloody5.exe" [2015-06-16 18923008]
"Overwolf"="c:\program files (x86)\Overwolf\Overwolf.exe" [2015-07-19 41200]
"uTorrent"="c:\users\Hermann\AppData\Roaming\uTorrent\uTorrent.exe" [2015-08-31 1699936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Lightshot"="c:\program files (x86)\Skillbrains\lightshot\Lightshot.exe" [2014-11-18 226560]
"Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-08-10 1811800]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-06-25 5515496]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2014-03-06 6421592]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-10 1105848]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"StereoLinksInstall"="c:\program files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" [2015-08-25 1067128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"BlueStacks Agent"=c:\program files (x86)\BlueStacks\HD-Agent.exe
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys;c:\windows\SYSNATIVE\DRIVERS\aswTap.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
R3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Origin Client Service;Origin Client Service;f:\programme\Origin\OriginClientService.exe;f:\programme\Origin\OriginClientService.exe [x]
R3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 SpotfluxConnectionManager;Spotflux Connection Manager;c:\program files (x86)\Spotflux\services\SpotfluxConnectionManager.exe;c:\program files (x86)\Spotflux\services\SpotfluxConnectionManager.exe [x]
R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S3 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S3 easytether;EasyTether Network Adapter;c:\windows\system32\DRIVERS\easytthr.sys;c:\windows\SYSNATIVE\DRIVERS\easytthr.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tapSF0901;Spotflux Virtual Network Device Driver;c:\windows\system32\DRIVERS\tapSF0901.sys;c:\windows\SYSNATIVE\DRIVERS\tapSF0901.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 94899380
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - 94899380
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-22 06:58 993608 ----a-w- c:\program files (x86)\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-08 02:27]
.
2015-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30 11:52]
.
2015-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30 11:52]
.
2015-07-12 c:\windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
- c:\program files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-05-15 13:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-06-24 10:45 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-27 2634872]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-08-27 1710568]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-02-15 516928]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Trusted Zone: vizzed.com\www
TCP: DhcpNameServer = 83.169.184.33 83.169.184.97
FF - ProfilePath - c:\users\Hermann\AppData\Roaming\Mozilla\Firefox\Profiles\34052ydq.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-1207664883_is1 - h:\gog games\Gods Will Be Watching\unins000.exe
AddRemove-1207666333_is1 - h:\gog games\Dead State\unins000.exe
AddRemove-ANNO 1602 Königs-Edition - c:\windows\IsUn0407.exe
AddRemove-Cultures2 - c:\windows\IsUn0407.exe
AddRemove-Farming World_is1 - h:\programme\Farming World\unins000.exe
AddRemove-GOGPACKANSTARTOPIA_is1 - h:\gog games\StarTopia\unins000.exe
AddRemove-GOGPACKEMPIREEARTHGOLD_is1 - h:\gog games\Empire Earth Gold Edition\unins000.exe
AddRemove-GOGPACKXENONAUTS_is1 - c:\gog games\Xenonauts\unins000.exe
AddRemove-GT Interactive - Driver - c:\windows\IsUn0407.exe
AddRemove-Hatred MULTi9 1.0 - h:\programme\Hatred\Uninstall.exe
AddRemove-Lionheart_is1 - h:\programme\Lionheart\unins000.exe
AddRemove-NjBTZWNvbmRz_is1 - h:\programme\60 Seconds\unins000.exe
AddRemove-Opera 30.0.1835.59 - h:\programme\Opera\Launcher.exe
AddRemove-Revolver's Wings Of War - h:\programme\Wings of War\Uninstal.exe
AddRemove-Steam App 115210 - h:\programme\Steam\steam.exe
AddRemove-Steam App 12100 - h:\programme\Steam\steam.exe
AddRemove-Steam App 12470 - h:\programme\Steam\steam.exe
AddRemove-Steam App 200510 - h:\programme\Steam\steam.exe
AddRemove-Steam App 203140 - h:\programme\Steam\steam.exe
AddRemove-Steam App 204560 - h:\programme\Steam\steam.exe
AddRemove-Steam App 20540 - h:\programme\Steam\steam.exe
AddRemove-Steam App 205610 - h:\programme\Steam\steam.exe
AddRemove-Steam App 211820 - h:\programme\Steam\steam.exe
AddRemove-Steam App 212680 - h:\programme\Steam\steam.exe
AddRemove-Steam App 214560 - h:\programme\Steam\steam.exe
AddRemove-Steam App 219780 - h:\programme\Steam\steam.exe
AddRemove-Steam App 220 - h:\programme\Steam\steam.exe
AddRemove-Steam App 226120 - h:\programme\Steam\steam.exe
AddRemove-Steam App 227300 - h:\programme\Steam\steam.exe
AddRemove-Steam App 231140 - h:\programme\Steam\steam.exe
AddRemove-Steam App 23490 - h:\programme\Steam\steam.exe
AddRemove-Steam App 239820 - h:\programme\Steam\steam.exe
AddRemove-Steam App 240 - h:\programme\Steam\steam.exe
AddRemove-Steam App 241540 - h:\programme\Steam\steam.exe
AddRemove-Steam App 24240 - h:\programme\Steam\steam.exe
AddRemove-Steam App 246090 - h:\programme\Steam\steam.exe
AddRemove-Steam App 24780 - h:\programme\Steam\steam.exe
AddRemove-Steam App 253710 - h:\programme\Steam\steam.exe
AddRemove-Steam App 253980 - h:\programme\Steam\steam.exe
AddRemove-Steam App 254000 - h:\programme\Steam\steam.exe
AddRemove-Steam App 254020 - h:\programme\Steam\steam.exe
AddRemove-Steam App 254040 - h:\programme\Steam\steam.exe
AddRemove-Steam App 254060 - h:\programme\Steam\steam.exe
AddRemove-Steam App 277430 - h:\programme\Steam\steam.exe
AddRemove-Steam App 27940 - h:\programme\Steam\steam.exe
AddRemove-Steam App 295110 - h:\programme\Steam\steam.exe
AddRemove-Steam App 30 - h:\programme\Steam\steam.exe
AddRemove-Steam App 300 - h:\programme\Steam\steam.exe
AddRemove-Steam App 305390 - h:\programme\Steam\steam.exe
AddRemove-Steam App 310380 - h:\programme\Steam\steam.exe
AddRemove-Steam App 33520 - h:\programme\Steam\steam.exe
AddRemove-Steam App 34010 - h:\programme\Steam\steam.exe
AddRemove-Steam App 346370 - h:\programme\Steam\steam.exe
AddRemove-Steam App 346900 - h:\programme\Steam\steam.exe
AddRemove-Steam App 351800 - h:\programme\Steam\steam.exe
AddRemove-Steam App 380 - h:\programme\Steam\steam.exe
AddRemove-Steam App 4000 - h:\programme\Steam\steam.exe
AddRemove-Steam App 41000 - h:\programme\Steam\steam.exe
AddRemove-Steam App 41010 - h:\programme\Steam\steam.exe
AddRemove-Steam App 420 - h:\programme\Steam\steam.exe
AddRemove-Steam App 42700 - h:\programme\Steam\steam.exe
AddRemove-Steam App 42710 - h:\programme\Steam\steam.exe
AddRemove-Steam App 440 - h:\programme\Steam\steam.exe
AddRemove-Steam App 4560 - h:\programme\Steam\steam.exe
AddRemove-Steam App 46230 - h:\programme\Steam\steam.exe
AddRemove-Steam App 46370 - h:\programme\Steam\steam.exe
AddRemove-Steam App 4850 - h:\programme\Steam\steam.exe
AddRemove-Steam App 57740 - h:\programme\Steam\steam.exe
AddRemove-Steam App 58610 - h:\programme\Steam\steam.exe
AddRemove-Steam App 6000 - h:\programme\Steam\steam.exe
AddRemove-Steam App 6060 - h:\programme\Steam\steam.exe
AddRemove-Steam App 65540 - h:\programme\Steam\steam.exe
AddRemove-Steam App 6860 - h:\programme\Steam\steam.exe
AddRemove-Steam App 70100 - h:\programme\Steam\steam.exe
AddRemove-Steam App 70110 - h:\programme\Steam\steam.exe
AddRemove-Steam App 70120 - h:\programme\Steam\steam.exe
AddRemove-Steam App 71230 - h:\programme\Steam\steam.exe
AddRemove-Steam App 9340 - h:\programme\Steam\steam.exe
AddRemove-Steam App 96100 - h:\programme\Steam\steam.exe
AddRemove-The Good Life_is1 - h:\programme\goodlife\unins000.exe
AddRemove-{024D0ADC-6846-4B7A-B12F-D571DF826068}}_is1 - h:\programme\Aftermath\unins000.exe
AddRemove-{2BB114DA-C718-45FE-8AB9-DEFFF0EA5569}_is1 - h:\programme\Grand Theft Auto San Andreas\unins000.exe
AddRemove-{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1 - c:\program files (x86)\This War of Mine\unins000.exe
AddRemove-SOE-PlanetSide 2 - h:\programme\Steam\steamapps\common\PlanetSide 2\Uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3540704453-1494989713-834082015-1000\Software\SecuROM\License information*]
"datasecu"=hex:25,a8,eb,1a,23,63,75,8a,5f,5f,ad,bc,bb,2b,8e,14,f0,b4,93,11,73,
2e,b8,be,12,d6,16,89,74,cb,c1,c3,62,e8,8e,02,b9,bb,d1,4f,be,0a,b5,d2,5a,62,\
"rkeysecu"=hex:51,0f,74,16,a9,b8,a7,32,76,2f,eb,b2,58,a2,81,5f
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-09-01 14:09:20
ComboFix-quarantined-files.txt 2015-09-01 12:09
.
