| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.JWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.09.2015, 20:33
| #1 |
 |  Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J Moin moin  Vorab möchte ich sagen, dass ich sämtliche Logfiles als ZIP-Datei angehängt habe, weil ich sonst die erlaubte Anzahl von 120.000 Zeichen überschreite. Gestern habe ich eine Virenprüfung durchgeführt um zu sehen, ob alles in Ordnung ist in meinem Laptop. Dabei wurde "Win32.Application.SysTweak.J (Engine B)" entdeckt. Diesen Fund habe ich dann in die Quarantäne verschoben gehabt, wo ich dann festgestellt habe, dass in der Quarantäne noch weitere 2 Funde sind. Während der Zeit habe ich wohl vergessen, mich um die Funde zu kümmern, da diese schon vor 3-4 Monaten entdeckt worden sind.  Statt die Funde einfach zu löschen würde ich sie lieber gezielt bereinigen, sodass keine Gefahr mehr besteht, weshalb ich mich hier melde Ich habe vorab schonmal die folgende Schritte Ausgeführt, die auf folgender Seite beschrieben sind: http://www.trojaner-board.de/69886-a...-beachten.html Schritt 1: Anwendung von Defogger. (Keine Fehlermeldung und Aufforderung zum Neustart des Laptops) Schritt 2: Anwendung von FRST (Logfiles in der ZIP Datei) Schritt 3: Anwendung von GMER (Logfile in der ZIP Datei) Bei diesem Scann gab es das Problem, dass das Programm nicht auf "C:\WINDOWS\system32\config\system" und "C:\Users\Benutzername\ntuser.dat" zugreifen konnte. Die Meldung besagt "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird" |
|
08.09.2015, 20:43
| #2 |
| /// the machine /// TB-Ausbilder    |  Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J Hi,
__________________Logs bitte immer in codetags in den Thread posten
__________________ |
|
08.09.2015, 20:57
| #3 |
| | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J Gut aber alle passen nicht in ein Thread^^
__________________Daher werde ich es aufteilen G DATA Protokoll Code:
ATTFilter Virenprüfung mit G DATA INTERNET SECURITY
Version 25.1.0.8 (28.07.2015)
Virensignaturen vom 02.09.2015
Startzeit: 07.09.2015 11:14:12
Engine(s): Engine A (AVA 25.3305), Engine B (GD 25.5541)
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Ein
Prüfung der Systembereiche...
Prüfung aller im Speicher befindlichen Prozesse und Verweise im Autostart...
Prüfung auf RootKits...
Prüfung aller lokalen Festplatten...
Analyse vollständig durchgeführt: 07.09.2015 16:19:25
359061 Dateien überprüft
1 infizierte Dateien gefunden
0 verdächtige Dateien gefunden
Objekt: roboot64.exe
Pfad: C:\WINDOWS\System32
Status: Datei in Quarantäne verschoben
Virus: Win32.Application.SysTweak.J (Engine B)
Der Zugriff auf die folgenden Dateien wurde verweigert:
C:\WINDOWS\Resources\Themes\aero\VSCache\Aero.msstyles_1031_96.mss
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog (1).etl
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application (1).etl
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTDiagtrack-Listener.etl
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Microsoft-Windows-WorkFolders-WHC.etl
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTWFP-IPsec Diagnostics.etl
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0315f87c655e96b8cf4f820c0a8b0f2f_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\019c8cc93fe83b0aa1501d30ae884808_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0fcd2e4cd1a8b63460edb063fffd8301_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0d0de2c844828743d53a7460e4b6f548_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\111d8ae67bbf64e8ea6a72fd3d1b7b38_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1926d72e89e57c8dd299fdfa806d92d6_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1b99b2babc1e6660e908aa18b59aa4b6_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1d766494cbb6cc9b513775a6a408ffe1_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1ef7f36bb3729520e7955ed6a422c283_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1d93cbf6fca3937e5583121cc1c74a98_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3f598f8f3a857d220f38af81292a78b3_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\27851bb1d6b26c9058b0d442d3766b1c_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\489c6493fa28ab487748577f32850343_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4cd84bbc5f16422ac9f747774ca3d56c_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6a1f1b5c928e9267345c506f20bf9bf1_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\64b9027b8006cbcba90f1f5fff2c8d7e_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\6bdf0b08b537d231c0b63466a703693d_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7b7998aedf57bb7d6600b802f776b250_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\737b0122ea47154b58d58aa068335d30_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5bc845fbcb974688177064a309ad8a62_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\84136729dc5668e969bde39ae211b3ca_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\83b88745c18423a8ec1df8ad18ba39b0_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\82f9c9bbde0115f037beaccc66d7a906_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9089f4d57de5a8bd05de4d3ff0c0e0ae_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\93addbe5afb271cbbb85e5fd612f99e8_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8422da60f58b438901c7c54b01c03865_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\850ef0247f01f1363c5aad2f92dd5cd8_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\94eeee639cd5a35685d93e6dea70c076_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9d6ee6c190021dc4e80fe136f9ede3e1_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\988543eb4c431748cef537f375db9328_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a452734b41a432425edb807ea8d46b19_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a1216433188fbb3143842f8a40b68498_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b2761862534d0641431155c06c2a1a83_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ae2c72a738547f66094a2385cc6894d4_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b6d34b8443cafb02ed5e82bf9a5f5a52_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b69da208ce73129a10631f2bc1612afa_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c932795a8efbb0bb56c0d5797a7452ce_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b9bf250d1b76a6f8995a1ea5a22db6d4_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cbe185239575db740cb72b4b925f06a5_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d6d77c6cc1805f075eba6e309f329f7e_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e49b89f8908e58b7a46ae6b0cad5c583_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\dcec733432a6bf9ca7355295473af5a8_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eb3d483c96647cad97060442e2f99cbc_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c87187d9eb55920b61cdb3802a3bf2a2_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f5e248c31744fe0a88065994b51ec019_c87ebc74-4d3d-4813-9f95-a57751f8010d
C:\ProgramData\Microsoft\Diagnosis\events10.rbs
C:\ProgramData\Microsoft\Diagnosis\events11.rbs
C:\ProgramData\Microsoft\Diagnosis\users.dat
C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\cfc.flights.json
C:\ProgramData\Microsoft\Diagnosis\events00.rbs
C:\ProgramData\Microsoft\Diagnosis\events01.rbs
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3950223124-2474653717-92873065-1002\NoAccess\LockScreenNotificationBadgeImages\4549149e2b6adbc2_1688863377870703_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3950223124-2474653717-92873065-1002\NoAccess\LockScreenNotificationBadgeImages\66b946c27e205b38_4785096708084143_100.png
C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-3950223124-2474653717-92873065-1002\NoAccess\LockScreenNotificationBadgeImages\c2f2d9df4a78a195_844429225100280_100.png
C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpScanCache-0.bin
Die folgenden Dateien sind Passwortgeschützt:
C:\Program Files (x86)\InstallShield Installation Information\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}\SupportFiles.7z
C:\Program Files (x86)\InstallShield Installation Information\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}\SupportFiles.7z
C:\OEM\FIVT\FIVT_Matched.ini.7z
C:\OEM\Preload\Autorun\APP\clear.fi Photo v2.02\clear.fi_Photo.exe
C:\OEM\Preload\Autorun\APP\clear.fi Media v2.02\clear.fi_Media.exe
C:\Users\Lockjaw\Desktop\Programme\Aperture science\Aperture science\Setup.msi
C:\Users\Lockjaw\Dropbox\Für Alle!\Anwendungsgebiete für Informatik\Psychologie\psychopaekchen (Pascal Florida's conflicted copy 2013-10-17).zip
C:\Users\Lockjaw\Dropbox\Für Alle!\Anwendungsgebiete für Informatik\Psychologie\psychopaekchen.zip
C:\Users\Lockjaw\Dropbox\Für Alle!\Anwendungsgebiete für Informatik_Psych\Psychologie\psychopaekchen (Pascal Florida's conflicted copy 2013-10-17).zip
C:\Users\Lockjaw\Dropbox\Für Alle!\Anwendungsgebiete für Informatik_Psych\Psychologie\psychopaekchen.zip
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Skript.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien10.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien12.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\folien11.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien13.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien14.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\folien18.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien17.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien16.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien15.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien21.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien20.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien19.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien22.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\folien4.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\folien3.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\folien2.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\Folien5.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\folien8.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\folien6.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\folien7.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\ADS\2011-SS-Jansen\Vorlesungsfolien\folien9.pdf
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\Progprak\2008\pp1.bak.02-03-09.tar.gz
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\Progprak\progprak1_2008.zip
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\Progprak\2008\3\pp1-3.rar
C:\Users\Lockjaw\Dropbox\Für Alle!\Informatik\Programmierung\skripWS1011t_teil1.pdf
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-09-08 20:35:43
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000032 TOSHIBA_MQ01ABF050 rev.AM001J 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Lockjaw\AppData\Local\Temp\fgldqpod.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000136d00 15 bytes [00, E4, F2, 01, 80, 8C, 6C, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000136d10 11 bytes [00, 72, FC, FF, 00, 09, CB, ...]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation 00007ffe582d3e10 7 bytes JMP 00007fff56710260
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ffe582d3e20 7 bytes JMP 00007fff56710298
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ffe583839b0 7 bytes JMP 00007fff56710340
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ffe58383ef0 7 bytes JMP 00007fff567102d0
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ffe58383fe0 7 bytes JMP 00007fff56710308
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ffe583b06c0 7 bytes JMP 00007fff567101f0
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ffe583b0730 7 bytes JMP 00007fff56710228
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ffe567221d0 5 bytes JMP 00007fff56710180
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW 00007ffe567229d0 7 bytes JMP 00007fff567100d8
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW 00007ffe56724310 5 bytes JMP 00007fff56710110
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ffe56728d80 5 bytes JMP 00007fff56710148
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleFileNameExW 00007ffe5679f0b0 5 bytes JMP 00007fff567101b8
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ffe58496d90 1 byte JMP 00007fff56710420
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\USER32.dll!CreateWindowExW + 2 00007ffe58496d92 8 bytes {JMP 0xfffffffffe279690}
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ffe584a74a0 5 bytes JMP 00007fff567103e8
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ffe584a7560 9 bytes JMP 00007fff56710378
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\USER32.dll!ChangeDisplaySettingsExW 00007ffe584a7730 5 bytes JMP 00007fff56710458
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ffe584b6b10 5 bytes JMP 00007fff567103b0
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ffe58ce1500 1 byte JMP 00007fff56710490
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2 00007ffe58ce1502 6 bytes {JMP 0xfffffffffda2ef90}
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ffe58ce1750 8 bytes JMP 00007fff567104c8
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory 00007ffe53f87750 5 bytes JMP 00007fff53f700d8
.text C:\WINDOWS\System32\dwm.exe[6716] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1 00007ffe53f88ee0 5 bytes JMP 00007fff53f70110
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1996] 0000000000976060
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:2024] 000000000094a7b0
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1456] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1460] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1480] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1492] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1484] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1496] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1516] 00000000745ffe61
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1580] 00000000745ffe61
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1520] 00000000745ffe61
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1848] 00000000745ffe61
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1892] 00000000745ffe61
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1888] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:1880] 0000000074b1c640
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:3076] 000000007039d6a0
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:3088] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:3092] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:3096] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:3100] 0000000000970f27
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:20380] 000000006ea51900
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [1992:12492] 0000000071b7cf40
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [12328:3608] 0000000000a39d1f
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [12328:22480] 0000000000a3664f
Thread C:\WINDOWS\system32\csrss.exe [21564:22248] fffff960008af2d0
Thread C:\WINDOWS\Explorer.EXE [20332:21672] 00007ffe52cc55f0
Thread C:\WINDOWS\Explorer.EXE [20332:14260] 00007ffe4f9137e0
Thread C:\WINDOWS\Explorer.EXE [20332:17528] 00007ffe54240aa0
Thread C:\WINDOWS\Explorer.EXE [20332:4336] 00007ffe4fa29b10
Thread C:\WINDOWS\Explorer.EXE [20332:23480] 00007ffe4fa29b10
Thread C:\WINDOWS\Explorer.EXE [20332:21692] 00007ffe4fa29b10
Thread C:\WINDOWS\Explorer.EXE [20332:11136] 00007ffe3e5d2710
Thread C:\WINDOWS\Explorer.EXE [20332:17276] 00007ffe54d91fe0
Thread C:\WINDOWS\Explorer.EXE [20332:9560] 00007ffe5235e630
Thread C:\WINDOWS\Explorer.EXE [20332:10956] 00007ffe52679970
Thread C:\WINDOWS\Explorer.EXE [20332:10960] 00007ffe524328c0
Thread C:\WINDOWS\Explorer.EXE [20332:20188] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:19976] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:16664] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:14120] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:13896] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:2036] 00007ffe5213bc30
Thread C:\WINDOWS\Explorer.EXE [20332:11836] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:13420] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:22140] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:19356] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:20024] 00007ffe51c31120
Thread C:\WINDOWS\Explorer.EXE [20332:3168] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:9860] 00007ffe4f771e80
Thread C:\WINDOWS\Explorer.EXE [20332:18464] 00007ffe4f771c10
Thread C:\WINDOWS\Explorer.EXE [20332:3320] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:21764] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:8768] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:5292] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:18792] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:9720] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:22912] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:22548] 00007ffe5267e630
Thread C:\WINDOWS\Explorer.EXE [20332:19680] 00007ffe48c51480
Thread C:\WINDOWS\Explorer.EXE [20332:6884] 00007ffe4e00f3c0
Thread C:\WINDOWS\Explorer.EXE [20332:6712] 00007ffe4e00f3c0
Thread C:\WINDOWS\Explorer.EXE [20332:6540] 00007ffe4822a710
Thread C:\WINDOWS\Explorer.EXE [20332:17688] 00007ffe4e00f3c0
Thread C:\WINDOWS\Explorer.EXE [20332:21260] 00007ffe4f8d1090
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
|
08.09.2015, 20:59
| #4 |
| | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J FRST Logfile Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
durchgeführt von Lockjaw (Administrator) auf BARIS (08-09-2015 17:02:23)
Gestartet von C:\Users\Lockjaw\Desktop
Geladene Profile: Lockjaw (Verfügbare Profile: Lockjaw & Gast)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVK.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\GUI\GDSC.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [453448 2014-08-14] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6714472 2015-04-20] (SoftPerfect Research)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM-x32\...\Run: [HTC Sync Loader] => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [659456 2013-09-03] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] (Atheros Communications)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Run: [Octoshape Streaming Services] => C:\Users\Lockjaw\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
Startup: C:\Users\Lockjaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-12-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B26C6885-29F5-4540-8A30-FD95C076B5F7}: [DhcpNameServer] 134.245.10.7 134.245.1.36
Tcpip\..\Interfaces\{E0C75E5A-8B49-4FB5-9619-40444B88458A}: [NameServer] 134.245.1.36,134.245.10.7
Tcpip\..\Interfaces\{F6A39164-470B-4CD6-9875-ECF39C9A94AE}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3950223124-2474653717-92873065-1002 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP0B4B9EEB-5CE1-436B-B9D7-F8C03F18425B&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3950223124-2474653717-92873065-1002 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-22] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-02-28] (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-03] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134
FF Homepage: google.de
FF NetworkProxy: "ftp", "145.255.4.150"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "145.255.4.150"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "145.255.4.150"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "145.255.4.150"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3950223124-2474653717-92873065-1002: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Lockjaw\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1401100-0-npoctoshape.dll [2014-01-10] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Lockjaw\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-11-01] (Octoshape ApS)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\Extensions\ich@maltegoetz.de.xpi [2015-04-22]
FF Extension: stealthy - C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\Extensions\stealthyextension@gmail.com.xpi [2014-10-10]
FF Extension: Adblock Plus - C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-06]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2558072 2015-06-19] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3711712 2015-06-16] (G Data Software AG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [Datei ist nicht signiert]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3202368 2015-06-19] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-11-07] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-26] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-02-07] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-21] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2015-08-02] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [27648 2015-04-01] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-01] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230912 2015-08-02] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-08-02] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-08-02] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-04-25] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [125952 2015-08-02] (G Data Software AG)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [60736 2015-03-17] (NetFilterSDK.com)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2014-03-04] ()
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-08 17:02 - 2015-09-08 17:03 - 00023315 _____ C:\Users\Lockjaw\Desktop\FRST.txt
2015-09-08 17:02 - 2015-09-08 17:02 - 02190336 _____ (Farbar) C:\Users\Lockjaw\Desktop\FRST64.exe
2015-09-08 17:00 - 2015-09-08 17:00 - 00000476 _____ C:\Users\Lockjaw\Desktop\defogger_disable.log
2015-09-08 16:59 - 2015-09-08 16:59 - 00050477 _____ C:\Users\Lockjaw\Desktop\Defogger.exe
2015-09-07 16:59 - 2015-09-08 17:02 - 00000000 ____D C:\FRST
2015-09-07 16:56 - 2015-09-07 16:56 - 00000168 _____ C:\Users\Lockjaw\defogger_reenable
2015-09-07 16:25 - 2015-09-07 16:25 - 00011348 _____ C:\Users\Lockjaw\Desktop\G*DATA Protokoll ID 521.txt
2015-09-03 20:35 - 2015-09-03 20:35 - 00000000 ____D C:\Users\Lockjaw\Desktop\Neuer Ordner (3)
2015-09-03 13:34 - 2015-09-03 13:34 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Sun
2015-09-03 13:34 - 2015-09-03 13:34 - 00000000 ____D C:\Users\Lockjaw\.oracle_jre_usage
2015-09-02 16:19 - 2015-09-03 23:27 - 00000000 ____D C:\Users\Lockjaw\Desktop\Neuer Ordner (2)
2015-08-29 15:56 - 2015-08-29 15:56 - 00000000 ____D C:\Users\Lockjaw\Desktop\Potcast_JAVA
2015-08-28 19:16 - 2015-08-28 19:16 - 00000000 _____ C:\Users\Lockjaw\Desktop\BTV PS.txt
2015-08-28 01:40 - 2015-08-28 01:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-24 23:37 - 2015-08-24 23:37 - 00002551 _____ C:\Users\Lockjaw\Desktop\Yandex.lnk
2015-08-24 23:37 - 2015-08-24 23:37 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Yandex
2015-08-24 23:37 - 2015-08-24 23:37 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex
2015-08-24 23:36 - 2015-08-24 23:37 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\Yandex
2015-08-21 21:09 - 2015-09-06 23:57 - 00000074 _____ C:\Users\Lockjaw\Desktop\segfhfgcfhf.txt
2015-08-20 21:57 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-20 21:57 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-16 19:35 - 2015-08-16 19:35 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\fltk.org
2015-08-12 21:30 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 21:30 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 22:41 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-11 22:41 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-11 22:41 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-11 22:41 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-11 22:41 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-11 22:41 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-11 22:41 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-11 22:41 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-11 22:41 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-11 22:41 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-11 22:41 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-11 22:41 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-11 22:40 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-11 22:40 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 22:40 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 22:40 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-11 22:40 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-11 22:40 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 22:40 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-11 22:39 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-11 22:39 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 22:39 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-11 22:39 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-11 22:39 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 22:39 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-11 22:39 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 22:39 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-11 22:39 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-11 22:39 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 22:39 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-11 22:39 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-11 22:39 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-11 22:39 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-11 22:39 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 22:39 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-11 22:39 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-11 22:39 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-11 22:39 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 22:39 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-11 22:39 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-11 22:39 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-11 22:39 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-11 22:38 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 22:38 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 22:38 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 22:38 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 22:38 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 22:38 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 22:38 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 22:38 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 22:38 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 22:38 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 22:37 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-11 22:37 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-11 22:37 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 22:37 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 22:37 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 22:37 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-11 22:34 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-11 22:34 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-11 22:34 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-11 22:34 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-11 22:34 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-11 22:34 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 22:34 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 22:34 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-11 22:34 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-11 22:34 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 22:34 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 22:34 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 22:34 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 22:33 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 22:33 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 22:33 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 22:33 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-11 22:33 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 22:33 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-11 22:33 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 22:33 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-11 22:33 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 22:33 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 22:33 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 22:33 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 22:33 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-11 22:33 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-08 17:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-08 15:29 - 2015-07-29 14:49 - 01849683 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-08 13:02 - 2014-09-24 08:17 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-08 13:02 - 2014-09-24 07:43 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-08 13:02 - 2014-09-24 07:43 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-08 12:54 - 2013-12-02 23:31 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3950223124-2474653717-92873065-1002
2015-09-08 12:49 - 2013-12-09 22:12 - 00000000 ___RD C:\Users\Lockjaw\Desktop\Spiele
2015-09-08 12:48 - 2013-12-06 15:35 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-08 11:38 - 2013-12-09 21:28 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\vlc
2015-09-08 10:47 - 2014-05-30 17:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-08 10:46 - 2014-08-10 19:28 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\2K Games
2015-09-08 10:41 - 2015-07-28 00:26 - 00000000 ____D C:\Program Files (x86)\FIFA 12
2015-09-08 10:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-07 16:56 - 2014-10-21 02:42 - 00000000 ____D C:\Users\Lockjaw
2015-09-07 11:14 - 2014-10-06 14:23 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2015-09-03 13:34 - 2014-04-25 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-09-03 13:34 - 2014-04-22 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-03 13:34 - 2013-12-10 13:22 - 00000000 ____D C:\ProgramData\Oracle
2015-09-03 13:33 - 2015-07-18 15:49 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-03 13:32 - 2013-12-10 13:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-03 00:18 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-02 19:23 - 2015-07-29 16:55 - 00002682 _____ C:\WINDOWS\setupact.log
2015-09-01 14:28 - 2014-04-25 10:51 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\Eclipse
2015-08-23 16:28 - 2015-05-31 02:34 - 00000000 ____D C:\Users\Lockjaw\Desktop\Musik
2015-08-20 21:59 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-19 00:16 - 2015-07-29 14:04 - 00000000 ____D C:\Users\Lockjaw\Desktop\ofm
2015-08-16 17:59 - 2013-12-03 01:17 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Racket
2015-08-15 11:02 - 2013-12-23 17:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-13 21:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-13 19:58 - 2014-11-18 23:15 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\HTC MediaHub
2015-08-13 19:56 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-13 19:56 - 2013-08-22 16:44 - 00509008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 19:54 - 2015-07-29 17:02 - 00001350 _____ C:\WINDOWS\PFRO.log
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 21:29 - 2013-12-23 17:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 21:24 - 2013-12-23 17:18 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 21:22 - 2015-04-16 02:49 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 21:22 - 2014-09-24 09:43 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 21:21 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 21:21 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-10-04 22:16 - 2014-10-04 22:16 - 0000000 _____ () C:\Users\Lockjaw\AppData\Roaming\gdfw.log
2014-10-04 22:16 - 2014-10-04 22:16 - 0000779 _____ () C:\Users\Lockjaw\AppData\Roaming\gdscan.log
2014-12-15 22:58 - 2014-12-15 22:58 - 0007602 _____ () C:\Users\Lockjaw\AppData\Local\Resmon.ResmonCfg
2013-09-11 20:06 - 2013-09-11 20:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Lockjaw\a.exe
Einige Dateien in TEMP:
====================
C:\Users\Lockjaw\AppData\Local\Temp\CRCCheck.exe
C:\Users\Lockjaw\AppData\Local\Temp\jre-8u60-windows-au.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-03 19:49
==================== Ende von FRST.txt ============================
Addition Logfile Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-09-2015
durchgeführt von Lockjaw (2015-09-08 17:04:40)
Gestartet von C:\Users\Lockjaw\Desktop
Windows 8.1 (X64) (2014-10-21 01:14:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3950223124-2474653717-92873065-500 - Administrator - Disabled)
Gast (S-1-5-21-3950223124-2474653717-92873065-501 - Limited - Enabled) => C:\Users\Gast
Lockjaw (S-1-5-21-3950223124-2474653717-92873065-1002 - Administrator - Enabled) => C:\Users\Lockjaw
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Out of date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Out of date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: - )
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
CodeBlocks (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Counter-Strike 2D 0.1.2.3 (HKLM-x32\...\{849F6C2A-3F9C-4731-B659-8C606B706CF0}_is1) (Version: - Unreal Software)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
ETDWare PS/2-X64 11.6.22.201_WHQL (HKLM\...\Elantech) (Version: 11.6.22.201 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio version 6.5.2.525 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.2.525 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
G DATA INTERNET SECURITY (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.8 - G DATA Software AG)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync (HKLM-x32\...\{CBDAE89D-8ABD-4DC5-9309-C2C58696B371}) (Version: 3.3.63 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.33.0 - HTC)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ACHTUNG
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
NetWorx 5.3.5 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Octoshape Streaming Services (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.5-I602 (HKLM\...\OpenVPN) (Version: 2.3.5-I602 - )
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
paint.net (HKLM\...\{141BA46D-2D1F-4DA6-9448-B847334585C0}) (Version: 4.0.4 - dotPDN LLC)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.43 - Qualcomm Atheros)
Racket v5.3.6 (i386) (HKLM-x32\...\Racket-i386-5.3.6) (Version: 5.3.6 - PLT Design Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21222 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 8.1.0.17 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{7876D48F-B654-4A4C-9453-98D6E38E1A0C}) (Version: 6.1.4.0 - Husdawg, LLC)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WindowsAndroid version 4.0.3 (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\{7E07052F-A4CE-4932-B066-B9203888439F}_is1) (Version: 4.0.3 - SocketeQ, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Yandex (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\YandexBrowser) (Version: 15.7.2357.2877 - YANDEX)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
20-08-2015 21:56:10 Windows Update
30-08-2015 16:54:07 Geplanter Prüfpunkt
07-09-2015 17:44:17 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1CF33A71-ED76-4BAE-9D86-CA3B5BA2A719} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {2ED6F8E5-595F-4AA0-B6D3-A7D17B44E2E3} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {41161877-26AD-46D2-9054-5DD5B39295CC} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {45788018-7A97-44BF-B245-78A0D0D5A404} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {4CB0ADA0-B97B-442D-8351-2766757E6262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {51ECAA66-4F9C-4DB3-BE31-4552324C3A5E} - System32\Tasks\Update Service SimpleFiles => C:\Program Files (x86)\SimpleFilesUpdater\SimpleFilesUpdater.exe
Task: {550E275D-D46C-452D-97F1-9B4CA0811667} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {72AA2B51-7B41-483E-89FD-4EFF915F8478} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {948B5781-8A50-439B-B978-C691140AEF1D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {B033E1C4-E4A4-4820-90B3-974F07537CE0} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {BF7D3E85-72E5-4AF4-869E-9F5395829E96} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {C54CAF6F-137A-49E3-9B85-E57242F1C7DD} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03] ()
Task: {FDA95151-7D9A-42CD-AF9C-E2AC8EA6064F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-01-04 23:36 - 2015-02-07 05:11 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-06-16 11:17 - 2015-06-16 11:17 - 00382584 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2013-09-05 02:36 - 2015-07-23 06:06 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-07-29 17:11 - 2015-07-23 03:31 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-11 20:33 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-02-28 18:05 - 2013-02-28 18:05 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 18:02 - 2013-02-28 18:02 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 18:06 - 2013-02-28 18:06 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-11-03 12:04 - 2014-11-03 12:04 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 12:06 - 2014-11-03 12:06 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 12:07 - 2014-11-03 12:07 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-09-11 19:49 - 2013-03-20 09:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-30 19:41 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-12-06 15:39 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-09 23:41 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-08-09 20:15 - 2015-05-15 03:58 - 02396352 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-09 23:41 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-09 23:41 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-10-01 18:01 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-10-01 18:01 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-10-01 18:01 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-10-01 18:01 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-10-01 18:01 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-12-23 20:12 - 2015-05-15 03:57 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-29 17:31 - 2015-07-23 06:06 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-12-23 20:12 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Lockjaw\Desktop\Wallpapers\fallingstar-1680x1050.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "NetWorx"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "HTC Sync Loader"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "Octoshape Streaming Services"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C411134C-EADE-4840-AD41-471719150BC6}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe
FirewallRules: [{90261D61-0EC2-4E7B-8F16-E3D1DA35FBF9}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe
FirewallRules: [{23B334DC-4DC3-42FD-8B70-4425FF93C5AC}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe
FirewallRules: [{86887012-AFD7-4C12-8C71-D9DBE895A0EE}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe
FirewallRules: [{D954566A-F45B-4717-A14F-7ED696FF38CD}] => (Allow) C:\Users\Lockjaw\Desktop\Alesha_Dixon_Ft_Jay_Sean_-_Every_Little_Part_Of_Me_downloader.exe
FirewallRules: [{E757FE96-D993-4465-A08C-CDFB100B6FDE}] => (Allow) C:\Users\Lockjaw\Desktop\Alesha_Dixon_Ft_Jay_Sean_-_Every_Little_Part_Of_Me_downloader.exe
FirewallRules: [{18759DD1-516E-4305-A95B-726AAF8AD393}] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{2FD09BF9-AB14-44C5-B34B-98507427C9F5}] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{75E30E99-6A26-4C9D-B9CD-3E28FF7D8EEB}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{F41FA2E4-2745-4525-84CE-CD48BFA60680}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{56F50C64-BA71-4C2C-96BC-4A160A6D6710}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3D588E83-2414-4A3F-9D00-9017BC586268}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8EBB179E-A582-43E8-9B35-0CCC6B533188}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{57543844-69B0-4A18-ABB6-7B9B09BF055A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5316F871-B4D4-46E8-A83B-BD5F5ABE8136}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{80A056C7-D050-4AD5-9620-B6A2FB7E5532}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{736862E6-781A-493A-B8EE-0DD503BD0B5A}] => (Block) %ProgramFiles% (x86)\Origin\Origin.exe
FirewallRules: [{29284F29-2DA5-4B52-B42A-789566279163}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5BD25027-3437-4177-8F0D-8773DBC09344}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8C323AF5-A3DE-4EE8-8688-CC9AE0629588}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C79F5D5A-D4AA-43B3-A96C-D180664C3366}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0ECE8102-3C5F-490D-A05C-90F16DD10FAA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{08AB42C0-5D6C-45BE-B4F8-4A7F1986A953}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{0A570BDA-481E-4CD6-A5C7-F9C8A5530CB7}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{7FEF26BF-7588-4BFC-A7C3-F97252D6BCBC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D4F1DC48-17AA-480F-9B26-9D5D5A9A0CBC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CDFE52FC-F94F-466B-8C0E-D1DE513A0375}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{391F3DBB-F2E7-40DB-B996-94E5EFF19B6F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E21BDF3D-8514-4B8C-9E80-657AD8CDD43A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{57B2A616-6F78-4744-AFFE-27E0FA043D45}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D0B50106-7853-4E25-9217-9A2426833905}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ECC0DF3A-97A9-484A-B3FD-476E7435D3A4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A35E19AB-5967-47B5-9210-A385B5EED58A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D3286246-1CE3-461E-AE17-45BDE51BBDDB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DBC0BE1B-3A90-4F90-9B6C-5E8A1131AD52}] => (Block) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{6FEBF509-2AE3-485F-9F17-1917E1B77BD2}] => (Block) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{AA639933-73D1-497F-9932-0BD2B99BBA4D}C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [TCP Query User{4BA33FA7-74FC-419D-B540-34325FBBE445}C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{F899679C-E365-458B-8DFB-3469B15A988E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F9888EC5-5715-430D-A199-C6B44A1CD4BF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40A2C474-D8DA-4F71-A86A-A6B6C605E45B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{55D64460-2292-483B-9A1A-E033B3A3F2B3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F6CCD0E0-8F4B-4FBC-AF03-81C36AB2E2EB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AF749DF3-4BB8-401C-8421-70EA59211CA8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CE39D408-2BFF-4953-A034-51FB4E9AAA58}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7481B7EE-47E2-4E76-BF77-717512413552}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{05185869-29E7-4F9D-B156-AE4302E4AB66}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8ED4FA86-7039-4AB7-932B-FD9A9D0C90A5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BB10DE5F-F187-4D1F-A058-D2613E7E3CA7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E37EA811-220B-4B52-B5D7-0D9AD6969626}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40E64DAC-7FE0-4560-8131-7EC6CBF7BB85}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{60068DCD-AFE4-4E0E-A655-054FB579B14A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D8D3BB4B-4858-4810-8F46-5C0A9E5C4040}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F34166B2-77D5-4930-B502-B7D803D31C18}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4FB27678-3BCE-4249-BBFF-D0449845EE1E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{44C09CEA-FF2D-466C-B4D8-4E7DCC8A6D7A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0F24266D-6EF9-40FD-B158-5C3CA5B37733}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A9737AA4-E748-4830-A5DA-5C05BC30D88A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{120207D7-FB1A-46B5-9CCF-C1AA40826CC5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9BF8E0BF-ED9C-4D72-9B6D-84A7F4B6993A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EF509454-8EAD-47C9-B334-D64FCA65269E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8E804407-2CFC-470E-8A06-92C5546036DA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3C4ECD0F-580E-4003-81B4-643FFDBBAD8A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{246C86B0-17E9-4192-A8CD-8AD464E63629}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{69593D5A-7577-46CA-B919-536913C81D8F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5641B702-56F0-4BAE-8429-BFD9EBC91088}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{77EF90AE-EC2E-42A3-BBC9-0341DC6C82DE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CA73530F-67DB-4EBB-93A7-38F49E37B699}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{703A379F-B9F9-4AA8-9381-0D35E3CB348B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FBC323A8-A874-4C7D-8981-571DAF1E91FD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D726AFBA-8DF0-42E3-B715-8A36763A7304}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{60256AF4-B10D-4490-8B5D-F985787589AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8BB75F5B-A235-4099-ADE6-238F9B8A4FCA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{36F57D18-D07D-4418-9FAF-FEC1F893E929}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A6D5EA56-0D69-41A0-823F-3B709157EF47}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0E587200-2C31-4D9B-8A84-60E90AC8E9C5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{C9BBA10F-A452-40BE-80B6-F16EE03DAD19}D:\ida61\idaq64.exe] => (Allow) D:\ida61\idaq64.exe
FirewallRules: [TCP Query User{2389A3EA-765E-4510-9CFE-11E3E35B34B3}D:\ida61\idaq64.exe] => (Allow) D:\ida61\idaq64.exe