Vor Suchlauf: 12 Verzeichnis(se), 220.049.174.528 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 223.599.734.784 Bytes frei
.
- - End Of File - - 5176F29B653558850E68A07C39A4CFDB
605D514C0EB9E594ECCDE224382C660C
|
|
01.09.2015, 18:01
| #10 |
| /// the machine /// TB-Ausbilder | Schwarzer Bildschirm danach seltsame Meldung Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.09.2015, 02:12
| #11 |
| | Schwarzer Bildschirm danach seltsame Meldung Guten Tag. Hier die Logs. Sieht so aus als ob nichts großartig gefunden wurde. Der Malwarebytes log: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.09.2015 Suchlaufzeit: 23:12 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.01.06 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Hermann Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 397119 Abgelaufene Zeit: 10 Min., 16 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 01/09/2015 um 23:34:30
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-08-31.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Hermann - COMPUTER
# Gestartet von : C:\Users\Hermann\Desktop\AdwCleaner_5.005.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\browser.exe
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [893 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Professional x64
Ran by Hermann on 01.09.2015 at 23:45:17,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013
Successfully deleted: [Task] C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\TuneUp Undelete
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Hermann\AppData\Roaming\mozilla\firefox\profiles\34052ydq.default\extensions\staged
Emptied folder: C:\Users\Hermann\AppData\Roaming\mozilla\firefox\profiles\34052ydq.default\minidumps [1 files]
~~~ Chrome
[C:\Users\Hermann\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Hermann\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Hermann\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Hermann\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.09.2015 at 23:48:32,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015 durchgeführt von Hermann (Administrator) auf COMPUTER (01-09-2015 23:56:00) Gestartet von C:\Users\Hermann\Desktop Geladene Profile: Hermann (Verfügbare Profile: Hermann) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Opera) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Valve Corporation) F:\Programme\Steam\Steam.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Valve Corporation) F:\Programme\Steam\bin\steamwebhelper.exe (Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Opera Software) F:\Programme\Opera\31.0.1889.174\opera_crashreporter.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Piotr Pawlowski) C:\Program Files (x86)\foobar2000\foobar2000.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper64.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [Logitech G35] => C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-08-10] (Logitech(c)) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-25] (Avast Software s.r.o.) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6421592 2014-03-06] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [Steam] => F:\Programme\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation) HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] () HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [18923008 2015-06-16] () HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-19] (Overwolf LTD) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-24] (Avast Software s.r.o.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97 Tcpip\..\Interfaces\{CDAAC6D2-322B-4A0A-A934-F4E359FA0B50}: [DhcpNameServer] 83.169.184.33 83.169.184.97 Tcpip\..\Interfaces\{F644497B-F1B1-4056-92A5-E3E0EE771A09}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3540704453-1494989713-834082015-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-25] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-24] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-25] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-25] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-24] (Avast Software s.r.o.) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-25] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Hermann\AppData\Roaming\Mozilla\Firefox\Profiles\34052ydq.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation) FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2015-02-22] (Reto-Moto ApS) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.) FF Plugin-x32: @vizzed.com/VizzedRGR -> C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll [2013-01-11] (Vizzed.com) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3540704453-1494989713-834082015-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-28] () FF Extension: Advanced Cookie Manager - C:\Users\Hermann\AppData\Roaming\Mozilla\Firefox\Profiles\34052ydq.default\Extensions\cookiemgr@jayapal.com [2015-02-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-23] Chrome: ======= CHR Profile: C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-30] CHR Extension: (Google Docs) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-30] CHR Extension: (Google Drive) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-30] CHR Extension: (YouTube) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-30] CHR Extension: (APK Downloader) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2015-07-30] CHR Extension: (Google Search) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-30] CHR Extension: (Google Sheets) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-30] CHR Extension: (Avast Online Security) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-30] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-30] CHR Extension: (Chrome Web Store Payments) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30] CHR Extension: (Gmail) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-30] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-15] Opera: ======= OPR Extension: (mypermissions) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\abcaompdicgopneodlnpdoghdkgmfmnb [2015-01-29] OPR Extension: (Adguard) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2014-11-08] OPR Extension: (ZenMate for Opera™) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhbkkedmelfmalgjpkngiaoifpdfcnl [2015-03-12] OPR Extension: (HTTPS Everywhere) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2015-01-29] OPR Extension: (weboftrust) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2014-11-13] OPR Extension: (jdavid214) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2014-11-13] OPR Extension: (sarahavilov) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\njnemcgegcggpnfiamegohgfagecldcg [2014-11-13] OPR Extension: (Magic Actions for YouTube™) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlffnljnicbkfhnlomjhjlebndachaka [2015-02-21] StartMenuInternet: (HKLM) OperaStable - F:\Programme\Opera\Launcher.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-24] (Avast Software s.r.o.) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-24] (Avast Software s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-07-22] () S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.) S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2015-01-18] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S3 Origin Client Service; F:\Programme\Origin\OriginClientService.exe [2007048 2015-07-25] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-07-24] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-08-02] () S4 SpotfluxConnectionManager; C:\Program Files (x86)\Spotflux\services\SpotfluxConnectionManager.exe [105472 2015-01-23] (Spotflux) [Datei ist nicht signiert] S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5400848 2014-11-03] (TeamViewer GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-24] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-06-24] (Avast Software s.r.o.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-24] (Avast Software s.r.o.) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-06-24] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-24] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-24] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-24] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-24] (Avast Software s.r.o.) S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-11-08] (The OpenVPN Project) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-24] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-05-25] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-11] (Disc Soft Ltd) R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [22728 2015-05-04] (Mobile Stream) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech) R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-05-25] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 nocashio; C:\Windows\SysWOW64\drivers\nocashio.sys [4096 2015-07-12] () [Datei ist nicht signiert] R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) R3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-03-10] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-03-10] (Acronis) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-05-15] (TuneUp Software) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-03-10] (Acronis International GmbH) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-01 23:48 - 2015-09-01 23:48 - 00001920 _____ C:\Users\Hermann\Desktop\JRT.txt 2015-09-01 23:44 - 2015-09-01 23:44 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Hermann\Desktop\JRT76.exe 2015-09-01 23:43 - 2015-09-01 23:43 - 00000971 _____ C:\Users\Hermann\Desktop\AdwCleaner[C2].txt 2015-09-01 23:30 - 2015-09-01 23:30 - 00001205 _____ C:\Users\Hermann\Desktop\mbam.txt 2015-09-01 23:13 - 2015-09-01 23:13 - 01654272 _____ C:\Users\Hermann\Desktop\AdwCleaner_5.005.exe 2015-09-01 17:20 - 2015-09-01 17:26 - 00000000 ____D C:\Users\Hermann\Desktop\Neuer Ordner (3) 2015-09-01 14:09 - 2015-09-01 14:09 - 00033704 _____ C:\ComboFix.txt 2015-09-01 13:32 - 2015-09-01 14:09 - 00000000 ____D C:\Qoobox 2015-09-01 13:32 - 2015-09-01 14:09 - 00000000 ____D C:\ComboFix 2015-09-01 13:32 - 2015-09-01 14:08 - 00000000 ____D C:\Windows\erdnt 2015-09-01 13:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-09-01 13:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-09-01 13:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-09-01 13:26 - 2015-09-01 13:26 - 05635829 ____R (Swearware) C:\Users\Hermann\Desktop\ComboFix.exe 2015-09-01 06:01 - 2015-08-25 16:08 - 00574072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-09-01 05:58 - 2015-08-25 20:46 - 42840368 _____ C:\Windows\system32\nvcompiler.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 37819184 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 22525560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 18543736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 16637336 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 15512888 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 14936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 13661160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 12185152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 11089200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-09-01 05:58 - 2015-08-25 20:46 - 02940720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 02627704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435582.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435582.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01106672 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01075320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01064752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00986232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00945456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00944736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00512904 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00364336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-09-01 02:59 - 2015-09-01 02:59 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Octane 2015-09-01 02:59 - 2015-09-01 02:59 - 00000000 ____D C:\Users\Hermann\AppData\Local\Game.exe_Url_snvcmaaeno2wmkw21ojsmc2vhaeghmtz 2015-09-01 00:10 - 2015-09-01 00:11 - 137098809 _____ C:\Users\Hermann\Desktop\Aria _ Armageddon _ Full Album _ Ария _ Армагеддон.mp4 2015-08-31 22:58 - 2015-09-01 23:43 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\uTorrent 2015-08-31 22:58 - 2015-08-31 22:58 - 00002649 _____ C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-08-31 12:38 - 2015-08-31 12:42 - 00000000 ____D C:\Users\Hermann\Desktop\Neuer Ordner (2) 2015-08-31 11:44 - 2015-08-31 11:46 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-08-31 11:42 - 2015-08-31 12:11 - 00000000 ____D C:\Users\Hermann\Desktop\Neuer Ordner 2015-08-31 03:31 - 2015-08-31 03:31 - 00000000 ____D C:\Users\Hermann\Desktop\TeamSpeak 3 v3.0.17 [www.boerse.to] 2015-08-31 03:30 - 2015-08-31 03:30 - 13318710 _____ C:\Users\Hermann\Desktop\TeamSpeak v3.0.18 Build 57 [www.boerse.to].rar 2015-08-31 03:29 - 2015-08-31 03:29 - 39833027 _____ C:\Users\Hermann\Desktop\TeamSpeak 3 v3.0.17 [www.boerse.to].rar 2015-08-31 03:29 - 2015-08-31 03:29 - 13320240 _____ C:\Users\Hermann\Desktop\TeamSpeak 3 v3.0.18.rar 2015-08-30 17:21 - 2015-09-01 23:56 - 00022061 _____ C:\Users\Hermann\Desktop\FRST.txt 2015-08-30 17:21 - 2015-08-30 17:22 - 00116740 _____ C:\Users\Hermann\Desktop\Addition.txt 2015-08-30 17:20 - 2015-09-01 23:55 - 00000000 ____D C:\Users\Hermann\Desktop\FRST-OlderVersion 2015-08-30 17:19 - 2015-09-01 23:56 - 00000000 ____D C:\FRST 2015-08-30 12:04 - 2015-09-01 23:55 - 02188800 _____ (Farbar) C:\Users\Hermann\Desktop\FRST64.exe 2015-08-30 11:22 - 2015-07-23 10:30 - 27893155 _____ C:\Users\Hermann\Desktop\Bunker Constructor v1.0.apk 2015-08-30 11:20 - 2015-08-30 11:20 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\uplay 2015-08-29 22:46 - 2015-08-29 22:46 - 01751231 _____ C:\Users\Hermann\videoplayback.m4a 2015-08-26 04:43 - 2015-08-26 04:43 - 00000000 _____ C:\Windows\setuperr.log 2015-08-25 13:28 - 2015-08-28 22:02 - 00000000 ____D C:\Users\Hermann\AppData\Local\Warframe 2015-08-23 07:02 - 2015-08-23 07:02 - 00381192 _____ C:\Windows\Minidump\082315-19141-01.dmp 2015-08-22 23:55 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-08-22 23:55 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-08-19 23:02 - 2015-08-29 01:24 - 00000000 ____D C:\Program Files (x86)\Overwolf 2015-08-19 23:02 - 2015-08-19 23:02 - 00003728 _____ C:\Windows\System32\Tasks\Overwolf Updater Task 2015-08-19 23:02 - 2015-08-19 23:02 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2015-08-19 23:01 - 2015-09-01 23:52 - 00000000 ____D C:\Users\Hermann\AppData\Local\Overwolf 2015-08-19 23:01 - 2015-08-19 23:02 - 00000000 ____D C:\ProgramData\Overwolf 2015-08-18 10:54 - 2015-08-23 07:02 - 1230775025 _____ C:\Windows\MEMORY.DMP 2015-08-14 17:14 - 2015-08-16 21:33 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Tropico 5 2015-08-14 14:33 - 2015-08-14 14:33 - 00042813 _____ C:\GF_Excpt.txt 2015-08-14 13:55 - 2015-08-14 14:05 - 00000000 ____D C:\Users\Hermann\Documents\corleone 2015-08-13 19:08 - 2015-08-14 20:20 - 00000000 ____D C:\Users\Hermann\Desktop\Fallout Shelter v1.1 [Mod] 2015-08-13 18:35 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll 2015-08-11 00:54 - 2015-08-11 00:54 - 00009541 _____ C:\Users\Hermann\Documents\0.Shelter_150805.CT 2015-08-10 21:57 - 2015-08-10 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sheltered 2015-08-10 12:29 - 2015-08-10 12:30 - 00000000 ____D C:\Program Files\Virtual Audio Cable 2015-08-10 12:29 - 2015-08-10 12:29 - 00098464 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2015-08-10 12:29 - 2015-08-10 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2015-08-10 12:25 - 2015-08-10 12:25 - 00000000 ____D C:\Program Files\Mega-Nerd 2015-08-10 12:23 - 2015-08-10 12:23 - 00000149 _____ C:\Users\Hermann\f.hls 2015-08-10 10:03 - 2015-08-10 10:03 - 00034223 _____ C:\Windows\SysWOW64\hs_err_pid2856.log 2015-08-09 21:05 - 2015-08-09 21:05 - 00000340 _____ C:\Users\Hermann\Documents\Bloody_9B5E5131.bld 2015-08-09 08:41 - 2015-08-14 03:05 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Tropico 3 2015-08-04 13:30 - 2015-08-04 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody 2015-08-04 13:29 - 2015-08-04 13:30 - 00000000 ____D C:\Program Files (x86)\Bloody5 2015-08-04 00:00 - 2015-08-04 00:00 - 00002713 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk 2015-08-04 00:00 - 2015-08-04 00:00 - 00000000 ____D C:\Program Files (x86)\MSECache 2015-08-04 00:00 - 2015-08-04 00:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-08-03 23:49 - 2015-08-03 23:49 - 00000000 ____D C:\Users\Hermann\Documents\DIE SIEDLER - DEdK 2015-08-03 23:31 - 2015-08-03 23:31 - 00000000 ____D C:\Users\Hermann\Documents\Egosoft 2015-08-03 15:54 - 2015-08-03 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X Rebirth ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-01 23:55 - 2014-11-08 13:05 - 00000000 ____D C:\Program Files (x86)\Opera 2015-09-01 23:53 - 2015-07-16 16:42 - 00000432 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-09-01 23:52 - 2014-11-11 17:25 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\foobar2000 2015-09-01 23:52 - 2009-07-14 06:51 - 00081448 _____ C:\Windows\setupact.log 2015-09-01 23:51 - 2015-02-23 15:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-09-01 23:50 - 2015-07-30 13:52 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-01 23:49 - 2014-11-09 22:03 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-01 23:49 - 2014-11-08 12:48 - 01115403 _____ C:\Windows\WindowsUpdate.log 2015-09-01 23:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-01 23:49 - 2009-07-14 06:45 - 00031920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-01 23:49 - 2009-07-14 06:45 - 00031920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-01 23:40 - 2014-11-08 14:16 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\TS3Client 2015-09-01 23:38 - 2014-11-08 13:18 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-01 23:34 - 2015-06-20 23:06 - 00000000 ____D C:\AdwCleaner 2015-09-01 23:31 - 2015-02-01 13:51 - 05978624 ___SH C:\Users\Hermann\Desktop\Thumbs.db 2015-09-01 23:27 - 2014-11-08 21:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-01 23:06 - 2015-07-30 13:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-01 14:15 - 2014-11-08 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-09-01 14:12 - 2010-11-21 05:47 - 00971254 _____ C:\Windows\PFRO.log 2015-09-01 14:07 - 2014-11-08 12:59 - 00000000 ____D C:\Users\Hermann 2015-09-01 14:07 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2015-09-01 02:56 - 2014-11-08 13:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-31 23:31 - 2014-11-09 21:38 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\vlc 2015-08-31 21:45 - 2014-11-11 18:56 - 00000000 ____D C:\Users\Hermann\AppData\Local\JDownloader v2.0 2015-08-31 11:42 - 2014-11-08 13:18 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-31 11:41 - 2015-04-09 04:03 - 00038488 _____ C:\Users\Hermann\Documents\Lets Play Fallout 3 Part ##.veg 2015-08-31 00:54 - 2015-07-30 14:12 - 00000000 ____D C:\Users\Hermann\Downloads\apk-downloader 2015-08-30 17:19 - 2014-11-09 01:00 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\tropico 4 2015-08-30 11:33 - 2014-11-11 20:07 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-08-30 11:29 - 2015-06-01 00:31 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project 3 Interactive 2015-08-30 11:20 - 2014-11-08 20:33 - 00000000 ____D C:\Users\Hermann\Desktop\Ordner mit Krimskrams 2015-08-30 11:14 - 2014-11-08 13:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-30 01:25 - 2015-01-01 14:15 - 00015360 ___SH C:\Users\Hermann\Thumbs.db 2015-08-28 03:56 - 2014-12-04 09:38 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\OBS 2015-08-28 01:01 - 2015-07-30 13:52 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-28 01:01 - 2015-07-30 13:52 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-27 02:37 - 2014-11-08 13:29 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-08-27 02:37 - 2014-11-08 13:29 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-08-27 02:36 - 2014-11-08 13:29 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-08-27 02:36 - 2014-11-08 13:29 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-08-26 04:36 - 2014-11-12 03:06 - 00000000 ____D C:\Windows\Minidump 2015-08-25 20:46 - 2015-06-23 00:28 - 17082392 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-08-25 20:46 - 2015-06-13 14:44 - 03112904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-08-25 20:46 - 2015-03-02 04:48 - 14635792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-08-25 20:46 - 2014-11-09 22:02 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-08-25 20:46 - 2014-11-09 22:02 - 00105264 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-08-25 20:46 - 2014-11-09 21:55 - 12515016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-08-25 20:46 - 2014-11-09 21:55 - 03527696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-08-25 20:46 - 2014-11-09 21:55 - 00033025 _____ C:\Windows\system32\nvinfo.pb 2015-08-25 16:24 - 2014-11-09 22:02 - 06884984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-08-25 16:24 - 2014-11-09 22:02 - 03496752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-08-25 16:24 - 2014-11-09 22:02 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-08-25 16:24 - 2014-11-09 22:02 - 00937776 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-08-25 16:24 - 2014-11-09 22:02 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-08-25 16:24 - 2014-11-09 22:02 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-08-25 14:35 - 2014-11-09 22:02 - 05165808 _____ C:\Windows\system32\nvcoproc.bin 2015-08-25 13:29 - 2014-11-08 14:23 - 00493890 _____ C:\Windows\DirectX.log 2015-08-25 00:55 - 2015-04-09 04:03 - 00038488 _____ C:\Users\Hermann\Documents\Lets Play Fallout 3 Part ##.veg.bak 2015-08-23 00:12 - 2014-11-08 13:29 - 00000000 ____D C:\Users\Hermann\AppData\Local\NVIDIA Corporation 2015-08-20 16:02 - 2014-12-01 22:50 - 00000000 ____D C:\Users\Hermann\AppData\Local\ArmA 2 OA 2015-08-20 11:51 - 2014-11-12 03:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2015-08-19 22:57 - 2015-04-07 16:12 - 00000000 ____D C:\ProgramData\Zoom Player 2015-08-19 17:20 - 2015-06-18 11:46 - 00000000 ____D C:\Program Files (x86)\DayZLauncher 2015-08-19 14:14 - 2015-06-15 22:11 - 00003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434399095 2015-08-19 12:54 - 2014-11-08 22:30 - 00000000 ____D C:\Users\Hermann\Documents\Action! 2015-08-17 23:08 - 2014-11-11 22:18 - 00000000 ____D C:\Users\Hermann\AppData\Local\Windows Live 2015-08-14 17:44 - 2015-05-16 15:52 - 00000000 ____D C:\Program Files (x86)\BlueStacks 2015-08-14 14:26 - 2014-11-18 00:46 - 00000000 ____D C:\Users\Hermann\Desktop\Chhhiiita 2015-08-14 13:55 - 2014-11-10 11:52 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-08-14 12:22 - 2014-11-11 21:00 - 00000000 ____D C:\Windows\SysWOW64\directx 2015-08-13 18:57 - 2015-04-04 21:55 - 00000000 ____D C:\Users\Hermann\Desktop\Memecenter Bilder 2015-08-12 13:32 - 2014-12-11 12:31 - 00000000 ____D C:\ProgramData\Origin 2015-08-12 12:03 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-12 04:27 - 2014-11-08 21:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-12 04:27 - 2014-11-08 21:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-12 04:27 - 2014-11-08 21:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-11 22:49 - 2011-04-12 09:43 - 00713026 _____ C:\Windows\system32\perfh007.dat 2015-08-11 22:49 - 2011-04-12 09:43 - 00155796 _____ C:\Windows\system32\perfc007.dat 2015-08-11 22:49 - 2009-07-14 07:13 - 01661072 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-11 06:52 - 2014-11-08 13:22 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-08-11 03:41 - 2014-11-13 13:37 - 00000000 ____D C:\Users\Hermann\Documents\My Games 2015-08-11 03:40 - 2014-11-20 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-08-11 03:40 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-08-10 12:25 - 2014-12-03 12:43 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2015-08-10 12:25 - 2014-12-03 12:43 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2015-08-10 12:25 - 2014-12-03 12:43 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2015-08-10 12:25 - 2014-12-03 12:43 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2015-08-10 00:34 - 2014-12-04 09:38 - 00000000 ____D C:\Program Files (x86)\OBS 2015-08-08 08:55 - 2014-11-10 17:58 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Skype 2015-08-07 12:11 - 2015-07-26 14:35 - 00000000 ____D C:\Users\Hermann\AppData\Local\UnofficialWhatsApp 2015-08-07 12:11 - 2015-06-28 17:23 - 00001247 _____ C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unofficial WhatsApp.lnk 2015-08-07 10:19 - 2014-11-08 22:07 - 00033456 _____ C:\Users\Hermann\Documents\Lets Play War of the Roses Part ##.veg 2015-08-07 10:12 - 2014-11-08 22:07 - 00033456 _____ C:\Users\Hermann\Documents\Lets Play War of the Roses Part ##.veg.bak 2015-08-06 20:15 - 2015-03-21 19:51 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2015-08-06 20:15 - 2014-12-23 01:53 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2015-08-06 20:04 - 2014-12-23 01:53 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2015-08-05 12:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-08-05 11:32 - 2014-11-08 14:16 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-08-04 05:35 - 2014-11-09 21:21 - 00000000 ____D C:\Users\Hermann\SimpleJavaYoutubeUploader 2015-08-04 00:23 - 2015-04-14 01:56 - 00000000 ____D C:\Users\Hermann\Documents\Rockstar Games 2015-08-02 19:29 - 2014-12-23 01:53 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2015-08-02 19:23 - 2015-02-03 12:42 - 00000000 ____D C:\Users\Hermann\AppData\Local\PunkBuster ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-11-29 02:47 - 2014-11-29 02:48 - 222875441 _____ () C:\Users\Hermann\AppData\Roaming\.minecraft.rar 2014-11-21 20:42 - 2015-02-12 01:50 - 0000015 _____ () C:\Users\Hermann\AppData\Roaming\A.ce7911766fde05aca1083872e180532a2.resizer_settings 2015-04-27 05:30 - 2015-05-26 20:39 - 0000097 _____ () C:\Users\Hermann\AppData\Roaming\LauncherSettings_live.cfg 2015-04-27 04:41 - 2015-04-27 04:41 - 0008146 _____ () C:\Users\Hermann\AppData\Roaming\TheHunterSettings_live.bin 2015-04-27 04:40 - 2015-04-27 04:40 - 0000040 _____ () C:\Users\Hermann\AppData\Roaming\TheHunterSettings_steam_live.cfg 2015-04-07 16:05 - 2015-04-07 16:05 - 0004608 _____ () C:\Users\Hermann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-18 10:47 - 2015-03-18 10:47 - 0000000 ___SH () C:\Users\Hermann\AppData\Local\LumaEmu 2015-05-18 18:11 - 2015-06-24 22:06 - 0007608 _____ () C:\Users\Hermann\AppData\Local\Resmon.ResmonCfg 2014-11-08 13:51 - 2014-11-08 13:51 - 0000003 _____ () C:\Users\Hermann\AppData\Local\updater.log 2014-11-08 13:51 - 2015-04-23 21:25 - 0000424 _____ () C:\Users\Hermann\AppData\Local\UserProducts.xml 2015-04-19 20:16 - 2015-04-19 20:26 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip 2014-12-04 16:41 - 2014-12-04 16:41 - 0012391 _____ () C:\ProgramData\mptmqteo.hmi Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Hermann\AmazonMusicInstaller.exe C:\Users\Hermann\Vivaldi_TP_1.0.83.38.exe C:\Users\Hermann\xobglu16.dll Einige Dateien in TEMP: ==================== C:\Users\Hermann\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-01 06:39 ==================== Ende von FRST.txt ============================ Mir ist eben das gleiche passiert. Allerdings konnte ich mir jetzt wo ich es gesehen hab, erklären was es war... Der Grafikkartentreiber ist abgestürzt und daraufhin das Programm "Overwolf" und offenbar zieht es Overwolf vor etwas komische Crash-Meldungen abzuliefern.  Naja... Es ist... so gesehen nur ein Fehlalarm gewesen. Zum Glück. Laut den ganzen Scannern wurde jetzt auch nichts wirklich schlimmes gefunden oder? Ich bedanke mich jedenfalls für die Hilfe und Entschuldige mich. Mit freundlichen Grüßen Brille65. p.S falls die Logs doch noch was "schlimmeres" ergeben bin ich natürlich weiterhin für Hilfe offen |
|
02.09.2015, 18:05
| #12 |
| /// the machine /// TB-Ausbilder | Schwarzer Bildschirm danach seltsame Meldung Adware wurde gefunden, wir machen noch Kontrollscans. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.09.2015, 23:44
| #13 |
| | Schwarzer Bildschirm danach seltsame Meldung oh okay. Dann danke  Also hier der ESET Scan Gleich voraus die Sachen im Chiiita Ordner sind Trainer für spiele, und der Keybinder ist ein Keybinder für SAMP. Warum der als Virus angesehen weiß ich nicht. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=466d3ac0537e0f479a8269ab2e99dda9
# end=init
# utc_time=2015-09-02 05:08:45
# local_time=2015-09-02 07:08:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25568
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=466d3ac0537e0f479a8269ab2e99dda9
# end=updated
# utc_time=2015-09-02 05:11:55
# local_time=2015-09-02 07:11:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=466d3ac0537e0f479a8269ab2e99dda9
# engine=25568
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-02 07:36:29
# local_time=2015-09-02 09:36:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 24813 192852438 0 0
# scanned=643967
# found=9
# cleaned=0
# scan_time=8673
sh=24F994036EEDAED64C127DC8C26E0DFC1D3F0F99 ft=1 fh=ef5d4a377440bb23 vn="Variante von Win32/Tasks.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Hermann\AppData\Roaming\Updater\tasks.dll.vir"
sh=317C8280F957B89FA3DDC6CCADB455AA80614630 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner" ac=I fn="C:\Users\Hermann\allUpdatesCracked.rar"
sh=E4D938101B37698A340C5AEA0AD7785C22711DA6 ft=0 fh=0000000000000000 vn="Variante von MSIL/Packed.DotBundle.A verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\29975edcf283805e6796.zip"
sh=6C454DE0C142ADAD79DFCA7D8174FF26F11827B8 ft=0 fh=0000000000000000 vn="Variante von MSIL/Packed.DotBundle.A verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\GamersGoMakers v1.11 +120 TRAINER (1).zip"
sh=A3ED7FEF9760289B4331D8534E38F99E903118D6 ft=0 fh=0000000000000000 vn="Variante von MSIL/Packed.DotBundle.A verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\GamersGoMakers v1.11 +120 TRAINER.zip"
sh=3D0CBF6ADFB61E462E062485D53CA825FFDC4C1F ft=1 fh=a2046cb294622522 vn="Variante von MSIL/Packed.DotBundle.A verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\GamersGoMakers_CH.exe"
sh=54D0A80F6878910C1B2133FDD203D3E4F6A90E0D ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\Key Binder\Key Binder.rar"
sh=E793060D7C2035A558755B50312EB7E55D3890F3 ft=1 fh=08c01e9789a605f6 vn="Variante von Win32/Packed.Themida verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\Key Binder\Keybinder.exe"
sh=AD8EC21D5B0BDB41746B6156B6D706CF823FCA51 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida verdächtige Datei" ac=I fn="C:\Users\Hermann\Downloads\Key Binder.rar"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=466d3ac0537e0f479a8269ab2e99dda9
# end=init
# utc_time=2015-09-02 07:44:29
# local_time=2015-09-02 09:44:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25571
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=466d3ac0537e0f479a8269ab2e99dda9
# end=updated
# utc_time=2015-09-02 07:45:05
# local_time=2015-09-02 09:45:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=466d3ac0537e0f479a8269ab2e99dda9
# engine=25571
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-02 10:21:22
# local_time=2015-09-03 12:21:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 34707 192862332 0 0
# scanned=644191
# found=8
# cleaned=0
# scan_time=9376
sh=24F994036EEDAED64C127DC8C26E0DFC1D3F0F99 ft=1 fh=ef5d4a377440bb23 vn="Variante von Win32/Tasks.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Hermann\AppData\Roaming\Updater\tasks.dll.vir"
sh=E4D938101B37698A340C5AEA0AD7785C22711DA6 ft=0 fh=0000000000000000 vn="Variante von MSIL/Packed.DotBundle.A verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\29975edcf283805e6796.zip"
sh=6C454DE0C142ADAD79DFCA7D8174FF26F11827B8 ft=0 fh=0000000000000000 vn="Variante von MSIL/Packed.DotBundle.A verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\GamersGoMakers v1.11 +120 TRAINER (1).zip"
sh=A3ED7FEF9760289B4331D8534E38F99E903118D6 ft=0 fh=0000000000000000 vn="Variante von MSIL/Packed.DotBundle.A verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\GamersGoMakers v1.11 +120 TRAINER.zip"
sh=3D0CBF6ADFB61E462E062485D53CA825FFDC4C1F ft=1 fh=a2046cb294622522 vn="Variante von MSIL/Packed.DotBundle.A verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\GamersGoMakers_CH.exe"
sh=54D0A80F6878910C1B2133FDD203D3E4F6A90E0D ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\Key Binder\Key Binder.rar"
sh=E793060D7C2035A558755B50312EB7E55D3890F3 ft=1 fh=08c01e9789a605f6 vn="Variante von Win32/Packed.Themida verdächtige Datei" ac=I fn="C:\Users\Hermann\Desktop\Chhhiiita\Key Binder\Keybinder.exe"
sh=AD8EC21D5B0BDB41746B6156B6D706CF823FCA51 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida verdächtige Datei" ac=I fn="C:\Users\Hermann\Downloads\Key Binder.rar"
Code:
ATTFilter Results of screen317's Security Check version 1.008 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` AVG PC TuneUp 2015 AVG PC TuneUp 2015 (de-DE) AVG PC TuneUp 2015 Java 7 Update 75 Java 8 Update 45 Java version 32-bit out of Date! Adobe Flash Player 18.0.0.232 Adobe Reader XI Mozilla Firefox 35.0.1 Firefox out of Date! Google Chrome (44.0.2403.155) Google Chrome (44.0.2403.157) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast afwServ.exe AVAST Software Avast avastui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015 durchgeführt von Hermann (Administrator) auf COMPUTER (03-09-2015 00:41:52) Gestartet von C:\Users\Hermann\Desktop Geladene Profile: Hermann (Verfügbare Profile: Hermann) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Opera) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Valve Corporation) F:\Programme\Steam\Steam.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Valve Corporation) F:\Programme\Steam\bin\steamwebhelper.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.58.0\OverwolfHelper64.exe (Piotr Pawlowski) C:\Program Files (x86)\foobar2000\foobar2000.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera_crashreporter.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\OverwolfBrowser.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\OverwolfBrowser.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.58.0\OverwolfTSHelper.exe () C:\Program Files (x86)\QuickDic\QuickDic.exe (Valve Corporation) F:\Programme\Steam\bin\steamwebhelper.exe (Reto-Moto ApS) F:\Programme\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe () F:\Programme\Steam\steamapps\common\Heroes & Generals\HeroesAndGeneralsDesktop_Run.exe (Valve Corporation) F:\Programme\Steam\GameOverlayUI.exe (Reto-Moto ApS) F:\Programme\Steam\steamapps\common\Heroes & Generals\hngsync.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe () C:\Users\Hermann\Desktop\SecurityCheck.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Opera Software) F:\Programme\Opera\31.0.1889.174\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [Logitech G35] => C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-08-10] (Logitech(c)) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-25] (Avast Software s.r.o.) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6421592 2014-03-06] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [Steam] => F:\Programme\Steam\steam.exe [2901184 2015-09-02] (Valve Corporation) HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] () HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [18923008 2015-06-16] () HKU\S-1-5-21-3540704453-1494989713-834082015-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-19] (Overwolf LTD) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-24] (Avast Software s.r.o.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97 Tcpip\..\Interfaces\{CDAAC6D2-322B-4A0A-A934-F4E359FA0B50}: [DhcpNameServer] 83.169.184.33 83.169.184.97 Tcpip\..\Interfaces\{F644497B-F1B1-4056-92A5-E3E0EE771A09}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3540704453-1494989713-834082015-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-25] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-24] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-25] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-25] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-24] (Avast Software s.r.o.) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-25] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Hermann\AppData\Roaming\Mozilla\Firefox\Profiles\34052ydq.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation) FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2015-02-22] (Reto-Moto ApS) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.) FF Plugin-x32: @vizzed.com/VizzedRGR -> C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll [2013-01-11] (Vizzed.com) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3540704453-1494989713-834082015-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-01-28] () FF Extension: Advanced Cookie Manager - C:\Users\Hermann\AppData\Roaming\Mozilla\Firefox\Profiles\34052ydq.default\Extensions\cookiemgr@jayapal.com [2015-02-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-23] Chrome: ======= CHR Profile: C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-30] CHR Extension: (Google Docs) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-30] CHR Extension: (Google Drive) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-30] CHR Extension: (YouTube) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-30] CHR Extension: (APK Downloader) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2015-07-30] CHR Extension: (Google Search) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-30] CHR Extension: (Google Sheets) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-30] CHR Extension: (Avast Online Security) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-30] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-30] CHR Extension: (Chrome Web Store Payments) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30] CHR Extension: (Gmail) - C:\Users\Hermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-30] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-15] Opera: ======= OPR Extension: (mypermissions) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\abcaompdicgopneodlnpdoghdkgmfmnb [2015-01-29] OPR Extension: (Adguard) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2014-11-08] OPR Extension: (ZenMate for Opera™) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhbkkedmelfmalgjpkngiaoifpdfcnl [2015-03-12] OPR Extension: (HTTPS Everywhere) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm [2015-01-29] OPR Extension: (weboftrust) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2014-11-13] OPR Extension: (jdavid214) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\hiahmjdojdodmjjhhddegdnhcpjmokmo [2014-11-13] OPR Extension: (sarahavilov) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\njnemcgegcggpnfiamegohgfagecldcg [2014-11-13] OPR Extension: (Magic Actions for YouTube™) - C:\Users\Hermann\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlffnljnicbkfhnlomjhjlebndachaka [2015-02-21] StartMenuInternet: (HKLM) OperaStable - F:\Programme\Opera\Launcher.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-24] (Avast Software s.r.o.) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-24] (Avast Software s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1125888 2015-07-22] () S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.) S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2015-01-18] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S3 Origin Client Service; F:\Programme\Origin\OriginClientService.exe [2007048 2015-07-25] (Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-07-24] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-08-02] () S4 SpotfluxConnectionManager; C:\Program Files (x86)\Spotflux\services\SpotfluxConnectionManager.exe [105472 2015-01-23] (Spotflux) [Datei ist nicht signiert] S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5400848 2014-11-03] (TeamViewer GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-24] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-06-24] (Avast Software s.r.o.) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-24] (Avast Software s.r.o.) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-06-24] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-24] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-24] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-24] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-24] (Avast Software s.r.o.) S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-11-08] (The OpenVPN Project) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-24] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-05-25] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-11] (Disc Soft Ltd) R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [22728 2015-05-04] (Mobile Stream) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech) R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-05-25] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-02] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 nocashio; C:\Windows\SysWOW64\drivers\nocashio.sys [4096 2015-07-12] () [Datei ist nicht signiert] R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) R3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2015-01-23] (Spotflux, Inc.) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-03-10] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-03-10] (Acronis) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-05-15] (TuneUp Software) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-03-10] (Acronis International GmbH) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X] S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-02 19:08 - 2015-09-02 19:08 - 02870984 _____ (ESET) C:\Users\Hermann\Desktop\esetsmartinstaller_deu.exe 2015-09-02 19:08 - 2015-09-02 19:08 - 00852704 _____ C:\Users\Hermann\Desktop\SecurityCheck.exe 2015-09-02 19:08 - 2015-09-02 19:08 - 00000000 ____D C:\Program Files (x86)\ESET 2015-09-01 23:48 - 2015-09-01 23:48 - 00001920 _____ C:\Users\Hermann\Desktop\JRT.txt 2015-09-01 23:44 - 2015-09-01 23:44 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Hermann\Desktop\JRT76.exe 2015-09-01 23:43 - 2015-09-01 23:43 - 00000971 _____ C:\Users\Hermann\Desktop\AdwCleaner[C2].txt 2015-09-01 23:30 - 2015-09-01 23:30 - 00001205 _____ C:\Users\Hermann\Desktop\mbam.txt 2015-09-01 23:13 - 2015-09-01 23:13 - 01654272 _____ C:\Users\Hermann\Desktop\AdwCleaner_5.005.exe 2015-09-01 17:20 - 2015-09-01 17:26 - 00000000 ____D C:\Users\Hermann\Desktop\Neuer Ordner (3) 2015-09-01 14:09 - 2015-09-01 14:09 - 00033704 _____ C:\ComboFix.txt 2015-09-01 13:32 - 2015-09-01 14:09 - 00000000 ____D C:\Qoobox 2015-09-01 13:32 - 2015-09-01 14:09 - 00000000 ____D C:\ComboFix 2015-09-01 13:32 - 2015-09-01 14:08 - 00000000 ____D C:\Windows\erdnt 2015-09-01 13:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-09-01 13:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-09-01 13:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-09-01 13:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-09-01 13:26 - 2015-09-01 13:26 - 05635829 ____R (Swearware) C:\Users\Hermann\Desktop\ComboFix.exe 2015-09-01 06:01 - 2015-08-25 16:08 - 00574072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-09-01 05:58 - 2015-08-25 20:46 - 42840368 _____ C:\Windows\system32\nvcompiler.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 37819184 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 22525560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 18543736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 16637336 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 15512888 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 14936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 13661160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 12185152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 11089200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-09-01 05:58 - 2015-08-25 20:46 - 02940720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 02627704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435582.