FirewallRules: [{35F81982-CA5C-4923-99C0-EB8062E5DCCB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6D572355-325F-40FF-B50F-7CEEFB0B7C2C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0292BE09-7CFC-4DD7-87F1-E9601BCCD376}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{59F53A33-F186-41BD-9A88-57D9DB6468F4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2F66DED4-1A07-408E-8474-E886CD16D4E0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2DC52047-2F91-434A-914D-BC33B1D12588}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C9539AC0-CC97-4B6A-9A72-E31D7C3E20E1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BAA00FEC-198D-416B-BE1E-91D82072106D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{80ACB7A5-F9A1-45BD-9C9D-FAEE332255A7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{81F657C6-CF6C-4DE7-98F0-8BDB46CAFA26}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{31EB239F-0A44-4BB7-84C8-2C052BDCDC03}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9CCE72B5-0012-40A2-A973-34B76D7384F2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{92420C92-6CBC-4FA8-ABC0-6BC76B8CF8B4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D0213EF5-EF40-4B71-8287-5D530EFF5484}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{23832D91-7F91-4721-8353-DBB5F7B7814D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{12881E4F-32FF-46AD-866E-6D7D96574FDA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A14BF2F4-DFA5-49FE-9B0C-8246EA942CBC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8EC8C3D4-52BC-4DAF-B535-6498A14D6824}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4AB6B8A7-5824-44AE-8515-2555E798E1BE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{09DE92AC-FA76-4C8C-B0E7-8A687DEF2FF5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{1B414D37-0650-46DD-BC00-FABDB3E8260B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2D0D68CE-A312-4D4C-8F7A-12E3772A92EE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{92F1618D-49D2-4E81-A92C-C1DFB4A7C927}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{007E3B54-F036-4F54-A6D4-813161F462D7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0ED6FAE1-F118-4CD6-852E-191703370B5E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{70A8ADDC-B013-4636-B543-4EBBAF788F50}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{038213F2-E13F-46EE-B805-F0741D72B56F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{73962252-44DB-4F4C-BAD5-7A96FB08352F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{883C85C9-35E0-479A-8B58-72D38C6E5574}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6BF42A54-6BF2-46A1-972E-32507766100D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{26A825FF-1B66-4AB6-A264-5CCAED35DC08}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F4117E05-72DF-453B-8488-6F6D28ED4F66}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2EC23514-7F70-4CB5-9AF7-C9BE40F79C86}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3E036FCA-2A51-45C9-84C8-6B44FD44D955}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BC76177B-21E5-44CB-8DC9-7443BDE3BA4D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{654F5439-DBD8-435D-B028-DC37008585F6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1E0AC3DD-8DFF-4F4C-90DA-DFD81BE37EE5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{29C94B13-1F0E-458D-98F9-AF4C586C003B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D826F380-9A1B-40D6-8BF3-63A5021117AD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8F50D027-2100-4679-86EE-E2C0D71DE253}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{17B99FC8-647A-4E6E-8F82-F3A824A6A0CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D440161-E96C-4B31-B8D9-789C5762EC7F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C2C88739-5411-43AD-B697-F75C4FDE3A58}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D5986FF2-FBD8-4150-99EA-507E6BF129A9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F85576CA-6354-4807-951F-683E62F0AE5F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{337A924A-1D51-4E61-A452-3687BE331163}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F964DA5B-4D52-41B4-B816-6636C5FB3156}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{17BC7416-5717-441A-978B-EB276697C1A4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DA3762DE-6895-43AE-9D82-35EAFC57AF9D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2D6C1191-090F-4BF7-8CD0-7D7E71392103}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{67D3B3E7-DB00-46F0-84C8-C4A1F65EB25D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A811E766-1596-4D96-8F2F-D3E6C7AAC20F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8823D5B2-2C31-4DC3-800C-6A96063E96DC}] => (Allow) LPort=1900
FirewallRules: [{3B62095A-9BCB-4540-8C92-32D7FFE86131}] => (Allow) LPort=2869
FirewallRules: [{A20B6CE1-7BEB-42DB-BDCE-C9962E02A560}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4F753C7F-807F-48F2-BE54-ED870124FC5C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40C24F54-BFA5-4271-BD74-9D43ED01D340}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{38F8750A-65BE-40D0-8472-4DA8E426C360}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2F74BC6C-89BB-43AC-ACBA-6B5ABD4DDB89}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{DA17D3DE-BE4D-4D80-8E63-D70280AD2D3A}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{02A799B6-3841-4AB6-82E2-3A9A57914DA7}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{C11C024B-2371-425F-AC93-8960CE615664}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8242E8CC-6D36-41E0-BEF0-E2769FA47B0E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{11D762CE-9AC1-4D39-A9FA-72D3A6957FBD}C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D6C0E826-4690-4176-BEC9-7CDF8D9B7D75}C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{29B3DC68-6C99-42CD-88A8-20474ECF8894}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D75E0EC-3EFD-4F5D-86AA-4ECB24448050}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AD7398D6-A241-489A-AC6A-5E296E33F92D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B6597BD5-32ED-4FC3-A67C-3CFBEB37DA33}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{388C3E6E-BA1C-44C9-A351-DD657D38DF35}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1A328483-5736-4D95-AE85-AA52EBA9F817}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{87B75356-6CB6-4784-BEB7-3ADE2D15D4CF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0E9250E0-2702-49A1-9347-49E2F10ED1BE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{66AA529B-4275-4EA8-8E02-A607D566F805}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{84B25485-0BBF-4D87-8DD8-6CE3F1DA2C84}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A1CBA460-BC37-45CA-9EF6-C6531471E4AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9B678974-FFA0-4546-9637-5AD864018F06}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D13E5ADE-E500-4EFD-B230-75B29563C353}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{48686991-1FF9-4522-83B9-49CEC757F9CD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9C8DFC25-B5FC-4DCC-B818-84710C779441}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A5C94047-F3C6-4BA4-AB0E-F9E0CC8EBB4C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F1F5F090-FF59-40C1-9FE0-0480D22FC9C9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F1F09F52-543D-4ED4-8B1E-B7BAA29E2728}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D7AD12E2-86FF-4103-8B13-F6DEBF8027EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{35CC7977-3A5A-46DB-B4D4-06D77E367E51}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B75582C2-1202-4980-9E8D-5F4397D33ACF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{53E6896D-90BA-4793-A375-717014DDEBB4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{28EE962C-EFC0-4622-ADEF-F84C238692AC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5FF550C5-5B5B-42CD-A1E1-BFFB1DA23923}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6436289F-FEF2-4DB8-99BC-3C217E48BF3C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{84D8BD00-6855-4607-8F4B-43F24B3AA51B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{873B358D-71B6-47FF-B285-B480E174EF0B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{10C69F12-25B5-4CB1-A050-98B8D11F2ADD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{71B4FC0C-B629-46FB-9727-3146C0E2BA3E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CDFB949A-C942-4C3D-8E9E-61ABEC5E55F6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5C520E29-1787-4CB3-9C2B-5FCC166F89BA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{75502D06-1FBF-4EE9-AA4A-62B8CF6FBAAD}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{96FA7699-5650-43B4-B8F7-3622F3814E52}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{823CB6B2-19D2-4B7C-97BE-3D032E030F61}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{AEE2AF5C-6947-4184-9FFC-3859FAA6CA72}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{B5EBEB47-BF51-4B31-9BA0-C8F2FA7D60ED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3A0E25AA-07D6-47DA-883C-86869A90D8ED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2A6AE1D0-D3C6-4295-9D47-DB5A7247D33E}] => (Allow) C:\Program Files (x86)\Capcom\Dead Rising 2\deadrising2.exe
FirewallRules: [{BDFE419E-195B-4F6A-B912-0D2E6B01D956}] => (Allow) C:\Program Files (x86)\Capcom\Dead Rising 2\deadrising2.exe
FirewallRules: [{7F79DB6A-02FF-467F-BEE8-6DB4813E1DC4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A0F05AB1-3F1F-4CF9-8345-5D8D722EA946}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5F9D60FC-864F-443E-BD4E-A6099CFD4D33}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9F9ABAB2-AA9A-4A77-8F51-B2813822D74E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{27F2CD82-111E-41EC-AC77-6D26C57FF199}] => (Allow) C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6C9805DD-7D29-47DE-885A-B50D53EDF4FF}] => (Allow) C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6E9973E2-9EEC-48DD-A028-531255C0A764}] => (Allow) C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{1E88A32A-D8DA-4733-8838-D53581F3EC60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EA6515D-704D-40E5-B267-E16A8D1262B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4C50E3F3-5B3F-44F0-846A-44B97BC48698}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{085C8A94-2387-4E2A-8E65-E7DDFC0D6C2A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{7794A075-6BF2-41CC-A8C3-CBA705B73A1F}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{24ED4C29-EB24-4386-BF04-0127E4980E50}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{5E1FC86E-A87C-4AFD-A450-9E3A325F424A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{497D5098-310D-4751-A793-BE10A62BD871}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{93D125B2-2100-49AB-89DF-7A21B7A5D74D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C54056C0-CDD8-498D-AD8E-DB735DCD2FF1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{F6F68627-1BCA-475B-94E5-8E6F75FC1DC6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{C9B7BFDF-EF4F-4929-BA27-382A69DB15FB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{0D27AB6B-9600-4385-A19F-C987DC261764}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{EBD2E5C6-E1D4-4F1E-85F2-642D248B701F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{68196D73-145A-4B64-AFED-D573DC5875B0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{6AE32B8D-284F-4E8D-A14E-2437AA8C911F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{6B33D82B-7394-4BFA-A6AB-4872C2E1E7F8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{C1EC3C5C-2678-4D8F-9A07-AD2E985DBA5E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{581524D2-D85E-4151-9780-2C0340364DF6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{A68BA543-4907-43B1-BDAE-86D4619B2E3F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{14E23DF3-FF31-4BE6-B504-A1BAEADF2307}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{80828A2C-D230-48B4-BA27-D8F0A5E9ACA1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7D64B30A-14FD-4523-A919-0D436CD16A0D}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{D62F8649-905E-411C-8C9B-DF081206E447}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{892562E2-0D1D-4764-9828-8AB82D176642}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EB77D5F0-536B-4C41-B566-E48656F7B450}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{037EFF30-4CE0-434C-BBAA-8382C91FD956}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8335732E-F2D8-4697-ACED-17A2380A3B63}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{2A0321B6-C86E-4A1A-960F-43C4D93C6614}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{F9887015-8EF8-4140-9F10-C8BEB56DC707}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{806CD66C-C1C4-4D7F-AF3D-3FA7451D6949}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{451FAAF0-5B76-40EE-B7B5-D91A3CB0AB04}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{D219CF44-25AB-445E-A52C-25EE399B0428}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{4E1E1B88-FA03-45CF-B1D7-0AE508C541DE}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{3C844019-8CCC-44CF-81BD-CBD22C497D11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6B13B5C3-1BC6-4A73-882A-7A9AB57A0B7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{022738F4-523A-4646-8F78-3DDDC96D0748}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{48EA0D14-CCE3-4B87-9F5D-F5855A97DE3E}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{8C67EA1C-8A88-46E0-B667-653DD0C9A535}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{466DE108-0A42-48C8-9286-09A024B1D833}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2447D7D2-8062-4E5C-A9F7-961A51CF4DA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0F8CAFAA-69D9-46D4-80D0-3E035BBB1C73}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6BE48CB8-EB79-4F9E-AE7B-37DECC7E8561}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{B3F4200C-8A7C-4F4B-BEE5-C1C411AE28DC}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{74B9669B-143C-4B0E-B6DC-5E9AB123B1E4}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{9EAFC6D2-9BC0-4A66-827E-BCA9AA894880}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{FF46A6EB-5DFA-4D75-AB2C-FC196126F672}] => (Allow) LPort=26675
FirewallRules: [{4EBE5487-BB71-4316-AF21-B798CEE4C05C}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{C884EDB9-48A9-4A1C-936C-5798D342D3AC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{77FE91F2-42A4-4F7A-984C-246A4A34CD7A}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{BF5687C7-97A1-46FE-A581-68AD13F3BD4F}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{C2884DDE-EC3A-49FB-B47A-3B1700A9BBB1}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{ADE8C9A1-F6B7-46C7-BD99-0A395EBF831A}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{23FD9D9C-FFD4-4BB7-9FAE-13C51A1600CE}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{14CDA00B-5D99-42B3-BDBC-4C9CDAF46C3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AD72BABA-B10C-4C48-844F-94A17FD76E6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CD8DE495-9C77-4CD7-8195-5449064F3B04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EDD0D21E-9099-47CC-8223-11A826761485}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{83695C83-389A-456B-A1A4-FADCC9AE3FA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C601F979-8675-48B9-A855-5EE0A794F34D}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{A81FE0BB-BA89-47A5-BAEF-3D89980BC160}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{E12541D1-A54B-4794-8653-31B0BC8461F1}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{DD08881E-8D56-4188-A521-768E7E0C04B5}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{527554AA-E583-4FA6-BD8C-18626FA7D830}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{08173A9F-866A-4755-8E86-81ED96DFABC2}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/08/2015 04:37:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.7.0, Zeitstempel: 0x4bd9efbe
Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.7.0, Zeitstempel: 0x4bd9efbe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001a9346
ID des fehlerhaften Prozesses: 0x3754
Startzeit der fehlerhaften Anwendung: 0xGTAIV.exe0
Pfad der fehlerhaften Anwendung: GTAIV.exe1
Pfad des fehlerhaften Moduls: GTAIV.exe2
Berichtskennung: GTAIV.exe3
Vollständiger Name des fehlerhaften Pakets: GTAIV.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GTAIV.exe5
Error: (09/08/2015 11:06:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005474b
ID des fehlerhaften Prozesses: 0x4230
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/08/2015 10:56:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005474b
ID des fehlerhaften Prozesses: 0x2950
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/08/2015 10:55:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005474b
ID des fehlerhaften Prozesses: 0x4158
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/08/2015 10:49:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005474b
ID des fehlerhaften Prozesses: 0x47a0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/08/2015 10:48:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005474b
ID des fehlerhaften Prozesses: 0x46c0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/08/2015 10:48:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005474b
ID des fehlerhaften Prozesses: 0xfe0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/08/2015 10:48:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005474b
ID des fehlerhaften Prozesses: 0x461c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/07/2015 04:28:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f34
Startzeit: 01d0e94c51f8ab5e
Endzeit: 0
Anwendungspfad: C:\WINDOWS\Explorer.EXE
Berichts-ID: 793200db-555f-11e5-bee5-089e01e10f6f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/06/2015 11:58:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKTray.exe, Version: 25.1.15196.306, Zeitstempel: 0x55a5ce31
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68dd1
Ausnahmecode: 0xc0000008
Fehleroffset: 0x0007d315
ID des fehlerhaften Prozesses: 0x3a0
Startzeit der fehlerhaften Anwendung: 0xAVKTray.exe0
Pfad der fehlerhaften Anwendung: AVKTray.exe1
Pfad des fehlerhaften Moduls: AVKTray.exe2
Berichtskennung: AVKTray.exe3
Vollständiger Name des fehlerhaften Pakets: AVKTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKTray.exe5
Systemfehler:
=============
Error: (09/08/2015 04:22:59 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (09/08/2015 02:36:36 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (09/08/2015 12:55:45 PM) (Source: DCOM) (EventID: 10010) (User: Baris)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/08/2015 12:55:15 PM) (Source: DCOM) (EventID: 10010) (User: Baris)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/07/2015 09:51:20 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (09/07/2015 05:19:01 PM) (Source: DCOM) (EventID: 10010) (User: Baris)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/07/2015 05:18:31 PM) (Source: DCOM) (EventID: 10010) (User: Baris)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/07/2015 11:19:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home
Error: (09/06/2015 11:58:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "G Data Scanner" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (09/06/2015 11:57:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "G Data Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (09/08/2015 04:37:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GTAIV.exe1.0.7.04bd9efbeGTAIV.exe1.0.7.04bd9efbec0000005001a9346375401d0ea43ce76e87cC:\Program Files (x86)\GTA IV Complete Edition\GTAIV.exeC:\Program Files (x86)\GTA IV Complete Edition\GTAIV.exe12fbb0cd-5637-11e5-bee5-089e01e10f6f
Error: (09/08/2015 11:06:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.1793655a68e0cc0000005000000000005474b423001d0ea15a824fa65C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dlle99d132f-5608-11e5-bee5-089e01e10f6f
Error: (09/08/2015 10:56:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.1793655a68e0cc0000005000000000005474b295001d0ea143c3d5777C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll8a771913-5607-11e5-bee5-089e01e10f6f
Error: (09/08/2015 10:55:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.1793655a68e0cc0000005000000000005474b415801d0ea13ffe37f8eC:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll4f14312d-5607-11e5-bee5-089e01e10f6f
Error: (09/08/2015 10:49:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.1793655a68e0cc0000005000000000005474b47a001d0ea133de030b7C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll81ff254f-5606-11e5-bee5-089e01e10f6f
Error: (09/08/2015 10:48:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.1793655a68e0cc0000005000000000005474b46c001d0ea132edd699aC:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll70ba4f1f-5606-11e5-bee5-089e01e10f6f
Error: (09/08/2015 10:48:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.1793655a68e0cc0000005000000000005474bfe001d0ea13297ecee6C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll68a175e8-5606-11e5-bee5-089e01e10f6f
Error: (09/08/2015 10:48:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.1793655a68e0cc0000005000000000005474b461c01d0ea131b1dac6cC:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll634a74d4-5606-11e5-bee5-089e01e10f6f
Error: (09/07/2015 04:28:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.176671f3401d0e94c51f8ab5e0C:\WINDOWS\Explorer.EXE793200db-555f-11e5-bee5-089e01e10f6f
Error: (09/06/2015 11:58:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVKTray.exe25.1.15196.30655a5ce31ntdll.dll6.3.9600.1793655a68dd1c00000080007d3153a001d0e898198fe6d8C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exeC:\WINDOWS\SYSTEM32\ntdll.dll6fa7fc11-54e2-11e5-bee5-089e01e10f6f
CodeIntegrity:
===================================
Date: 2014-03-04 18:36:32.658
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:31.549
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:30.487
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:29.377
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:17.830
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:16.611
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:15.549
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:14.455
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3976.27 MB
Verfügbarer physikalischer RAM: 1161.38 MB
Summe virtueller Speicher: 7287.44 MB
Verfügbarer virtueller Speicher: 2058.56 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:449.01 GB) (Free:276.69 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E23A050D)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
09.09.2015, 07:55
| #5 |
| /// the machine /// TB-Ausbilder | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.09.2015, 20:28
| #6 |
| | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J mbam Logfile Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 09.09.2015 Suchlaufzeit: 19:03 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.09.06 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Lockjaw Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 436060 Abgelaufene Zeit: 45 Min., 36 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 20 PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\APPID\{384997EE-E3BE-49C4-9ECA-C62B7C08128A}, In Quarantäne, [d00aa687c8c30f274c71f2e911f102fe], PUP.Optional.DynConIE, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{384997EE-E3BE-49C4-9ECA-C62B7C08128A}, In Quarantäne, [d00aa687c8c30f274c71f2e911f102fe], PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{384997EE-E3BE-49C4-9ECA-C62B7C08128A}, In Quarantäne, [d00aa687c8c30f274c71f2e911f102fe], PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [82581b12a3e8063037872caf2ed42cd4], PUP.Optional.DynConIE, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [82581b12a3e8063037872caf2ed42cd4], PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [82581b12a3e8063037872caf2ed42cd4], PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [3e9c16175b30c0760f9274664eb4718f], PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [3e9c16175b30c0760f9274664eb4718f], PUP.Optional.SearchProtect, HKU\S-1-5-21-3950223124-2474653717-92873065-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [6f6b31fc7912d165cef4f3ed4cb636ca], PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\APPID\DynConIE.DLL, In Quarantäne, [7e5c52dbb4d712243fdc365862a20000], PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\DynConIE.DLL, In Quarantäne, [7a6004294e3d1224ed2e3f4f31d346ba], PUP.Optional.SimpleFiles, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Update Service SimpleFiles, Löschen bei Neustart, [409ada536a21f541b37376b17e858080], PUP.Optional.Adanak, HKLM\SOFTWARE\WOW6432NODE\Adanak, In Quarantäne, [904ac469f497c76f232ce19ac63eca36], PUP.Optional.InstallBrain, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, In Quarantäne, [e0fa230a9eeddd59c41ff0a8b2527d83], PUP.Optional.SweetIM, HKLM\SOFTWARE\WOW6432NODE\SweetIM, In Quarantäne, [67732ffe662543f35bcecaec669ec937], PUP.Optional.DynConIE, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DynConIE.DLL, In Quarantäne, [1dbdeb4294f7cd698d8ea5e939cba45c], PUP.Optional.Adanak, HKU\S-1-5-21-3950223124-2474653717-92873065-1002\SOFTWARE\Adanak, In Quarantäne, [28b2a7863f4cc670e7674239e91b50b0], PUP.Optional.SweetIM, HKU\S-1-5-21-3950223124-2474653717-92873065-1002\SOFTWARE\SweetIM, In Quarantäne, [1fbb2a03c0cb87af61c34b6bbb49c23e], PUP.Optional.MultiIE, HKU\S-1-5-21-3950223124-2474653717-92873065-1002\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, In Quarantäne, [667497965a3184b2603ce4be0cf85aa6], PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3950223124-2474653717-92873065-1002\SOFTWARE\CONDUIT\DistributionEngine, In Quarantäne, [c01a6bc2cbc0e94decdd462b02025ca4], Registrierungswerte: 2 PUP.Optional.Conduit, HKU\S-1-5-21-3950223124-2474653717-92873065-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP0B4B9EEB-5CE1-436B-B9D7-F8C03F18425B&q={searchTerms}&SSPV=, In Quarantäne, [5e7cd8553a51ec4a7590335331d317e9] PUP.Optional.Conduit, HKU\S-1-5-21-3950223124-2474653717-92873065-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantäne, [5b7f1e0f91fa20163ec7c4c227ddf907] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 9 PUP.Optional.GenesisOffers, C:\Users\Lockjaw\AppData\Local\Genesis_08220133, In Quarantäne, [ab2f75b88803c175bdd2ba3c887a0cf4], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [09d14be2c3c838fe2ca830c9a65ce61a], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Firefox, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Firefox\chrome, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Firefox\chrome\content, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\IE, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], Dateien: 18 PUP.Optional.SimpleFiles, C:\Windows\System32\Tasks\Update Service SimpleFiles, In Quarantäne, [28b2df4e2f5c7fb76bea2c0a4db603fd], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\app.dat, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Websteroids.ico, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\common.crx, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\announce.js, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\background.html, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\common.js, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\contentscript.js, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\icon.png, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\icon128.png, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\icon16.png, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\icon48.png, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\iframecontentscript.js, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Chrome\unzip\manifest.json, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Firefox\chrome.manifest, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Firefox\install.rdf, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Firefox\chrome\content\main.js, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], PUP.Optional.WebSteroids, C:\ProgramData\Websteroids\Firefox\chrome\content\overlay.xul, In Quarantäne, [f7e353dadfacc96db961dd4605fe18e8], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwCleaner Logfile Code:
ATTFilter # AdwCleaner v5.007 - Bericht erstellt am 09/09/2015 um 21:03:07
# Aktualisiert am 08/09/2015 von Xplode
# Datenbank : 2015-09-08.2 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Lockjaw - BARIS
# Gestartet von : C:\Users\Lockjaw\Desktop\AdwCleaner_5.007.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\Users\Lockjaw\AppData\Roaming\pdfforge
[-] Ordner Gelöscht : C:\Users\Lockjaw\AppData\Roaming\SimpleFiles
[-] Ordner Gelöscht : C:\Users\Lockjaw\Documents\smart pc cleaner
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Lockjaw\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Facebook.lnk
[-] Datei Gelöscht : C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\foxydeal.sqlite
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FED6A736-129B-49C7-857E-25FC91E87DB3}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\genesis
[-] Schlüssel Gelöscht : HKCU\Software\IM
[-] Schlüssel Gelöscht : HKCU\Software\SimpleFiles
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SimpleFiles
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Conduit
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\genesis
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\IM
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\SimpleFiles
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Softonic
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-3950223124-2474653717-92873065-1002\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3304 Bytes] ##########
JRT Logfile Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 8.1 x64
Ran by Lockjaw on 09.09.2015 at 21:10:10,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Adanak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Adanak
~~~ Files
Successfully deleted: [File] C:\WINDOWS\SysWOW64\REN9974.tmp
~~~ Folders
Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin
~~~ FireFox
Emptied folder: C:\Users\Lockjaw\AppData\Roaming\mozilla\firefox\profiles\qdok38a5.default-1412610361134\minidumps [18 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.09.2015 at 21:13:01,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
durchgeführt von Lockjaw (Administrator) auf BARIS (09-09-2015 21:18:27)
Gestartet von C:\Users\Lockjaw\Desktop
Geladene Profile: Lockjaw (Verfügbare Profile: Lockjaw & Gast)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [453448 2014-08-14] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6714472 2015-04-20] (SoftPerfect Research)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM-x32\...\Run: [HTC Sync Loader] => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [659456 2013-09-03] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] (Atheros Communications)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Run: [Octoshape Streaming Services] => C:\Users\Lockjaw\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
Startup: C:\Users\Lockjaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-12-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B26C6885-29F5-4540-8A30-FD95C076B5F7}: [DhcpNameServer] 134.245.10.7 134.245.1.36
Tcpip\..\Interfaces\{E0C75E5A-8B49-4FB5-9619-40444B88458A}: [NameServer] 134.245.1.36,134.245.10.7
Tcpip\..\Interfaces\{F6A39164-470B-4CD6-9875-ECF39C9A94AE}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-22] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-02-28] (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-03] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134
FF Homepage: google.de
FF NetworkProxy: "ftp", "145.255.4.150"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "145.255.4.150"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "145.255.4.150"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "145.255.4.150"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3950223124-2474653717-92873065-1002: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Lockjaw\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1401100-0-npoctoshape.dll [2014-01-10] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Lockjaw\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-11-01] (Octoshape ApS)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\Extensions\ich@maltegoetz.de.xpi [2015-04-22]
FF Extension: stealthy - C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\Extensions\stealthyextension@gmail.com.xpi [2014-10-10]
FF Extension: Adblock Plus - C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-06]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2558072 2015-06-19] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3711712 2015-06-16] (G Data Software AG)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [Datei ist nicht signiert]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3202368 2015-06-19] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-11-07] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-26] (Electronic Arts)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-02-07] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-21] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2015-08-02] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [27648 2015-04-01] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-01] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230912 2015-08-02] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-08-02] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-08-02] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-04-25] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [125952 2015-08-02] (G Data Software AG)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [Datei ist nicht signiert]
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [Datei ist nicht signiert]
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [60736 2015-03-17] (NetFilterSDK.com)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2014-03-04] ()
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-09 21:18 - 2015-09-09 21:19 - 00019714 _____ C:\Users\Lockjaw\Desktop\FRST.txt
2015-09-09 21:13 - 2015-09-09 21:13 - 00001128 _____ C:\Users\Lockjaw\Desktop\JRT.txt
2015-09-09 21:09 - 2015-09-09 21:09 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Lockjaw\Desktop\JRT_7600.exe
2015-09-09 20:57 - 2015-09-09 21:03 - 00000000 ____D C:\AdwCleaner
2015-09-09 20:52 - 2015-09-09 20:52 - 01660416 _____ C:\Users\Lockjaw\Desktop\AdwCleaner_5.007.exe
2015-09-09 20:51 - 2015-09-09 20:51 - 00008130 _____ C:\Users\Lockjaw\Desktop\mbam.txt
2015-09-09 19:01 - 2015-09-09 20:01 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-09 19:01 - 2015-09-09 19:01 - 00001078 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-09 19:01 - 2015-09-09 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-09 19:01 - 2015-09-09 19:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-09 19:01 - 2015-09-09 19:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-09 19:01 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-09 19:01 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-09 19:01 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-09 18:31 - 2015-09-09 18:31 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Lockjaw\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-09 18:18 - 2015-09-09 18:18 - 00001244 _____ C:\Users\Lockjaw\Desktop\Revo Uninstaller.lnk
2015-09-09 18:18 - 2015-09-09 18:18 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-09 18:14 - 2015-09-09 18:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lockjaw\Desktop\revosetup95.exe
2015-09-09 04:16 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 04:16 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 04:16 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 04:16 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 04:16 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 04:16 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 04:16 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 04:16 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 04:16 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 04:16 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 04:16 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 04:16 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 04:16 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 04:16 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 04:16 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 04:16 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 04:16 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 04:16 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 04:16 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 04:16 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 04:16 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-09 04:16 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-09 04:16 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-09 04:16 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-09 04:16 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-09 04:15 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 04:15 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 04:15 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 04:15 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 04:15 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 04:15 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 04:15 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 04:15 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 04:15 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 04:15 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 04:15 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 04:15 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 04:15 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 04:15 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 04:15 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 04:15 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 04:15 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 04:15 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 04:15 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 04:15 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 04:15 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 04:15 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 04:15 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 04:15 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 04:15 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 04:15 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 04:15 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 04:15 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 04:15 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 04:15 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 04:15 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 04:15 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-09 04:15 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 04:15 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 04:15 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 04:15 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 04:15 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 04:15 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 04:15 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 04:15 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 04:15 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 04:15 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 04:15 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 04:15 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 04:15 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 04:15 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 04:15 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 04:15 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 04:15 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-09 04:15 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-09 04:15 - 2015-07-10 21:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-09-09 04:15 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-09 04:15 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-09 04:15 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-09 04:15 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-08 17:02 - 2015-09-08 17:02 - 02190336 _____ (Farbar) C:\Users\Lockjaw\Desktop\FRST64.exe
2015-09-08 16:59 - 2015-09-08 16:59 - 00050477 _____ C:\Users\Lockjaw\Desktop\Defogger.exe
2015-09-07 16:59 - 2015-09-09 21:18 - 00000000 ____D C:\FRST
2015-09-07 16:56 - 2015-09-07 16:56 - 00000168 _____ C:\Users\Lockjaw\defogger_reenable
2015-09-07 16:25 - 2015-09-07 16:25 - 00011348 _____ C:\Users\Lockjaw\Desktop\G*DATA Protokoll ID 521.txt
2015-09-03 20:35 - 2015-09-03 20:35 - 00000000 ____D C:\Users\Lockjaw\Desktop\Neuer Ordner (3)
2015-09-03 13:34 - 2015-09-03 13:34 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Sun
2015-09-03 13:34 - 2015-09-03 13:34 - 00000000 ____D C:\Users\Lockjaw\.oracle_jre_usage
2015-09-02 16:19 - 2015-09-03 23:27 - 00000000 ____D C:\Users\Lockjaw\Desktop\Neuer Ordner (2)
2015-08-29 15:56 - 2015-08-29 15:56 - 00000000 ____D C:\Users\Lockjaw\Desktop\Potcast_JAVA
2015-08-28 19:16 - 2015-08-28 19:16 - 00000000 _____ C:\Users\Lockjaw\Desktop\BTV PS.txt
2015-08-28 01:40 - 2015-09-09 13:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-24 23:37 - 2015-08-24 23:37 - 00002551 _____ C:\Users\Lockjaw\Desktop\Yandex.lnk
2015-08-24 23:37 - 2015-08-24 23:37 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Yandex
2015-08-24 23:37 - 2015-08-24 23:37 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex
2015-08-24 23:36 - 2015-08-24 23:37 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\Yandex
2015-08-21 21:09 - 2015-09-09 04:42 - 00000070 _____ C:\Users\Lockjaw\Desktop\segfhfgcfhf.txt
2015-08-16 19:35 - 2015-08-16 19:35 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\fltk.org
2015-08-12 21:30 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 21:30 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 22:40 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 22:39 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 22:39 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 22:39 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 22:39 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 22:39 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 22:39 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 22:38 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 22:38 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 22:38 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 22:38 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 22:38 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 22:38 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 22:38 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 22:38 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 22:38 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 22:38 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 22:37 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-11 22:37 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-11 22:37 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-11 22:37 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 22:37 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 22:37 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 22:37 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-11 22:34 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-11 22:34 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-11 22:34 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-11 22:34 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 22:34 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 22:34 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 22:34 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 22:34 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 22:34 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 22:33 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 22:33 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 22:33 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 22:33 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 22:33 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 22:33 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 22:33 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 22:33 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-11 22:33 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-09 21:16 - 2015-07-29 14:49 - 01564468 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-09 21:05 - 2015-07-29 16:55 - 00004965 _____ C:\WINDOWS\setupact.log
2015-09-09 21:05 - 2014-11-18 23:15 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\HTC MediaHub
2015-09-09 21:04 - 2015-07-29 17:02 - 00009694 _____ C:\WINDOWS\PFRO.log
2015-09-09 21:04 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-09 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-09 20:13 - 2013-12-02 23:31 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3950223124-2474653717-92873065-1002
2015-09-09 19:57 - 2013-08-22 16:44 - 00509008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 19:55 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Camera
2015-09-09 19:55 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-09 19:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-09 18:39 - 2014-11-18 23:12 - 00000000 ____D C:\Program Files (x86)\HTC
2015-09-09 18:37 - 2014-09-24 08:17 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-09 18:37 - 2014-09-24 07:43 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-09 18:37 - 2014-09-24 07:43 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-09 18:34 - 2015-08-02 13:25 - 00018576 _____ C:\WINDOWS\DPINST.LOG
2015-09-09 18:34 - 2014-11-18 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2015-09-09 16:43 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-09 16:42 - 2014-09-24 08:00 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 16:39 - 2013-12-23 17:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 13:35 - 2013-12-23 17:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-09 00:14 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-08 12:49 - 2013-12-09 22:12 - 00000000 ___RD C:\Users\Lockjaw\Desktop\Spiele
2015-09-08 12:48 - 2013-12-06 15:35 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-08 11:38 - 2013-12-09 21:28 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\vlc
2015-09-08 10:47 - 2014-05-30 17:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-08 10:46 - 2014-08-10 19:28 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\2K Games
2015-09-08 10:41 - 2015-07-28 00:26 - 00000000 ____D C:\Program Files (x86)\FIFA 12
2015-09-08 10:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-07 16:56 - 2014-10-21 02:42 - 00000000 ____D C:\Users\Lockjaw
2015-09-07 11:14 - 2014-10-06 14:23 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2015-09-03 13:34 - 2014-04-25 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-09-03 13:34 - 2014-04-22 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-03 13:34 - 2013-12-10 13:22 - 00000000 ____D C:\ProgramData\Oracle
2015-09-03 13:33 - 2015-07-18 15:49 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-03 13:32 - 2013-12-10 13:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-01 14:28 - 2014-04-25 10:51 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\Eclipse
2015-08-26 18:37 - 2013-12-23 17:18 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-23 16:28 - 2015-05-31 02:34 - 00000000 ____D C:\Users\Lockjaw\Desktop\Musik
2015-08-19 00:16 - 2015-07-29 14:04 - 00000000 ____D C:\Users\Lockjaw\Desktop\ofm
2015-08-16 17:59 - 2013-12-03 01:17 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Racket
2015-08-13 21:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 21:22 - 2015-04-16 02:49 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 21:22 - 2014-09-24 09:43 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 21:21 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 21:21 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-10-04 22:16 - 2014-10-04 22:16 - 0000000 _____ () C:\Users\Lockjaw\AppData\Roaming\gdfw.log
2014-10-04 22:16 - 2014-10-04 22:16 - 0000779 _____ () C:\Users\Lockjaw\AppData\Roaming\gdscan.log
2014-12-15 22:58 - 2014-12-15 22:58 - 0007602 _____ () C:\Users\Lockjaw\AppData\Local\Resmon.ResmonCfg
2013-09-11 20:06 - 2013-09-11 20:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Lockjaw\a.exe
Einige Dateien in TEMP:
====================
C:\Users\Lockjaw\AppData\Local\Temp\CRCCheck.exe
C:\Users\Lockjaw\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Lockjaw\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-09 16:25
==================== Ende von FRST.txt ============================
|
|
09.09.2015, 20:30
| #7 |
| | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J Und falls gewünscht hier auch nochmal Addition Logfile Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-09-2015
durchgeführt von Lockjaw (2015-09-09 21:20:23)
Gestartet von C:\Users\Lockjaw\Desktop
Windows 8.1 (X64) (2014-10-21 01:14:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3950223124-2474653717-92873065-500 - Administrator - Disabled)
Gast (S-1-5-21-3950223124-2474653717-92873065-501 - Limited - Enabled) => C:\Users\Gast
Lockjaw (S-1-5-21-3950223124-2474653717-92873065-1002 - Administrator - Enabled) => C:\Users\Lockjaw
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: - )
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
CodeBlocks (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Counter-Strike 2D 0.1.2.3 (HKLM-x32\...\{849F6C2A-3F9C-4731-B659-8C606B706CF0}_is1) (Version: - Unreal Software)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
ETDWare PS/2-X64 11.6.22.201_WHQL (HKLM\...\Elantech) (Version: 11.6.22.201 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio version 6.5.2.525 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.2.525 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
G DATA INTERNET SECURITY (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.8 - G DATA Software AG)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Sync (HKLM-x32\...\{CBDAE89D-8ABD-4DC5-9309-C2C58696B371}) (Version: 3.3.63 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.33.0 - HTC)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
NetWorx 5.3.5 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Octoshape Streaming Services (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.5-I602 (HKLM\...\OpenVPN) (Version: 2.3.5-I602 - )
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
paint.net (HKLM\...\{141BA46D-2D1F-4DA6-9448-B847334585C0}) (Version: 4.0.4 - dotPDN LLC)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.43 - Qualcomm Atheros)
Racket v5.3.6 (i386) (HKLM-x32\...\Racket-i386-5.3.6) (Version: 5.3.6 - PLT Design Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21222 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 8.1.0.17 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{7876D48F-B654-4A4C-9453-98D6E38E1A0C}) (Version: 6.1.4.0 - Husdawg, LLC)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WindowsAndroid version 4.0.3 (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\{7E07052F-A4CE-4932-B066-B9203888439F}_is1) (Version: 4.0.3 - SocketeQ, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Yandex (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\YandexBrowser) (Version: 15.7.2357.2877 - YANDEX)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
20-08-2015 21:56:10 Windows Update
30-08-2015 16:54:07 Geplanter Prüfpunkt
07-09-2015 17:44:17 Geplanter Prüfpunkt
09-09-2015 18:22:16 Revo Uninstaller's restore point - Installer
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1CF33A71-ED76-4BAE-9D86-CA3B5BA2A719} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {2ED6F8E5-595F-4AA0-B6D3-A7D17B44E2E3} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {3EA7D02C-0ABE-4BEB-B866-D729D192AB1F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {41161877-26AD-46D2-9054-5DD5B39295CC} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {45788018-7A97-44BF-B245-78A0D0D5A404} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {4CB0ADA0-B97B-442D-8351-2766757E6262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {51ECAA66-4F9C-4DB3-BE31-4552324C3A5E} - \Update Service SimpleFiles -> Keine Datei <==== ACHTUNG
Task: {550E275D-D46C-452D-97F1-9B4CA0811667} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {72AA2B51-7B41-483E-89FD-4EFF915F8478} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {948B5781-8A50-439B-B978-C691140AEF1D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {B033E1C4-E4A4-4820-90B3-974F07537CE0} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {BF7D3E85-72E5-4AF4-869E-9F5395829E96} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {C54CAF6F-137A-49E3-9B85-E57242F1C7DD} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-05 02:36 - 2015-07-23 06:06 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-06-16 11:17 - 2015-06-16 11:17 - 00382584 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2013-09-11 19:49 - 2013-03-20 09:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-29 17:31 - 2015-07-23 06:06 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Lockjaw\Desktop\Wallpapers\fallingstar-1680x1050.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "NetWorx"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "HTC Sync Loader"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "Octoshape Streaming Services"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C411134C-EADE-4840-AD41-471719150BC6}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe
FirewallRules: [{90261D61-0EC2-4E7B-8F16-E3D1DA35FBF9}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe
FirewallRules: [{23B334DC-4DC3-42FD-8B70-4425FF93C5AC}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe
FirewallRules: [{86887012-AFD7-4C12-8C71-D9DBE895A0EE}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe
FirewallRules: [{D954566A-F45B-4717-A14F-7ED696FF38CD}] => (Allow) C:\Users\Lockjaw\Desktop\Alesha_Dixon_Ft_Jay_Sean_-_Every_Little_Part_Of_Me_downloader.exe
FirewallRules: [{E757FE96-D993-4465-A08C-CDFB100B6FDE}] => (Allow) C:\Users\Lockjaw\Desktop\Alesha_Dixon_Ft_Jay_Sean_-_Every_Little_Part_Of_Me_downloader.exe
FirewallRules: [{18759DD1-516E-4305-A95B-726AAF8AD393}] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{2FD09BF9-AB14-44C5-B34B-98507427C9F5}] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{75E30E99-6A26-4C9D-B9CD-3E28FF7D8EEB}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{F41FA2E4-2745-4525-84CE-CD48BFA60680}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{56F50C64-BA71-4C2C-96BC-4A160A6D6710}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3D588E83-2414-4A3F-9D00-9017BC586268}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8EBB179E-A582-43E8-9B35-0CCC6B533188}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{57543844-69B0-4A18-ABB6-7B9B09BF055A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5316F871-B4D4-46E8-A83B-BD5F5ABE8136}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{80A056C7-D050-4AD5-9620-B6A2FB7E5532}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{736862E6-781A-493A-B8EE-0DD503BD0B5A}] => (Block) %ProgramFiles% (x86)\Origin\Origin.exe
FirewallRules: [{29284F29-2DA5-4B52-B42A-789566279163}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5BD25027-3437-4177-8F0D-8773DBC09344}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8C323AF5-A3DE-4EE8-8688-CC9AE0629588}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C79F5D5A-D4AA-43B3-A96C-D180664C3366}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0ECE8102-3C5F-490D-A05C-90F16DD10FAA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{08AB42C0-5D6C-45BE-B4F8-4A7F1986A953}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{0A570BDA-481E-4CD6-A5C7-F9C8A5530CB7}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{7FEF26BF-7588-4BFC-A7C3-F97252D6BCBC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D4F1DC48-17AA-480F-9B26-9D5D5A9A0CBC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CDFE52FC-F94F-466B-8C0E-D1DE513A0375}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{391F3DBB-F2E7-40DB-B996-94E5EFF19B6F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E21BDF3D-8514-4B8C-9E80-657AD8CDD43A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{57B2A616-6F78-4744-AFFE-27E0FA043D45}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D0B50106-7853-4E25-9217-9A2426833905}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ECC0DF3A-97A9-484A-B3FD-476E7435D3A4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A35E19AB-5967-47B5-9210-A385B5EED58A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D3286246-1CE3-461E-AE17-45BDE51BBDDB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DBC0BE1B-3A90-4F90-9B6C-5E8A1131AD52}] => (Block) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{6FEBF509-2AE3-485F-9F17-1917E1B77BD2}] => (Block) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{AA639933-73D1-497F-9932-0BD2B99BBA4D}C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [TCP Query User{4BA33FA7-74FC-419D-B540-34325FBBE445}C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{F899679C-E365-458B-8DFB-3469B15A988E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F9888EC5-5715-430D-A199-C6B44A1CD4BF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40A2C474-D8DA-4F71-A86A-A6B6C605E45B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{55D64460-2292-483B-9A1A-E033B3A3F2B3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F6CCD0E0-8F4B-4FBC-AF03-81C36AB2E2EB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AF749DF3-4BB8-401C-8421-70EA59211CA8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CE39D408-2BFF-4953-A034-51FB4E9AAA58}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7481B7EE-47E2-4E76-BF77-717512413552}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{05185869-29E7-4F9D-B156-AE4302E4AB66}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8ED4FA86-7039-4AB7-932B-FD9A9D0C90A5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BB10DE5F-F187-4D1F-A058-D2613E7E3CA7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E37EA811-220B-4B52-B5D7-0D9AD6969626}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40E64DAC-7FE0-4560-8131-7EC6CBF7BB85}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{60068DCD-AFE4-4E0E-A655-054FB579B14A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D8D3BB4B-4858-4810-8F46-5C0A9E5C4040}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F34166B2-77D5-4930-B502-B7D803D31C18}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4FB27678-3BCE-4249-BBFF-D0449845EE1E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{44C09CEA-FF2D-466C-B4D8-4E7DCC8A6D7A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0F24266D-6EF9-40FD-B158-5C3CA5B37733}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A9737AA4-E748-4830-A5DA-5C05BC30D88A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{120207D7-FB1A-46B5-9CCF-C1AA40826CC5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9BF8E0BF-ED9C-4D72-9B6D-84A7F4B6993A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EF509454-8EAD-47C9-B334-D64FCA65269E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8E804407-2CFC-470E-8A06-92C5546036DA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3C4ECD0F-580E-4003-81B4-643FFDBBAD8A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{246C86B0-17E9-4192-A8CD-8AD464E63629}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{69593D5A-7577-46CA-B919-536913C81D8F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5641B702-56F0-4BAE-8429-BFD9EBC91088}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{77EF90AE-EC2E-42A3-BBC9-0341DC6C82DE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CA73530F-67DB-4EBB-93A7-38F49E37B699}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{703A379F-B9F9-4AA8-9381-0D35E3CB348B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FBC323A8-A874-4C7D-8981-571DAF1E91FD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D726AFBA-8DF0-42E3-B715-8A36763A7304}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{60256AF4-B10D-4490-8B5D-F985787589AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8BB75F5B-A235-4099-ADE6-238F9B8A4FCA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{36F57D18-D07D-4418-9FAF-FEC1F893E929}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A6D5EA56-0D69-41A0-823F-3B709157EF47}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0E587200-2C31-4D9B-8A84-60E90AC8E9C5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{C9BBA10F-A452-40BE-80B6-F16EE03DAD19}D:\ida61\idaq64.exe] => (Allow) D:\ida61\idaq64.exe
FirewallRules: [TCP Query User{2389A3EA-765E-4510-9CFE-11E3E35B34B3}D:\ida61\idaq64.exe] => (Allow) D:\ida61\idaq64.exe
FirewallRules: [{35F81982-CA5C-4923-99C0-EB8062E5DCCB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6D572355-325F-40FF-B50F-7CEEFB0B7C2C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0292BE09-7CFC-4DD7-87F1-E9601BCCD376}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{59F53A33-F186-41BD-9A88-57D9DB6468F4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2F66DED4-1A07-408E-8474-E886CD16D4E0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2DC52047-2F91-434A-914D-BC33B1D12588}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C9539AC0-CC97-4B6A-9A72-E31D7C3E20E1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BAA00FEC-198D-416B-BE1E-91D82072106D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{80ACB7A5-F9A1-45BD-9C9D-FAEE332255A7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{81F657C6-CF6C-4DE7-98F0-8BDB46CAFA26}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{31EB239F-0A44-4BB7-84C8-2C052BDCDC03}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9CCE72B5-0012-40A2-A973-34B76D7384F2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{92420C92-6CBC-4FA8-ABC0-6BC76B8CF8B4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D0213EF5-EF40-4B71-8287-5D530EFF5484}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{23832D91-7F91-4721-8353-DBB5F7B7814D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{12881E4F-32FF-46AD-866E-6D7D96574FDA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A14BF2F4-DFA5-49FE-9B0C-8246EA942CBC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8EC8C3D4-52BC-4DAF-B535-6498A14D6824}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4AB6B8A7-5824-44AE-8515-2555E798E1BE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{09DE92AC-FA76-4C8C-B0E7-8A687DEF2FF5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{1B414D37-0650-46DD-BC00-FABDB3E8260B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2D0D68CE-A312-4D4C-8F7A-12E3772A92EE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{92F1618D-49D2-4E81-A92C-C1DFB4A7C927}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{007E3B54-F036-4F54-A6D4-813161F462D7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0ED6FAE1-F118-4CD6-852E-191703370B5E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{70A8ADDC-B013-4636-B543-4EBBAF788F50}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{038213F2-E13F-46EE-B805-F0741D72B56F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{73962252-44DB-4F4C-BAD5-7A96FB08352F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{883C85C9-35E0-479A-8B58-72D38C6E5574}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6BF42A54-6BF2-46A1-972E-32507766100D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{26A825FF-1B66-4AB6-A264-5CCAED35DC08}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F4117E05-72DF-453B-8488-6F6D28ED4F66}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2EC23514-7F70-4CB5-9AF7-C9BE40F79C86}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3E036FCA-2A51-45C9-84C8-6B44FD44D955}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BC76177B-21E5-44CB-8DC9-7443BDE3BA4D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{654F5439-DBD8-435D-B028-DC37008585F6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1E0AC3DD-8DFF-4F4C-90DA-DFD81BE37EE5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{29C94B13-1F0E-458D-98F9-AF4C586C003B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D826F380-9A1B-40D6-8BF3-63A5021117AD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8F50D027-2100-4679-86EE-E2C0D71DE253}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{17B99FC8-647A-4E6E-8F82-F3A824A6A0CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D440161-E96C-4B31-B8D9-789C5762EC7F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C2C88739-5411-43AD-B697-F75C4FDE3A58}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D5986FF2-FBD8-4150-99EA-507E6BF129A9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F85576CA-6354-4807-951F-683E62F0AE5F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{337A924A-1D51-4E61-A452-3687BE331163}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F964DA5B-4D52-41B4-B816-6636C5FB3156}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{17BC7416-5717-441A-978B-EB276697C1A4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DA3762DE-6895-43AE-9D82-35EAFC57AF9D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2D6C1191-090F-4BF7-8CD0-7D7E71392103}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{67D3B3E7-DB00-46F0-84C8-C4A1F65EB25D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A811E766-1596-4D96-8F2F-D3E6C7AAC20F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8823D5B2-2C31-4DC3-800C-6A96063E96DC}] => (Allow) LPort=1900
FirewallRules: [{3B62095A-9BCB-4540-8C92-32D7FFE86131}] => (Allow) LPort=2869
FirewallRules: [{A20B6CE1-7BEB-42DB-BDCE-C9962E02A560}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4F753C7F-807F-48F2-BE54-ED870124FC5C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40C24F54-BFA5-4271-BD74-9D43ED01D340}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{38F8750A-65BE-40D0-8472-4DA8E426C360}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2F74BC6C-89BB-43AC-ACBA-6B5ABD4DDB89}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{DA17D3DE-BE4D-4D80-8E63-D70280AD2D3A}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{02A799B6-3841-4AB6-82E2-3A9A57914DA7}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{C11C024B-2371-425F-AC93-8960CE615664}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8242E8CC-6D36-41E0-BEF0-E2769FA47B0E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{11D762CE-9AC1-4D39-A9FA-72D3A6957FBD}C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D6C0E826-4690-4176-BEC9-7CDF8D9B7D75}C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{29B3DC68-6C99-42CD-88A8-20474ECF8894}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D75E0EC-3EFD-4F5D-86AA-4ECB24448050}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AD7398D6-A241-489A-AC6A-5E296E33F92D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B6597BD5-32ED-4FC3-A67C-3CFBEB37DA33}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{388C3E6E-BA1C-44C9-A351-DD657D38DF35}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1A328483-5736-4D95-AE85-AA52EBA9F817}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{87B75356-6CB6-4784-BEB7-3ADE2D15D4CF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0E9250E0-2702-49A1-9347-49E2F10ED1BE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{66AA529B-4275-4EA8-8E02-A607D566F805}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{84B25485-0BBF-4D87-8DD8-6CE3F1DA2C84}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A1CBA460-BC37-45CA-9EF6-C6531471E4AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9B678974-FFA0-4546-9637-5AD864018F06}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D13E5ADE-E500-4EFD-B230-75B29563C353}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{48686991-1FF9-4522-83B9-49CEC757F9CD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9C8DFC25-B5FC-4DCC-B818-84710C779441}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A5C94047-F3C6-4BA4-AB0E-F9E0CC8EBB4C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F1F5F090-FF59-40C1-9FE0-0480D22FC9C9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F1F09F52-543D-4ED4-8B1E-B7BAA29E2728}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D7AD12E2-86FF-4103-8B13-F6DEBF8027EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{35CC7977-3A5A-46DB-B4D4-06D77E367E51}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B75582C2-1202-4980-9E8D-5F4397D33ACF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{53E6896D-90BA-4793-A375-717014DDEBB4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{28EE962C-EFC0-4622-ADEF-F84C238692AC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5FF550C5-5B5B-42CD-A1E1-BFFB1DA23923}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6436289F-FEF2-4DB8-99BC-3C217E48BF3C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{84D8BD00-6855-4607-8F4B-43F24B3AA51B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{873B358D-71B6-47FF-B285-B480E174EF0B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{10C69F12-25B5-4CB1-A050-98B8D11F2ADD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{71B4FC0C-B629-46FB-9727-3146C0E2BA3E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CDFB949A-C942-4C3D-8E9E-61ABEC5E55F6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5C520E29-1787-4CB3-9C2B-5FCC166F89BA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{75502D06-1FBF-4EE9-AA4A-62B8CF6FBAAD}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{96FA7699-5650-43B4-B8F7-3622F3814E52}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{823CB6B2-19D2-4B7C-97BE-3D032E030F61}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{AEE2AF5C-6947-4184-9FFC-3859FAA6CA72}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{B5EBEB47-BF51-4B31-9BA0-C8F2FA7D60ED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3A0E25AA-07D6-47DA-883C-86869A90D8ED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2A6AE1D0-D3C6-4295-9D47-DB5A7247D33E}] => (Allow) C:\Program Files (x86)\Capcom\Dead Rising 2\deadrising2.exe