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435582.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01106672 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01075320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 01064752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00986232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00945456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00944736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00512904 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00364336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-09-01 05:58 - 2015-08-25 20:46 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-09-01 02:59 - 2015-09-01 02:59 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Octane 2015-09-01 02:59 - 2015-09-01 02:59 - 00000000 ____D C:\Users\Hermann\AppData\Local\Game.exe_Url_snvcmaaeno2wmkw21ojsmc2vhaeghmtz 2015-09-01 00:10 - 2015-09-01 00:11 - 137098809 _____ C:\Users\Hermann\Desktop\Aria _ Armageddon _ Full Album _ Ария _ Армагеддон.mp4 2015-08-31 22:58 - 2015-09-01 23:43 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\uTorrent 2015-08-31 22:58 - 2015-08-31 22:58 - 00002649 _____ C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-08-31 12:38 - 2015-08-31 12:42 - 00000000 ____D C:\Users\Hermann\Desktop\Neuer Ordner (2) 2015-08-31 11:44 - 2015-08-31 11:46 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-08-31 11:42 - 2015-08-31 12:11 - 00000000 ____D C:\Users\Hermann\Desktop\Neuer Ordner 2015-08-31 03:31 - 2015-08-31 03:31 - 00000000 ____D C:\Users\Hermann\Desktop\TeamSpeak 3 v3.0.17 [www.boerse.to] 2015-08-31 03:30 - 2015-08-31 03:30 - 13318710 _____ C:\Users\Hermann\Desktop\TeamSpeak v3.0.18 Build 57 [www.boerse.to].rar 2015-08-31 03:29 - 2015-08-31 03:29 - 39833027 _____ C:\Users\Hermann\Desktop\TeamSpeak 3 v3.0.17 [www.boerse.to].rar 2015-08-31 03:29 - 2015-08-31 03:29 - 13320240 _____ C:\Users\Hermann\Desktop\TeamSpeak 3 v3.0.18.rar 2015-08-30 17:21 - 2015-09-03 00:41 - 00023429 _____ C:\Users\Hermann\Desktop\FRST.txt 2015-08-30 17:21 - 2015-08-30 17:22 - 00116740 _____ C:\Users\Hermann\Desktop\Addition.txt 2015-08-30 17:20 - 2015-09-01 23:55 - 00000000 ____D C:\Users\Hermann\Desktop\FRST-OlderVersion 2015-08-30 17:19 - 2015-09-03 00:41 - 00000000 ____D C:\FRST 2015-08-30 12:04 - 2015-09-01 23:55 - 02188800 _____ (Farbar) C:\Users\Hermann\Desktop\FRST64.exe 2015-08-30 11:22 - 2015-07-23 10:30 - 27893155 _____ C:\Users\Hermann\Desktop\Bunker Constructor v1.0.apk 2015-08-30 11:20 - 2015-08-30 11:20 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\uplay 2015-08-29 22:46 - 2015-08-29 22:46 - 01751231 _____ C:\Users\Hermann\videoplayback.m4a 2015-08-26 04:43 - 2015-08-26 04:43 - 00000000 _____ C:\Windows\setuperr.log 2015-08-25 13:28 - 2015-08-28 22:02 - 00000000 ____D C:\Users\Hermann\AppData\Local\Warframe 2015-08-23 07:02 - 2015-08-23 07:02 - 00381192 _____ C:\Windows\Minidump\082315-19141-01.dmp 2015-08-22 23:55 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-08-22 23:55 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-08-19 23:02 - 2015-08-29 01:24 - 00000000 ____D C:\Program Files (x86)\Overwolf 2015-08-19 23:02 - 2015-08-19 23:02 - 00003728 _____ C:\Windows\System32\Tasks\Overwolf Updater Task 2015-08-19 23:02 - 2015-08-19 23:02 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2015-08-19 23:01 - 2015-09-02 13:32 - 00000000 ____D C:\Users\Hermann\AppData\Local\Overwolf 2015-08-19 23:01 - 2015-08-19 23:02 - 00000000 ____D C:\ProgramData\Overwolf 2015-08-18 10:54 - 2015-08-23 07:02 - 1230775025 _____ C:\Windows\MEMORY.DMP 2015-08-14 17:14 - 2015-08-16 21:33 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Tropico 5 2015-08-14 14:33 - 2015-08-14 14:33 - 00042813 _____ C:\GF_Excpt.txt 2015-08-14 13:55 - 2015-08-14 14:05 - 00000000 ____D C:\Users\Hermann\Documents\corleone 2015-08-13 19:08 - 2015-08-14 20:20 - 00000000 ____D C:\Users\Hermann\Desktop\Fallout Shelter v1.1 [Mod] 2015-08-13 18:35 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll 2015-08-13 18:35 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll 2015-08-11 00:54 - 2015-08-11 00:54 - 00009541 _____ C:\Users\Hermann\Documents\0.Shelter_150805.CT 2015-08-10 21:57 - 2015-08-10 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sheltered 2015-08-10 12:29 - 2015-08-10 12:30 - 00000000 ____D C:\Program Files\Virtual Audio Cable 2015-08-10 12:29 - 2015-08-10 12:29 - 00098464 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2015-08-10 12:29 - 2015-08-10 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2015-08-10 12:25 - 2015-08-10 12:25 - 00000000 ____D C:\Program Files\Mega-Nerd 2015-08-10 12:23 - 2015-08-10 12:23 - 00000149 _____ C:\Users\Hermann\f.hls 2015-08-10 10:03 - 2015-08-10 10:03 - 00034223 _____ C:\Windows\SysWOW64\hs_err_pid2856.log 2015-08-09 21:05 - 2015-08-09 21:05 - 00000340 _____ C:\Users\Hermann\Documents\Bloody_9B5E5131.bld 2015-08-09 08:41 - 2015-08-14 03:05 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Tropico 3 2015-08-04 13:30 - 2015-08-04 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody 2015-08-04 13:29 - 2015-08-04 13:30 - 00000000 ____D C:\Program Files (x86)\Bloody5 2015-08-04 00:00 - 2015-08-04 00:00 - 00002713 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk 2015-08-04 00:00 - 2015-08-04 00:00 - 00000000 ____D C:\Program Files (x86)\MSECache 2015-08-04 00:00 - 2015-08-04 00:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-03 00:35 - 2009-07-14 06:51 - 00082624 _____ C:\Windows\setupact.log 2015-09-03 00:27 - 2014-11-08 21:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-03 00:12 - 2014-11-08 14:16 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\TS3Client 2015-09-03 00:06 - 2015-07-30 13:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-02 23:52 - 2014-11-08 13:18 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-02 22:12 - 2011-04-12 09:43 - 00713026 _____ C:\Windows\system32\perfh007.dat 2015-09-02 22:12 - 2011-04-12 09:43 - 00155796 _____ C:\Windows\system32\perfc007.dat 2015-09-02 22:12 - 2009-07-14 07:13 - 01661072 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-02 21:43 - 2014-11-08 12:59 - 00000000 ____D C:\Users\Hermann 2015-09-02 20:57 - 2009-07-14 06:45 - 00031920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-02 20:57 - 2009-07-14 06:45 - 00031920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-02 19:22 - 2015-02-01 13:51 - 05978624 ___SH C:\Users\Hermann\Desktop\Thumbs.db 2015-09-02 18:13 - 2014-12-04 09:38 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\OBS 2015-09-02 13:38 - 2014-11-08 13:05 - 00000000 ____D C:\Program Files (x86)\Opera 2015-09-02 13:35 - 2014-11-11 17:25 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\foobar2000 2015-09-02 13:34 - 2014-11-08 12:48 - 01173614 _____ C:\Windows\WindowsUpdate.log 2015-09-02 13:32 - 2015-02-23 15:50 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-09-02 13:30 - 2015-07-16 16:42 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-09-02 13:29 - 2015-07-30 13:52 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-02 13:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-02 13:27 - 2014-11-09 22:03 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-01 23:34 - 2015-06-20 23:06 - 00000000 ____D C:\AdwCleaner 2015-09-01 14:15 - 2014-11-08 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-09-01 14:12 - 2010-11-21 05:47 - 00971254 _____ C:\Windows\PFRO.log 2015-09-01 14:07 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2015-09-01 02:56 - 2014-11-08 13:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-31 23:31 - 2014-11-09 21:38 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\vlc 2015-08-31 21:45 - 2014-11-11 18:56 - 00000000 ____D C:\Users\Hermann\AppData\Local\JDownloader v2.0 2015-08-31 11:42 - 2014-11-08 13:18 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-31 11:41 - 2015-04-09 04:03 - 00038488 _____ C:\Users\Hermann\Documents\Lets Play Fallout 3 Part ##.veg 2015-08-31 00:54 - 2015-07-30 14:12 - 00000000 ____D C:\Users\Hermann\Downloads\apk-downloader 2015-08-30 17:19 - 2014-11-09 01:00 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\tropico 4 2015-08-30 11:33 - 2014-11-11 20:07 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-08-30 11:29 - 2015-06-01 00:31 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project 3 Interactive 2015-08-30 11:20 - 2014-11-08 20:33 - 00000000 ____D C:\Users\Hermann\Desktop\Ordner mit Krimskrams 2015-08-30 11:14 - 2014-11-08 13:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-08-30 