FirewallRules: [{BDFE419E-195B-4F6A-B912-0D2E6B01D956}] => (Allow) C:\Program Files (x86)\Capcom\Dead Rising 2\deadrising2.exe
FirewallRules: [{7F79DB6A-02FF-467F-BEE8-6DB4813E1DC4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A0F05AB1-3F1F-4CF9-8345-5D8D722EA946}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5F9D60FC-864F-443E-BD4E-A6099CFD4D33}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9F9ABAB2-AA9A-4A77-8F51-B2813822D74E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{27F2CD82-111E-41EC-AC77-6D26C57FF199}] => (Allow) C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6C9805DD-7D29-47DE-885A-B50D53EDF4FF}] => (Allow) C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6E9973E2-9EEC-48DD-A028-531255C0A764}] => (Allow) C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{1E88A32A-D8DA-4733-8838-D53581F3EC60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EA6515D-704D-40E5-B267-E16A8D1262B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4C50E3F3-5B3F-44F0-846A-44B97BC48698}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{085C8A94-2387-4E2A-8E65-E7DDFC0D6C2A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{7794A075-6BF2-41CC-A8C3-CBA705B73A1F}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{24ED4C29-EB24-4386-BF04-0127E4980E50}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{5E1FC86E-A87C-4AFD-A450-9E3A325F424A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{497D5098-310D-4751-A793-BE10A62BD871}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{93D125B2-2100-49AB-89DF-7A21B7A5D74D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C54056C0-CDD8-498D-AD8E-DB735DCD2FF1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{F6F68627-1BCA-475B-94E5-8E6F75FC1DC6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{C9B7BFDF-EF4F-4929-BA27-382A69DB15FB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{0D27AB6B-9600-4385-A19F-C987DC261764}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{EBD2E5C6-E1D4-4F1E-85F2-642D248B701F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{68196D73-145A-4B64-AFED-D573DC5875B0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{6AE32B8D-284F-4E8D-A14E-2437AA8C911F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{6B33D82B-7394-4BFA-A6AB-4872C2E1E7F8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{C1EC3C5C-2678-4D8F-9A07-AD2E985DBA5E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{581524D2-D85E-4151-9780-2C0340364DF6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{A68BA543-4907-43B1-BDAE-86D4619B2E3F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{14E23DF3-FF31-4BE6-B504-A1BAEADF2307}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{80828A2C-D230-48B4-BA27-D8F0A5E9ACA1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7D64B30A-14FD-4523-A919-0D436CD16A0D}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{D62F8649-905E-411C-8C9B-DF081206E447}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{892562E2-0D1D-4764-9828-8AB82D176642}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EB77D5F0-536B-4C41-B566-E48656F7B450}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{037EFF30-4CE0-434C-BBAA-8382C91FD956}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8335732E-F2D8-4697-ACED-17A2380A3B63}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{2A0321B6-C86E-4A1A-960F-43C4D93C6614}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{F9887015-8EF8-4140-9F10-C8BEB56DC707}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{806CD66C-C1C4-4D7F-AF3D-3FA7451D6949}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{451FAAF0-5B76-40EE-B7B5-D91A3CB0AB04}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{D219CF44-25AB-445E-A52C-25EE399B0428}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{4E1E1B88-FA03-45CF-B1D7-0AE508C541DE}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{3C844019-8CCC-44CF-81BD-CBD22C497D11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6B13B5C3-1BC6-4A73-882A-7A9AB57A0B7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{022738F4-523A-4646-8F78-3DDDC96D0748}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{48EA0D14-CCE3-4B87-9F5D-F5855A97DE3E}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{8C67EA1C-8A88-46E0-B667-653DD0C9A535}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{466DE108-0A42-48C8-9286-09A024B1D833}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2447D7D2-8062-4E5C-A9F7-961A51CF4DA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0F8CAFAA-69D9-46D4-80D0-3E035BBB1C73}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6BE48CB8-EB79-4F9E-AE7B-37DECC7E8561}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{B3F4200C-8A7C-4F4B-BEE5-C1C411AE28DC}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{74B9669B-143C-4B0E-B6DC-5E9AB123B1E4}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{9EAFC6D2-9BC0-4A66-827E-BCA9AA894880}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{FF46A6EB-5DFA-4D75-AB2C-FC196126F672}] => (Allow) LPort=26675
FirewallRules: [{4EBE5487-BB71-4316-AF21-B798CEE4C05C}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{C884EDB9-48A9-4A1C-936C-5798D342D3AC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{77FE91F2-42A4-4F7A-984C-246A4A34CD7A}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{BF5687C7-97A1-46FE-A581-68AD13F3BD4F}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{C2884DDE-EC3A-49FB-B47A-3B1700A9BBB1}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{ADE8C9A1-F6B7-46C7-BD99-0A395EBF831A}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{23FD9D9C-FFD4-4BB7-9FAE-13C51A1600CE}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{14CDA00B-5D99-42B3-BDBC-4C9CDAF46C3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AD72BABA-B10C-4C48-844F-94A17FD76E6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CD8DE495-9C77-4CD7-8195-5449064F3B04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EDD0D21E-9099-47CC-8223-11A826761485}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{83695C83-389A-456B-A1A4-FADCC9AE3FA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C601F979-8675-48B9-A855-5EE0A794F34D}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{A81FE0BB-BA89-47A5-BAEF-3D89980BC160}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{E12541D1-A54B-4794-8653-31B0BC8461F1}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{DD08881E-8D56-4188-A521-768E7E0C04B5}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{527554AA-E583-4FA6-BD8C-18626FA7D830}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{08173A9F-866A-4755-8E86-81ED96DFABC2}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Android Phone
Description: Android Phone
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/09/2015 01:46:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1977.6980, Zeitstempel: 0x55a97f26
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002047f
ID des fehlerhaften Prozesses: 0xc40
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5
Error: (09/08/2015 08:42:57 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:55 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:53 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:51 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:49 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:47 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:45 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:43 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:41 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Systemfehler:
=============
Error: (09/09/2015 09:10:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2015 09:10:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2015 09:10:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2015 09:10:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2015 09:10:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/09/2015 09:10:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/09/2015 09:10:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2015 09:10:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2015 09:10:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2015 09:10:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Norton Online Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (09/09/2015 01:46:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1977.698055a97f26ntdll.dll6.3.9600.1793655a68e0cc0000005000000000002047fc4001d0eaf3d5982eb8C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\WINDOWS\SYSTEM32\ntdll.dll6e80b349-56e8-11e5-bee6-089e01e10f6f
Error: (09/08/2015 08:42:57 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:55 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:53 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:51 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:49 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:47 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:45 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:43 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:41 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
CodeIntegrity:
===================================
Date: 2014-03-04 18:36:32.658
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:31.549
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:30.487
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:29.377
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:17.830
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:16.611
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:15.549
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:14.455
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 3976.27 MB
Verfügbarer physikalischer RAM: 2280.87 MB
Summe virtueller Speicher: 6792.27 MB
Verfügbarer virtueller Speicher: 4485.26 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:449.01 GB) (Free:276.47 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E23A050D)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
10.09.2015, 19:17
| #8 |
| /// the machine /// TB-Ausbilder | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.JESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.09.2015, 18:26
| #9 |
| | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J ESET Logfile Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fe33c19aa8654c4596f51d0221b1e84e
# end=init
# utc_time=2015-09-11 12:56:07
# local_time=2015-09-11 02:56:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25714
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fe33c19aa8654c4596f51d0221b1e84e
# end=updated
# utc_time=2015-09-11 01:02:25
# local_time=2015-09-11 03:02:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=fe33c19aa8654c4596f51d0221b1e84e
# engine=25714
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-11 05:07:53
# local_time=2015-09-11 07:07:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='G DATA INTERNET SECURITY'
# compatibility_mode=4112 16777213 100 100 162151 17591277 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2573859 31795313 0 0
# scanned=343999
# found=0
# cleaned=0
# scan_time=14728
SecurityCheck Logfile Code:
ATTFilter Results of screen317's Security Check version 1.008
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
G DATA INTERNET SECURITY
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 51
Java 8 Update 60
Java SE Development Kit 8
Java SE Development Kit 8 Update 45
Adobe Flash Player 18.0.0.232
Adobe Reader XI
Mozilla Firefox (40.0.3)
````````Process Check: objlist.exe by Laurent````````
G Data InternetSecurity Firewall GDFirewallTray.exe
G Data InternetSecurity Firewall GDFwSvcx64.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
durchgeführt von Lockjaw (Administrator) auf BARIS (11-09-2015 19:21:00)
Gestartet von C:\Users\Lockjaw\Desktop
Geladene Profile: Lockjaw (Verfügbare Profile: Lockjaw & Gast)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [453448 2014-08-14] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6714472 2015-04-20] (SoftPerfect Research)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM-x32\...\Run: [HTC Sync Loader] => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [659456 2013-09-03] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] (Atheros Communications)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Run: [Octoshape Streaming Services] => C:\Users\Lockjaw\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-08-25] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-08-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-08-25] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-03-05] (Dropbox, Inc.)
Startup: C:\Users\Lockjaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-12-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B26C6885-29F5-4540-8A30-FD95C076B5F7}: [DhcpNameServer] 134.245.10.7 134.245.1.36
Tcpip\..\Interfaces\{E0C75E5A-8B49-4FB5-9619-40444B88458A}: [NameServer] 134.245.1.36,134.245.10.7
Tcpip\..\Interfaces\{F6A39164-470B-4CD6-9875-ECF39C9A94AE}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-22] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-02-28] (Qualcomm Atheros Commnucations)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-03] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134
FF Homepage: google.de
FF NetworkProxy: "ftp", "145.255.4.150"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "145.255.4.150"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "145.255.4.150"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "145.255.4.150"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3950223124-2474653717-92873065-1002: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Lockjaw\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1401100-0-npoctoshape.dll [2014-01-10] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Lockjaw\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-11-01] (Octoshape ApS)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\Extensions\ich@maltegoetz.de.xpi [2015-04-22]
FF Extension: stealthy - C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\Extensions\stealthyextension@gmail.com.xpi [2014-10-10]
FF Extension: Adblock Plus - C:\Users\Lockjaw\AppData\Roaming\Mozilla\Firefox\Profiles\qdok38a5.default-1412610361134\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-06]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2558072 2015-06-19] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3711712 2015-06-16] (G Data Software AG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [Datei ist nicht signiert]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3202368 2015-06-19] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-14] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-11-07] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-26] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-02-07] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-21] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2015-08-02] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [27648 2015-04-01] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-01] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230912 2015-08-02] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-08-02] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-08-02] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-04-25] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [125952 2015-08-02] (G Data Software AG)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [Datei ist nicht signiert]
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [Datei ist nicht signiert]
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [60736 2015-03-17] (NetFilterSDK.com)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2014-03-04] ()
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-11 19:21 - 2015-09-11 19:21 - 00022723 _____ C:\Users\Lockjaw\Desktop\FRST.txt
2015-09-11 19:20 - 2015-09-11 19:20 - 00000000 ____D C:\Users\Lockjaw\Desktop\FRST-OlderVersion
2015-09-11 19:14 - 2015-09-11 19:14 - 00852704 _____ C:\Users\Lockjaw\Desktop\SecurityCheck.exe
2015-09-11 14:54 - 2015-09-11 14:54 - 02870984 _____ (ESET) C:\Users\Lockjaw\Desktop\esetsmartinstaller_deu.exe
2015-09-10 03:04 - 2015-09-11 13:16 - 00000000 ____D C:\Users\Lockjaw\Desktop\Film
2015-09-09 22:32 - 2015-09-09 22:32 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-09-09 22:32 - 2015-09-09 22:32 - 00000000 ____D C:\WINDOWS\system32\NV
2015-09-09 22:28 - 2015-08-25 20:46 - 42840368 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 22525560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 18543736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 17082392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 16637336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 15512888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 14936264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 14635792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 13661160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 12515016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 12185152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 11089200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-09-09 22:28 - 2015-08-25 20:46 - 02940720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 02627704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 01075320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 01064752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 00986232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 00945456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 00031352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-09-09 22:07 - 2015-08-25 16:24 - 06884984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-09 22:07 - 2015-08-25 16:24 - 03496752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-09 22:07 - 2015-08-25 16:24 - 02558584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-09 22:07 - 2015-08-25 16:24 - 01062520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-09-09 22:07 - 2015-08-25 16:24 - 00937776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-09 22:07 - 2015-08-25 16:24 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-09 22:07 - 2015-08-25 16:24 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-09-09 22:07 - 2015-08-25 16:24 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-09 22:07 - 2015-08-25 14:35 - 05165808 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-09 22:02 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-09-09 22:02 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-09-09 21:13 - 2015-09-09 21:13 - 00001128 _____ C:\Users\Lockjaw\Desktop\JRT.txt
2015-09-09 21:09 - 2015-09-09 21:09 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Lockjaw\Desktop\JRT_7600.exe
2015-09-09 20:57 - 2015-09-09 21:03 - 00000000 ____D C:\AdwCleaner
2015-09-09 20:52 - 2015-09-09 20:52 - 01660416 _____ C:\Users\Lockjaw\Desktop\AdwCleaner_5.007.exe
2015-09-09 20:51 - 2015-09-09 20:51 - 00008130 _____ C:\Users\Lockjaw\Desktop\mbam.txt
2015-09-09 19:01 - 2015-09-09 20:01 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-09 19:01 - 2015-09-09 19:01 - 00001078 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-09 19:01 - 2015-09-09 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-09 19:01 - 2015-09-09 19:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-09 19:01 - 2015-09-09 19:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-09 19:01 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-09 19:01 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-09 19:01 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-09 18:31 - 2015-09-09 18:31 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Lockjaw\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-09 18:18 - 2015-09-09 18:18 - 00001244 _____ C:\Users\Lockjaw\Desktop\Revo Uninstaller.lnk
2015-09-09 18:18 - 2015-09-09 18:18 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-09 18:14 - 2015-09-09 18:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lockjaw\Desktop\revosetup95.exe
2015-09-09 04:16 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 04:16 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 04:16 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 04:16 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 04:16 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 04:16 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 04:16 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 04:16 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 04:16 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 04:16 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 04:16 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 04:16 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 04:16 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 04:16 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 04:16 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 04:16 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 04:16 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 04:16 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 04:16 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 04:16 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 04:16 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-09 04:16 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-09 04:16 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-09 04:16 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-09 04:16 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-09 04:15 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 04:15 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 04:15 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 04:15 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 04:15 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 04:15 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 04:15 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 04:15 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 04:15 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 04:15 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 04:15 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 04:15 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 04:15 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 04:15 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 04:15 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 04:15 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 04:15 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 04:15 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 04:15 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 04:15 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 04:15 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 04:15 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 04:15 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 04:15 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 04:15 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 04:15 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 04:15 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 04:15 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 04:15 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 04:15 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 04:15 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 04:15 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-09 04:15 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 04:15 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 04:15 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 04:15 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 04:15 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 04:15 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 04:15 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 04:15 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 04:15 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 04:15 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 04:15 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 04:15 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 04:15 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 04:15 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 04:15 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 04:15 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 04:15 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-09 04:15 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-09 04:15 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-09-09 04:15 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-09 04:15 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-09 04:15 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-09 04:15 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-08 17:02 - 2015-09-11 19:20 - 02190848 _____ (Farbar) C:\Users\Lockjaw\Desktop\FRST64.exe
2015-09-08 16:59 - 2015-09-08 16:59 - 00050477 _____ C:\Users\Lockjaw\Desktop\Defogger.exe
2015-09-07 16:59 - 2015-09-11 19:21 - 00000000 ____D C:\FRST
2015-09-07 16:56 - 2015-09-07 16:56 - 00000168 _____ C:\Users\Lockjaw\defogger_reenable
2015-09-07 16:25 - 2015-09-07 16:25 - 00011348 _____ C:\Users\Lockjaw\Desktop\G*DATA Protokoll ID 521.txt
2015-09-03 20:35 - 2015-09-03 20:35 - 00000000 ____D C:\Users\Lockjaw\Desktop\Neuer Ordner (3)
2015-09-03 13:34 - 2015-09-03 13:34 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Sun
2015-09-03 13:34 - 2015-09-03 13:34 - 00000000 ____D C:\Users\Lockjaw\.oracle_jre_usage
2015-09-02 16:19 - 2015-09-03 23:27 - 00000000 ____D C:\Users\Lockjaw\Desktop\Neuer Ordner (2)
2015-08-29 15:56 - 2015-08-29 15:56 - 00000000 ____D C:\Users\Lockjaw\Desktop\Potcast_JAVA
2015-08-28 19:16 - 2015-08-28 19:16 - 00000000 _____ C:\Users\Lockjaw\Desktop\BTV PS.txt
2015-08-28 01:40 - 2015-09-09 13:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-24 23:37 - 2015-08-24 23:37 - 00002551 _____ C:\Users\Lockjaw\Desktop\Yandex.lnk
2015-08-24 23:37 - 2015-08-24 23:37 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Yandex
2015-08-24 23:37 - 2015-08-24 23:37 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex
2015-08-24 23:36 - 2015-08-24 23:37 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\Yandex
2015-08-21 21:09 - 2015-09-09 04:42 - 00000070 _____ C:\Users\Lockjaw\Desktop\segfhfgcfhf.txt
2015-08-16 19:35 - 2015-08-16 19:35 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\fltk.org
2015-08-12 21:30 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 21:30 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-11 19:16 - 2015-07-29 14:49 - 01082805 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-11 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-11 04:48 - 2014-10-06 22:33 - 00000378 _____ C:\Users\Lockjaw\Desktop\Film Liste.txt
2015-09-11 00:11 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-09 22:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-09 22:32 - 2014-10-21 02:33 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-09 22:32 - 2014-10-21 02:32 - 00000000 ____D C:\Temp
2015-09-09 22:30 - 2014-10-21 02:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-09 22:16 - 2013-12-02 23:31 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3950223124-2474653717-92873065-1002
2015-09-09 22:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-09-09 22:06 - 2014-10-21 02:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-09 22:06 - 2014-10-21 02:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-09 22:05 - 2015-07-29 16:55 - 00005620 _____ C:\WINDOWS\setupact.log
2015-09-09 22:05 - 2014-11-18 23:15 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\HTC MediaHub
2015-09-09 22:05 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-09 21:04 - 2015-07-29 17:02 - 00009694 _____ C:\WINDOWS\PFRO.log
2015-09-09 19:57 - 2013-08-22 16:44 - 00509008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 19:55 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Camera
2015-09-09 19:55 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-09 19:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-09 18:39 - 2014-11-18 23:12 - 00000000 ____D C:\Program Files (x86)\HTC
2015-09-09 18:37 - 2014-09-24 08:17 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-09 18:37 - 2014-09-24 07:43 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-09 18:37 - 2014-09-24 07:43 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-09 18:34 - 2015-08-02 13:25 - 00018576 _____ C:\WINDOWS\DPINST.LOG
2015-09-09 18:34 - 2014-11-18 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2015-09-09 16:43 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-09 16:42 - 2014-09-24 08:00 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 16:39 - 2013-12-23 17:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 13:35 - 2013-12-23 17:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-08 12:49 - 2013-12-09 22:12 - 00000000 ___RD C:\Users\Lockjaw\Desktop\Spiele
2015-09-08 12:48 - 2013-12-06 15:35 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-08 11:38 - 2013-12-09 21:28 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\vlc
2015-09-08 10:47 - 2014-05-30 17:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-08 10:46 - 2014-08-10 19:28 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\2K Games
2015-09-08 10:41 - 2015-07-28 00:26 - 00000000 ____D C:\Program Files (x86)\FIFA 12
2015-09-08 10:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-07 16:56 - 2014-10-21 02:42 - 00000000 ____D C:\Users\Lockjaw
2015-09-07 11:14 - 2014-10-06 14:23 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2015-09-03 13:34 - 2014-04-25 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-09-03 13:34 - 2014-04-22 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-03 13:34 - 2013-12-10 13:22 - 00000000 ____D C:\ProgramData\Oracle
2015-09-03 13:33 - 2015-07-18 15:49 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-03 13:32 - 2013-12-10 13:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-01 14:28 - 2014-04-25 10:51 - 00000000 ____D C:\Users\Lockjaw\AppData\Local\Eclipse
2015-08-27 02:37 - 2014-06-03 10:25 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-08-27 02:37 - 2014-02-09 05:21 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-08-27 02:36 - 2014-06-03 10:25 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-08-27 02:36 - 2014-02-09 05:21 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-08-26 18:37 - 2013-12-23 17:18 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-25 20:46 - 2013-09-05 02:37 - 01106672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-25 20:46 - 2013-09-05 02:37 - 00944736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-25 20:46 - 2013-09-05 02:36 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-25 20:46 - 2013-09-05 02:36 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-25 20:46 - 2013-09-05 02:36 - 00033025 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-25 20:46 - 2013-09-05 02:35 - 03527696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-25 20:46 - 2013-09-05 02:35 - 03112904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-23 16:28 - 2015-05-31 02:34 - 00000000 ____D C:\Users\Lockjaw\Desktop\Musik
2015-08-19 00:16 - 2015-07-29 14:04 - 00000000 ____D C:\Users\Lockjaw\Desktop\ofm
2015-08-16 17:59 - 2013-12-03 01:17 - 00000000 ____D C:\Users\Lockjaw\AppData\Roaming\Racket
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 00:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 21:22 - 2015-04-16 02:49 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 21:22 - 2014-09-24 09:43 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 21:21 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 21:21 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-10-04 22:16 - 2014-10-04 22:16 - 0000000 _____ () C:\Users\Lockjaw\AppData\Roaming\gdfw.log
2014-10-04 22:16 - 2014-10-04 22:16 - 0000779 _____ () C:\Users\Lockjaw\AppData\Roaming\gdscan.log
2014-12-15 22:58 - 2014-12-15 22:58 - 0007602 _____ () C:\Users\Lockjaw\AppData\Local\Resmon.ResmonCfg
2013-09-11 20:06 - 2013-09-11 20:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Lockjaw\a.exe
Einige Dateien in TEMP:
====================
C:\Users\Lockjaw\AppData\Local\Temp\CRCCheck.exe
C:\Users\Lockjaw\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Lockjaw\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-09 22:16
==================== Ende von FRST.txt ============================
|
|
11.09.2015, 18:28
| #10 |
| | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J Addition Logfile Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
durchgeführt von Lockjaw (2015-09-11 19:22:29)
Gestartet von C:\Users\Lockjaw\Desktop
Windows 8.1 (X64) (2014-10-21 01:14:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3950223124-2474653717-92873065-500 - Administrator - Disabled)
Gast (S-1-5-21-3950223124-2474653717-92873065-501 - Limited - Enabled) => C:\Users\Gast
Lockjaw (S-1-5-21-3950223124-2474653717-92873065-1002 - Administrator - Enabled) => C:\Users\Lockjaw
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: - )
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
CodeBlocks (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Counter-Strike 2D 0.1.2.3 (HKLM-x32\...\{849F6C2A-3F9C-4731-B659-8C606B706CF0}_is1) (Version: - Unreal Software)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
ETDWare PS/2-X64 11.6.22.201_WHQL (HKLM\...\Elantech) (Version: 11.6.22.201 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Studio version 6.5.2.525 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.2.525 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
G DATA INTERNET SECURITY (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.8 - G DATA Software AG)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Sync (HKLM-x32\...\{CBDAE89D-8ABD-4DC5-9309-C2C58696B371}) (Version: 3.3.63 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.33.0 - HTC)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
NetWorx 5.3.5 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Octoshape Streaming Services (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.5-I602 (HKLM\...\OpenVPN) (Version: 2.3.5-I602 - )
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
paint.net (HKLM\...\{141BA46D-2D1F-4DA6-9448-B847334585C0}) (Version: 4.0.4 - dotPDN LLC)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.43 - Qualcomm Atheros)
Racket v5.3.6 (i386) (HKLM-x32\...\Racket-i386-5.3.6) (Version: 5.3.6 - PLT Design Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21222 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 8.1.0.17 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{7876D48F-B654-4A4C-9453-98D6E38E1A0C}) (Version: 6.1.4.0 - Husdawg, LLC)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WindowsAndroid version 4.0.3 (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\{7E07052F-A4CE-4932-B066-B9203888439F}_is1) (Version: 4.0.3 - SocketeQ, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Yandex (HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\YandexBrowser) (Version: 15.7.2357.2877 - YANDEX)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3950223124-2474653717-92873065-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
30-08-2015 16:54:07 Geplanter Prüfpunkt
07-09-2015 17:44:17 Geplanter Prüfpunkt
09-09-2015 18:22:16 Revo Uninstaller's restore point - Installer
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {09720400-6A3A-4C0B-A875-359DE0EFBD79} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {1CF33A71-ED76-4BAE-9D86-CA3B5BA2A719} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {2ED6F8E5-595F-4AA0-B6D3-A7D17B44E2E3} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {41161877-26AD-46D2-9054-5DD5B39295CC} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {45788018-7A97-44BF-B245-78A0D0D5A404} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {4CB0ADA0-B97B-442D-8351-2766757E6262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {51ECAA66-4F9C-4DB3-BE31-4552324C3A5E} - \Update Service SimpleFiles -> Keine Datei <==== ACHTUNG
Task: {550E275D-D46C-452D-97F1-9B4CA0811667} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {72AA2B51-7B41-483E-89FD-4EFF915F8478} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {948B5781-8A50-439B-B978-C691140AEF1D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {B033E1C4-E4A4-4820-90B3-974F07537CE0} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {BF7D3E85-72E5-4AF4-869E-9F5395829E96} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {C54CAF6F-137A-49E3-9B85-E57242F1C7DD} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-05 02:36 - 2015-08-25 20:46 - 00011896 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-11 20:33 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-01-04 23:36 - 2015-02-07 05:11 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-02-28 18:05 - 2013-02-28 18:05 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 18:02 - 2013-02-28 18:02 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 18:06 - 2013-02-28 18:06 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-06-16 11:17 - 2015-06-16 11:17 - 00382584 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2015-09-09 22:07 - 2015-08-25 16:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-03 12:04 - 2014-11-03 12:04 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-11-03 12:05 - 2014-11-03 12:05 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-11-03 12:06 - 2014-11-03 12:06 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-11-03 12:07 - 2014-11-03 12:07 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-03-30 19:41 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-09-11 19:49 - 2013-03-20 09:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-09 22:28 - 2015-08-25 20:46 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Lockjaw\Desktop\Wallpapers\fallingstar-1680x1050.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "NetWorx"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "HTC Sync Loader"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "Octoshape Streaming Services"
HKU\S-1-5-21-3950223124-2474653717-92873065-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C411134C-EADE-4840-AD41-471719150BC6}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe
FirewallRules: [{90261D61-0EC2-4E7B-8F16-E3D1DA35FBF9}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe
FirewallRules: [{23B334DC-4DC3-42FD-8B70-4425FF93C5AC}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe
FirewallRules: [{86887012-AFD7-4C12-8C71-D9DBE895A0EE}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe
FirewallRules: [{D954566A-F45B-4717-A14F-7ED696FF38CD}] => (Allow) C:\Users\Lockjaw\Desktop\Alesha_Dixon_Ft_Jay_Sean_-_Every_Little_Part_Of_Me_downloader.exe
FirewallRules: [{E757FE96-D993-4465-A08C-CDFB100B6FDE}] => (Allow) C:\Users\Lockjaw\Desktop\Alesha_Dixon_Ft_Jay_Sean_-_Every_Little_Part_Of_Me_downloader.exe
FirewallRules: [{18759DD1-516E-4305-A95B-726AAF8AD393}] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{2FD09BF9-AB14-44C5-B34B-98507427C9F5}] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{75E30E99-6A26-4C9D-B9CD-3E28FF7D8EEB}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{F41FA2E4-2745-4525-84CE-CD48BFA60680}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{56F50C64-BA71-4C2C-96BC-4A160A6D6710}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3D588E83-2414-4A3F-9D00-9017BC586268}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8EBB179E-A582-43E8-9B35-0CCC6B533188}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{57543844-69B0-4A18-ABB6-7B9B09BF055A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5316F871-B4D4-46E8-A83B-BD5F5ABE8136}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{80A056C7-D050-4AD5-9620-B6A2FB7E5532}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{736862E6-781A-493A-B8EE-0DD503BD0B5A}] => (Block) %ProgramFiles% (x86)\Origin\Origin.exe
FirewallRules: [{29284F29-2DA5-4B52-B42A-789566279163}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5BD25027-3437-4177-8F0D-8773DBC09344}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8C323AF5-A3DE-4EE8-8688-CC9AE0629588}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C79F5D5A-D4AA-43B3-A96C-D180664C3366}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0ECE8102-3C5F-490D-A05C-90F16DD10FAA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{08AB42C0-5D6C-45BE-B4F8-4A7F1986A953}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{0A570BDA-481E-4CD6-A5C7-F9C8A5530CB7}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{7FEF26BF-7588-4BFC-A7C3-F97252D6BCBC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D4F1DC48-17AA-480F-9B26-9D5D5A9A0CBC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CDFE52FC-F94F-466B-8C0E-D1DE513A0375}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{391F3DBB-F2E7-40DB-B996-94E5EFF19B6F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E21BDF3D-8514-4B8C-9E80-657AD8CDD43A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{57B2A616-6F78-4744-AFFE-27E0FA043D45}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D0B50106-7853-4E25-9217-9A2426833905}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ECC0DF3A-97A9-484A-B3FD-476E7435D3A4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A35E19AB-5967-47B5-9210-A385B5EED58A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D3286246-1CE3-461E-AE17-45BDE51BBDDB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DBC0BE1B-3A90-4F90-9B6C-5E8A1131AD52}] => (Block) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{6FEBF509-2AE3-485F-9F17-1917E1B77BD2}] => (Block) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{AA639933-73D1-497F-9932-0BD2B99BBA4D}C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [TCP Query User{4BA33FA7-74FC-419D-B540-34325FBBE445}C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\lockjaw\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{F899679C-E365-458B-8DFB-3469B15A988E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F9888EC5-5715-430D-A199-C6B44A1CD4BF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40A2C474-D8DA-4F71-A86A-A6B6C605E45B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{55D64460-2292-483B-9A1A-E033B3A3F2B3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F6CCD0E0-8F4B-4FBC-AF03-81C36AB2E2EB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AF749DF3-4BB8-401C-8421-70EA59211CA8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CE39D408-2BFF-4953-A034-51FB4E9AAA58}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7481B7EE-47E2-4E76-BF77-717512413552}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{05185869-29E7-4F9D-B156-AE4302E4AB66}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8ED4FA86-7039-4AB7-932B-FD9A9D0C90A5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BB10DE5F-F187-4D1F-A058-D2613E7E3CA7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E37EA811-220B-4B52-B5D7-0D9AD6969626}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40E64DAC-7FE0-4560-8131-7EC6CBF7BB85}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{60068DCD-AFE4-4E0E-A655-054FB579B14A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D8D3BB4B-4858-4810-8F46-5C0A9E5C4040}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F34166B2-77D5-4930-B502-B7D803D31C18}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4FB27678-3BCE-4249-BBFF-D0449845EE1E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{44C09CEA-FF2D-466C-B4D8-4E7DCC8A6D7A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0F24266D-6EF9-40FD-B158-5C3CA5B37733}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A9737AA4-E748-4830-A5DA-5C05BC30D88A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{120207D7-FB1A-46B5-9CCF-C1AA40826CC5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9BF8E0BF-ED9C-4D72-9B6D-84A7F4B6993A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EF509454-8EAD-47C9-B334-D64FCA65269E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8E804407-2CFC-470E-8A06-92C5546036DA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3C4ECD0F-580E-4003-81B4-643FFDBBAD8A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{246C86B0-17E9-4192-A8CD-8AD464E63629}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{69593D5A-7577-46CA-B919-536913C81D8F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5641B702-56F0-4BAE-8429-BFD9EBC91088}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{77EF90AE-EC2E-42A3-BBC9-0341DC6C82DE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CA73530F-67DB-4EBB-93A7-38F49E37B699}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{703A379F-B9F9-4AA8-9381-0D35E3CB348B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FBC323A8-A874-4C7D-8981-571DAF1E91FD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D726AFBA-8DF0-42E3-B715-8A36763A7304}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{60256AF4-B10D-4490-8B5D-F985787589AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8BB75F5B-A235-4099-ADE6-238F9B8A4FCA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{36F57D18-D07D-4418-9FAF-FEC1F893E929}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A6D5EA56-0D69-41A0-823F-3B709157EF47}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0E587200-2C31-4D9B-8A84-60E90AC8E9C5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{C9BBA10F-A452-40BE-80B6-F16EE03DAD19}D:\ida61\idaq64.exe] => (Allow) D:\ida61\idaq64.exe
FirewallRules: [TCP Query User{2389A3EA-765E-4510-9CFE-11E3E35B34B3}D:\ida61\idaq64.exe] => (Allow) D:\ida61\idaq64.exe