01:25 - 2015-01-01 14:15 - 00015360 ___SH C:\Users\Hermann\Thumbs.db 2015-08-28 01:01 - 2015-07-30 13:52 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-28 01:01 - 2015-07-30 13:52 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-27 02:37 - 2014-11-08 13:29 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-08-27 02:37 - 2014-11-08 13:29 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-08-27 02:36 - 2014-11-08 13:29 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-08-27 02:36 - 2014-11-08 13:29 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-08-26 04:36 - 2014-11-12 03:06 - 00000000 ____D C:\Windows\Minidump 2015-08-25 20:46 - 2015-06-23 00:28 - 17082392 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-08-25 20:46 - 2015-06-13 14:44 - 03112904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-08-25 20:46 - 2015-03-02 04:48 - 14635792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-08-25 20:46 - 2014-11-09 22:02 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-08-25 20:46 - 2014-11-09 22:02 - 00105264 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-08-25 20:46 - 2014-11-09 21:55 - 12515016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-08-25 20:46 - 2014-11-09 21:55 - 03527696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-08-25 20:46 - 2014-11-09 21:55 - 00033025 _____ C:\Windows\system32\nvinfo.pb 2015-08-25 16:24 - 2014-11-09 22:02 - 06884984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-08-25 16:24 - 2014-11-09 22:02 - 03496752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-08-25 16:24 - 2014-11-09 22:02 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-08-25 16:24 - 2014-11-09 22:02 - 00937776 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-08-25 16:24 - 2014-11-09 22:02 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-08-25 16:24 - 2014-11-09 22:02 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-08-25 14:35 - 2014-11-09 22:02 - 05165808 _____ C:\Windows\system32\nvcoproc.bin 2015-08-25 13:29 - 2014-11-08 14:23 - 00493890 _____ C:\Windows\DirectX.log 2015-08-25 00:55 - 2015-04-09 04:03 - 00038488 _____ C:\Users\Hermann\Documents\Lets Play Fallout 3 Part ##.veg.bak 2015-08-23 00:12 - 2014-11-08 13:29 - 00000000 ____D C:\Users\Hermann\AppData\Local\NVIDIA Corporation 2015-08-20 16:02 - 2014-12-01 22:50 - 00000000 ____D C:\Users\Hermann\AppData\Local\ArmA 2 OA 2015-08-20 11:51 - 2014-11-12 03:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2015-08-19 22:57 - 2015-04-07 16:12 - 00000000 ____D C:\ProgramData\Zoom Player 2015-08-19 17:20 - 2015-06-18 11:46 - 00000000 ____D C:\Program Files (x86)\DayZLauncher 2015-08-19 14:14 - 2015-06-15 22:11 - 00003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434399095 2015-08-19 12:54 - 2014-11-08 22:30 - 00000000 ____D C:\Users\Hermann\Documents\Action! 2015-08-17 23:08 - 2014-11-11 22:18 - 00000000 ____D C:\Users\Hermann\AppData\Local\Windows Live 2015-08-14 17:44 - 2015-05-16 15:52 - 00000000 ____D C:\Program Files (x86)\BlueStacks 2015-08-14 14:26 - 2014-11-18 00:46 - 00000000 ____D C:\Users\Hermann\Desktop\Chhhiiita 2015-08-14 13:55 - 2014-11-10 11:52 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-08-14 12:22 - 2014-11-11 21:00 - 00000000 ____D C:\Windows\SysWOW64\directx 2015-08-13 18:57 - 2015-04-04 21:55 - 00000000 ____D C:\Users\Hermann\Desktop\Memecenter Bilder 2015-08-12 13:32 - 2014-12-11 12:31 - 00000000 ____D C:\ProgramData\Origin 2015-08-12 12:03 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-12 04:27 - 2014-11-08 21:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-12 04:27 - 2014-11-08 21:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-12 04:27 - 2014-11-08 21:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-08-11 06:52 - 2014-11-08 13:22 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-08-11 03:41 - 2014-11-13 13:37 - 00000000 ____D C:\Users\Hermann\Documents\My Games 2015-08-11 03:40 - 2014-11-20 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-08-11 03:40 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-08-10 12:25 - 2014-12-03 12:43 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2015-08-10 12:25 - 2014-12-03 12:43 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2015-08-10 12:25 - 2014-12-03 12:43 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2015-08-10 12:25 - 2014-12-03 12:43 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2015-08-10 00:34 - 2014-12-04 09:38 - 00000000 ____D C:\Program Files (x86)\OBS 2015-08-08 08:55 - 2014-11-10 17:58 - 00000000 ____D C:\Users\Hermann\AppData\Roaming\Skype 2015-08-07 12:11 - 2015-07-26 14:35 - 00000000 ____D C:\Users\Hermann\AppData\Local\UnofficialWhatsApp 2015-08-07 12:11 - 2015-06-28 17:23 - 00001247 _____ C:\Users\Hermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unofficial WhatsApp.lnk 2015-08-07 10:19 - 2014-11-08 22:07 - 00033456 _____ C:\Users\Hermann\Documents\Lets Play War of the Roses Part ##.veg 2015-08-07 10:12 - 2014-11-08 22:07 - 00033456 _____ C:\Users\Hermann\Documents\Lets Play War of the Roses Part ##.veg.bak 2015-08-06 20:15 - 2015-03-21 19:51 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2015-08-06 20:15 - 2014-12-23 01:53 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2015-08-06 20:04 - 2014-12-23 01:53 - 00226680 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2015-08-05 12:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-08-05 11:32 - 2014-11-08 14:16 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-08-04 05:35 - 2014-11-09 21:21 - 00000000 ____D C:\Users\Hermann\SimpleJavaYoutubeUploader 2015-08-04 00:23 - 2015-04-14 01:56 - 00000000 ____D C:\Users\Hermann\Documents\Rockstar Games ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-11-29 02:47 - 2014-11-29 02:48 - 222875441 _____ () C:\Users\Hermann\AppData\Roaming\.minecraft.rar 2014-11-21 20:42 - 2015-02-12 01:50 - 0000015 _____ () C:\Users\Hermann\AppData\Roaming\A.ce7911766fde05aca1083872e180532a2.resizer_settings 2015-04-27 05:30 - 2015-05-26 20:39 - 0000097 _____ () C:\Users\Hermann\AppData\Roaming\LauncherSettings_live.cfg 2015-04-27 04:41 - 2015-04-27 04:41 - 0008146 _____ () C:\Users\Hermann\AppData\Roaming\TheHunterSettings_live.bin 2015-04-27 04:40 - 2015-04-27 04:40 - 0000040 _____ () C:\Users\Hermann\AppData\Roaming\TheHunterSettings_steam_live.cfg 2015-04-07 16:05 - 2015-04-07 16:05 - 0004608 _____ () C:\Users\Hermann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-18 10:47 - 2015-03-18 10:47 - 0000000 ___SH () C:\Users\Hermann\AppData\Local\LumaEmu 2015-05-18 18:11 - 2015-06-24 22:06 - 0007608 _____ () C:\Users\Hermann\AppData\Local\Resmon.ResmonCfg 2014-11-08 13:51 - 2014-11-08 13:51 - 0000003 _____ () C:\Users\Hermann\AppData\Local\updater.log 2014-11-08 13:51 - 2015-04-23 21:25 - 0000424 _____ () C:\Users\Hermann\AppData\Local\UserProducts.xml 2015-04-19 20:16 - 2015-04-19 20:26 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip 2014-12-04 16:41 - 2014-12-04 16:41 - 0012391 _____ () C:\ProgramData\mptmqteo.hmi Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Hermann\AmazonMusicInstaller.exe C:\Users\Hermann\Vivaldi_TP_1.0.83.38.exe C:\Users\Hermann\xobglu16.dll Einige Dateien in TEMP: ==================== C:\Users\Hermann\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-01 06:39 ==================== Ende von FRST.txt ============================ |
|
03.09.2015, 18:17
| #14 |
| /// the machine /// TB-Ausbilder | Schwarzer Bildschirm danach seltsame Meldung Java und Firefox updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\AdwCleaner\Quarantine\C\Users\Hermann\AppData\Roaming\Updater\tasks.dll.vir
C:\Users\Hermann\allUpdatesCracked.rar
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.09.2015, 01:09
| #15 |
| | Schwarzer Bildschirm danach seltsame Meldung Vielen Dank für die Hilfe Hier noch der Log: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von Hermann (2015-09-04 16:38:22) Run:1
Gestartet von C:\Users\Hermann\Desktop
Geladene Profile: Hermann (Verfügbare Profile: Hermann)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\AdwCleaner\Quarantine\C\Users\Hermann\AppData\Roaming\Updater\tasks.dll.vir
C:\Users\Hermann\allUpdatesCracked.rar
Emptytemp:
*****************
C:\AdwCleaner\Quarantine\C\Users\Hermann\AppData\Roaming\Updater\tasks.dll.vir => erfolgreich verschoben
"C:\Users\Hermann\allUpdatesCracked.rar" => Datei/Ordner nicht gefunden.
EmptyTemp: => 2.2 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 16:39:11 ====
|
|
| Themen zu Schwarzer Bildschirm danach seltsame Meldung |
| ahnung, bildschirm, bildschirm schwarz, einfach, frage, fragen, gesucht, guten, heute, hintergrund, klicke, klicken, kurze, meldung, nichts, phänomen, prozesse, rechts, schließen, schwarz, schwarzer bildschirm, seite, seltsam, seltsame, taskmanager, virus |
WARNUNG an die MITLESER: 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