FirewallRules: [{35F81982-CA5C-4923-99C0-EB8062E5DCCB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6D572355-325F-40FF-B50F-7CEEFB0B7C2C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0292BE09-7CFC-4DD7-87F1-E9601BCCD376}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{59F53A33-F186-41BD-9A88-57D9DB6468F4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2F66DED4-1A07-408E-8474-E886CD16D4E0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2DC52047-2F91-434A-914D-BC33B1D12588}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C9539AC0-CC97-4B6A-9A72-E31D7C3E20E1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BAA00FEC-198D-416B-BE1E-91D82072106D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{80ACB7A5-F9A1-45BD-9C9D-FAEE332255A7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{81F657C6-CF6C-4DE7-98F0-8BDB46CAFA26}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{31EB239F-0A44-4BB7-84C8-2C052BDCDC03}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9CCE72B5-0012-40A2-A973-34B76D7384F2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{92420C92-6CBC-4FA8-ABC0-6BC76B8CF8B4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D0213EF5-EF40-4B71-8287-5D530EFF5484}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{23832D91-7F91-4721-8353-DBB5F7B7814D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{12881E4F-32FF-46AD-866E-6D7D96574FDA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A14BF2F4-DFA5-49FE-9B0C-8246EA942CBC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8EC8C3D4-52BC-4DAF-B535-6498A14D6824}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4AB6B8A7-5824-44AE-8515-2555E798E1BE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{09DE92AC-FA76-4C8C-B0E7-8A687DEF2FF5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{1B414D37-0650-46DD-BC00-FABDB3E8260B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2D0D68CE-A312-4D4C-8F7A-12E3772A92EE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{92F1618D-49D2-4E81-A92C-C1DFB4A7C927}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{007E3B54-F036-4F54-A6D4-813161F462D7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0ED6FAE1-F118-4CD6-852E-191703370B5E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{70A8ADDC-B013-4636-B543-4EBBAF788F50}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{038213F2-E13F-46EE-B805-F0741D72B56F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{73962252-44DB-4F4C-BAD5-7A96FB08352F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{883C85C9-35E0-479A-8B58-72D38C6E5574}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6BF42A54-6BF2-46A1-972E-32507766100D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{26A825FF-1B66-4AB6-A264-5CCAED35DC08}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F4117E05-72DF-453B-8488-6F6D28ED4F66}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2EC23514-7F70-4CB5-9AF7-C9BE40F79C86}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3E036FCA-2A51-45C9-84C8-6B44FD44D955}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BC76177B-21E5-44CB-8DC9-7443BDE3BA4D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{654F5439-DBD8-435D-B028-DC37008585F6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1E0AC3DD-8DFF-4F4C-90DA-DFD81BE37EE5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{29C94B13-1F0E-458D-98F9-AF4C586C003B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D826F380-9A1B-40D6-8BF3-63A5021117AD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8F50D027-2100-4679-86EE-E2C0D71DE253}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{17B99FC8-647A-4E6E-8F82-F3A824A6A0CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D440161-E96C-4B31-B8D9-789C5762EC7F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C2C88739-5411-43AD-B697-F75C4FDE3A58}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D5986FF2-FBD8-4150-99EA-507E6BF129A9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F85576CA-6354-4807-951F-683E62F0AE5F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{337A924A-1D51-4E61-A452-3687BE331163}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F964DA5B-4D52-41B4-B816-6636C5FB3156}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{17BC7416-5717-441A-978B-EB276697C1A4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DA3762DE-6895-43AE-9D82-35EAFC57AF9D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2D6C1191-090F-4BF7-8CD0-7D7E71392103}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{67D3B3E7-DB00-46F0-84C8-C4A1F65EB25D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A811E766-1596-4D96-8F2F-D3E6C7AAC20F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8823D5B2-2C31-4DC3-800C-6A96063E96DC}] => (Allow) LPort=1900
FirewallRules: [{3B62095A-9BCB-4540-8C92-32D7FFE86131}] => (Allow) LPort=2869
FirewallRules: [{A20B6CE1-7BEB-42DB-BDCE-C9962E02A560}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4F753C7F-807F-48F2-BE54-ED870124FC5C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40C24F54-BFA5-4271-BD74-9D43ED01D340}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{38F8750A-65BE-40D0-8472-4DA8E426C360}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2F74BC6C-89BB-43AC-ACBA-6B5ABD4DDB89}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{DA17D3DE-BE4D-4D80-8E63-D70280AD2D3A}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{02A799B6-3841-4AB6-82E2-3A9A57914DA7}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{C11C024B-2371-425F-AC93-8960CE615664}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8242E8CC-6D36-41E0-BEF0-E2769FA47B0E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{11D762CE-9AC1-4D39-A9FA-72D3A6957FBD}C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D6C0E826-4690-4176-BEC9-7CDF8D9B7D75}C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\lockjaw\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{29B3DC68-6C99-42CD-88A8-20474ECF8894}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D75E0EC-3EFD-4F5D-86AA-4ECB24448050}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AD7398D6-A241-489A-AC6A-5E296E33F92D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B6597BD5-32ED-4FC3-A67C-3CFBEB37DA33}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{388C3E6E-BA1C-44C9-A351-DD657D38DF35}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1A328483-5736-4D95-AE85-AA52EBA9F817}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{87B75356-6CB6-4784-BEB7-3ADE2D15D4CF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0E9250E0-2702-49A1-9347-49E2F10ED1BE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{66AA529B-4275-4EA8-8E02-A607D566F805}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{84B25485-0BBF-4D87-8DD8-6CE3F1DA2C84}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A1CBA460-BC37-45CA-9EF6-C6531471E4AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9B678974-FFA0-4546-9637-5AD864018F06}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D13E5ADE-E500-4EFD-B230-75B29563C353}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{48686991-1FF9-4522-83B9-49CEC757F9CD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9C8DFC25-B5FC-4DCC-B818-84710C779441}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A5C94047-F3C6-4BA4-AB0E-F9E0CC8EBB4C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F1F5F090-FF59-40C1-9FE0-0480D22FC9C9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F1F09F52-543D-4ED4-8B1E-B7BAA29E2728}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D7AD12E2-86FF-4103-8B13-F6DEBF8027EB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{35CC7977-3A5A-46DB-B4D4-06D77E367E51}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B75582C2-1202-4980-9E8D-5F4397D33ACF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{53E6896D-90BA-4793-A375-717014DDEBB4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{28EE962C-EFC0-4622-ADEF-F84C238692AC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5FF550C5-5B5B-42CD-A1E1-BFFB1DA23923}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6436289F-FEF2-4DB8-99BC-3C217E48BF3C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{84D8BD00-6855-4607-8F4B-43F24B3AA51B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{873B358D-71B6-47FF-B285-B480E174EF0B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{10C69F12-25B5-4CB1-A050-98B8D11F2ADD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{71B4FC0C-B629-46FB-9727-3146C0E2BA3E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CDFB949A-C942-4C3D-8E9E-61ABEC5E55F6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5C520E29-1787-4CB3-9C2B-5FCC166F89BA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{75502D06-1FBF-4EE9-AA4A-62B8CF6FBAAD}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{96FA7699-5650-43B4-B8F7-3622F3814E52}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{823CB6B2-19D2-4B7C-97BE-3D032E030F61}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{AEE2AF5C-6947-4184-9FFC-3859FAA6CA72}] => (Allow) C:\Program Files (x86)\GamersFirst\APB Reloaded\Binaries\APB.exe
FirewallRules: [{B5EBEB47-BF51-4B31-9BA0-C8F2FA7D60ED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3A0E25AA-07D6-47DA-883C-86869A90D8ED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2A6AE1D0-D3C6-4295-9D47-DB5A7247D33E}] => (Allow) C:\Program Files (x86)\Capcom\Dead Rising 2\deadrising2.exe
FirewallRules: [{BDFE419E-195B-4F6A-B912-0D2E6B01D956}] => (Allow) C:\Program Files (x86)\Capcom\Dead Rising 2\deadrising2.exe
FirewallRules: [{7F79DB6A-02FF-467F-BEE8-6DB4813E1DC4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A0F05AB1-3F1F-4CF9-8345-5D8D722EA946}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5F9D60FC-864F-443E-BD4E-A6099CFD4D33}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9F9ABAB2-AA9A-4A77-8F51-B2813822D74E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{27F2CD82-111E-41EC-AC77-6D26C57FF199}] => (Allow) C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6C9805DD-7D29-47DE-885A-B50D53EDF4FF}] => (Allow) C:\Users\Lockjaw\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6E9973E2-9EEC-48DD-A028-531255C0A764}] => (Allow) C:\Users\Lockjaw\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{1E88A32A-D8DA-4733-8838-D53581F3EC60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EA6515D-704D-40E5-B267-E16A8D1262B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4C50E3F3-5B3F-44F0-846A-44B97BC48698}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{085C8A94-2387-4E2A-8E65-E7DDFC0D6C2A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{7794A075-6BF2-41CC-A8C3-CBA705B73A1F}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{24ED4C29-EB24-4386-BF04-0127E4980E50}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{5E1FC86E-A87C-4AFD-A450-9E3A325F424A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{497D5098-310D-4751-A793-BE10A62BD871}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{93D125B2-2100-49AB-89DF-7A21B7A5D74D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C54056C0-CDD8-498D-AD8E-DB735DCD2FF1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{F6F68627-1BCA-475B-94E5-8E6F75FC1DC6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{C9B7BFDF-EF4F-4929-BA27-382A69DB15FB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{0D27AB6B-9600-4385-A19F-C987DC261764}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{EBD2E5C6-E1D4-4F1E-85F2-642D248B701F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{68196D73-145A-4B64-AFED-D573DC5875B0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{6AE32B8D-284F-4E8D-A14E-2437AA8C911F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{6B33D82B-7394-4BFA-A6AB-4872C2E1E7F8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{C1EC3C5C-2678-4D8F-9A07-AD2E985DBA5E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{581524D2-D85E-4151-9780-2C0340364DF6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{A68BA543-4907-43B1-BDAE-86D4619B2E3F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{14E23DF3-FF31-4BE6-B504-A1BAEADF2307}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{80828A2C-D230-48B4-BA27-D8F0A5E9ACA1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7D64B30A-14FD-4523-A919-0D436CD16A0D}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{D62F8649-905E-411C-8C9B-DF081206E447}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{892562E2-0D1D-4764-9828-8AB82D176642}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EB77D5F0-536B-4C41-B566-E48656F7B450}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{037EFF30-4CE0-434C-BBAA-8382C91FD956}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8335732E-F2D8-4697-ACED-17A2380A3B63}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{2A0321B6-C86E-4A1A-960F-43C4D93C6614}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{F9887015-8EF8-4140-9F10-C8BEB56DC707}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{806CD66C-C1C4-4D7F-AF3D-3FA7451D6949}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{451FAAF0-5B76-40EE-B7B5-D91A3CB0AB04}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{D219CF44-25AB-445E-A52C-25EE399B0428}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{4E1E1B88-FA03-45CF-B1D7-0AE508C541DE}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{3C844019-8CCC-44CF-81BD-CBD22C497D11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6B13B5C3-1BC6-4A73-882A-7A9AB57A0B7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{022738F4-523A-4646-8F78-3DDDC96D0748}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{48EA0D14-CCE3-4B87-9F5D-F5855A97DE3E}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{8C67EA1C-8A88-46E0-B667-653DD0C9A535}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{466DE108-0A42-48C8-9286-09A024B1D833}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2447D7D2-8062-4E5C-A9F7-961A51CF4DA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0F8CAFAA-69D9-46D4-80D0-3E035BBB1C73}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6BE48CB8-EB79-4F9E-AE7B-37DECC7E8561}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{B3F4200C-8A7C-4F4B-BEE5-C1C411AE28DC}] => (Allow) C:\Program Files (x86)\Origin Games\BFH Beta 2\bfh.exe
FirewallRules: [{74B9669B-143C-4B0E-B6DC-5E9AB123B1E4}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{9EAFC6D2-9BC0-4A66-827E-BCA9AA894880}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{FF46A6EB-5DFA-4D75-AB2C-FC196126F672}] => (Allow) LPort=26675
FirewallRules: [{4EBE5487-BB71-4316-AF21-B798CEE4C05C}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{C884EDB9-48A9-4A1C-936C-5798D342D3AC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{77FE91F2-42A4-4F7A-984C-246A4A34CD7A}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{BF5687C7-97A1-46FE-A581-68AD13F3BD4F}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{C2884DDE-EC3A-49FB-B47A-3B1700A9BBB1}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
FirewallRules: [{ADE8C9A1-F6B7-46C7-BD99-0A395EBF831A}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{23FD9D9C-FFD4-4BB7-9FAE-13C51A1600CE}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{14CDA00B-5D99-42B3-BDBC-4C9CDAF46C3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AD72BABA-B10C-4C48-844F-94A17FD76E6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CD8DE495-9C77-4CD7-8195-5449064F3B04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EDD0D21E-9099-47CC-8223-11A826761485}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{83695C83-389A-456B-A1A4-FADCC9AE3FA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C601F979-8675-48B9-A855-5EE0A794F34D}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{A81FE0BB-BA89-47A5-BAEF-3D89980BC160}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{E12541D1-A54B-4794-8653-31B0BC8461F1}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{DD08881E-8D56-4188-A521-768E7E0C04B5}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{527554AA-E583-4FA6-BD8C-18626FA7D830}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{08173A9F-866A-4755-8E86-81ED96DFABC2}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Android Phone
Description: Android Phone
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/11/2015 07:09:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (09/11/2015 02:55:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (09/11/2015 02:55:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (09/11/2015 02:54:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (09/11/2015 02:54:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (09/09/2015 01:46:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1977.6980, Zeitstempel: 0x55a97f26
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002047f
ID des fehlerhaften Prozesses: 0xc40
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5
Error: (09/08/2015 08:42:57 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:55 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:53 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:51 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Systemfehler:
=============
Error: (09/11/2015 02:58:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/11/2015 02:58:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Lockjaw\AppData\Local\Temp\ehdrv.sys
Error: (09/11/2015 02:58:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/11/2015 02:58:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Lockjaw\AppData\Local\Temp\ehdrv.sys
Error: (09/11/2015 02:58:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/11/2015 02:58:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Lockjaw\AppData\Local\Temp\ehdrv.sys
Error: (09/11/2015 05:09:57 AM) (Source: DCOM) (EventID: 10010) (User: Baris)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/11/2015 05:09:26 AM) (Source: DCOM) (EventID: 10010) (User: Baris)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/10/2015 05:01:39 PM) (Source: DCOM) (EventID: 10010) (User: Baris)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/09/2015 09:10:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (09/11/2015 07:09:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (09/11/2015 02:55:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Lockjaw\Desktop\esetsmartinstaller_deu.exe
Error: (09/11/2015 02:55:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Lockjaw\Desktop\esetsmartinstaller_deu.exe
Error: (09/11/2015 02:54:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Lockjaw\Desktop\esetsmartinstaller_deu.exe
Error: (09/11/2015 02:54:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Lockjaw\Desktop\esetsmartinstaller_deu.exe
Error: (09/09/2015 01:46:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1977.698055a97f26ntdll.dll6.3.9600.1793655a68e0cc0000005000000000002047fc4001d0eaf3d5982eb8C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\WINDOWS\SYSTEM32\ntdll.dll6e80b349-56e8-11e5-bee6-089e01e10f6f
Error: (09/08/2015 08:42:57 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:55 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:53 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
Error: (09/08/2015 08:42:51 PM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1
CodeIntegrity:
===================================
Date: 2014-03-04 18:36:32.658
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:31.549
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:30.487
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:29.377
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:17.830
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:16.611
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:15.549
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-04 18:36:14.455
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3976.27 MB
Verfügbarer physikalischer RAM: 1799.57 MB
Summe virtueller Speicher: 6792.27 MB
Verfügbarer virtueller Speicher: 3537.19 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:449.01 GB) (Free:257.35 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E23A050D)
Partition: GPT.
==================== Ende von Addition.txt ============================
Probleme haben mir die Viren nicht bereitet, nur will man sie deswegen aber auch nicht behalten^^ Soll ich die 3 Viren jetzt nach den Scanns einfach aus der Quarantäne löschen? |
|
12.09.2015, 12:34
| #11 |
| /// the machine /// TB-Ausbilder | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J Ja kannste machen. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {51ECAA66-4F9C-4DB3-BE31-4552324C3A5E} - \Update Service SimpleFiles -> Keine Datei <==== ACHTUNG
C:\Users\Lockjaw\a.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.09.2015, 19:39
| #12 |
| | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J Fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
durchgeführt von Lockjaw (2015-09-12 16:37:26) Run:1
Gestartet von C:\Users\Lockjaw\Desktop
Geladene Profile: Lockjaw (Verfügbare Profile: Lockjaw & Gast)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Task: {51ECAA66-4F9C-4DB3-BE31-4552324C3A5E} - \Update Service SimpleFiles -> Keine Datei <==== ACHTUNG
C:\Users\Lockjaw\a.exe
Emptytemp:
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{51ECAA66-4F9C-4DB3-BE31-4552324C3A5E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51ECAA66-4F9C-4DB3-BE31-4552324C3A5E}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service SimpleFiles => Schlüssel nicht gefunden.
C:\Users\Lockjaw\a.exe => erfolgreich verschoben
EmptyTemp: => 343.8 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 16:38:13 ====
 Code:
ATTFilter # DelFix v1.011 - Datei am 12/09/2015 um 16:52:55 erstellt
# Aktualisiert am 18/08/2015 von Xplode
# Benutzer : Lockjaw - BARIS
# Betriebssystem : Windows 8.1 (64 bits)
~ Aktiviere die Benutzerkontensteuerung ... OK
~ Entferne die Bereinigungsprogramme ...
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\Lockjaw\Desktop\FRST-OlderVersion
Gelöscht : C:\Users\Lockjaw\Desktop\AdwCleaner_5.007.exe
Gelöscht : C:\Users\Lockjaw\Desktop\Defogger.exe
Gelöscht : C:\Users\Lockjaw\Desktop\defogger_enable.log
Gelöscht : C:\Users\Lockjaw\Desktop\esetsmartinstaller_deu.exe
Gelöscht : C:\Users\Lockjaw\Desktop\Fixlog.txt
Gelöscht : C:\Users\Lockjaw\Desktop\FRST64.exe
Gelöscht : C:\Users\Lockjaw\Desktop\JRT.txt
Gelöscht : C:\Users\Lockjaw\Desktop\JRT_7600.exe
Gelöscht : C:\Users\Lockjaw\Desktop\SecurityCheck.exe
Gelöscht : HKLM\SOFTWARE\AdwCleaner
~ Erstelle ein Backup der Registrierungsdatenbank ... OK
~ Lösche die Wiederherstellungspunkte ...
Gelöscht : RP #65 [Geplanter Prüfpunkt | 08/30/2015 14:54:07]
Gelöscht : RP #67 [Geplanter Prüfpunkt | 09/07/2015 15:44:17]
Gelöscht : RP #68 [Revo Uninstaller's restore point - Installer | 09/09/2015 16:22:16]
Ein neuer Wiederherstellungspunkt wurde erstellt !
~ Stelle die Systemeinstellungen wieder her ... OK
########## - EOF - ##########
Die Virensigantur ist immer aktuell bei mir NoSkript und Malwarebytes Anti Exploit wurde ebenfalls installiert Die 3 Viren in der Quarantäne wurden gelöscht. Ich mache vorsichtshalber noch ein Scann mit G DATA^^ Bin wohl virenfrei Vielen Dank für deine Hilfe Dank dir ist mein Laptop wieder Virenfrei Geändert von qwertz123 (12.09.2015 um 16:22 Uhr) |
|
13.09.2015, 09:26
| #13 |
| /// the machine /// TB-Ausbilder | Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 8.1 = Trojan.Generic.12552373, Win32.Adware.OpenCandy.C, Win32.Application.SysTwak.J |
| anwendung, anzahl, c:\windows, config, einfach, entdeck, fehlermeldung, festgestellt, folge, fund, gefahr, gmer, logfiles, löschen, neustart, problem, programm, prozess, quarantäne, scan, seite, system, system32, win, windows |
dann auf 
und dann auf 
. 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
