| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: CCC.exe Ungültiges BildWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.10.2015, 17:42
| #1 |
 |  CCC.exe Ungültiges Bild Guten Tag erstmal, ich habe zurzeit das Problem das mein Grafikkarten Treiber nicht mehr starten will, unter anderem kommt die Fehlermeldung das, das Programm C:\WINDOWS\SYSTEM32\mantle.dll nicht richtig ausgeführt werden kann und der Titel der Meldung ist: CCC.exe Ungültiges Bild. (CCC.exe ist mein Grafikkartentreiber). Ich habe auch bereits sfc /scannow gemacht und bekam keine Meldung das eine Datei beschädigt wäre, daher meine Vermutung auf einen Virus. Mit Avira habe ich zwar was gefunden aber "gelöscht". Falls es euch Interessiert, ich habe Windows 10. Ich hoffe ihr könnt mir helfen.  |
|
10.10.2015, 18:48
| #2 |
| /// the machine /// TB-Ausbilder    | CCC.exe Ungültiges Bild hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
10.10.2015, 19:07
| #3 |
| | CCC.exe Ungültiges Bild FRST
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:10-10-2015
durchgeführt von User (Administrator) auf USER-PC (10-10-2015 20:01:49)
Gestartet von C:\Users\User\Downloads\Desktop
Geladene Profile: User & (Verfügbare Profile: User & Philipp & David & DefaultAppPool)
Platform: Microsoft Windows 10 Home (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
() C:\Windows\System32\PnkBstrA.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.0\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.40\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.161\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_b542654da99939e7\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Ocs_SM] => C:\Users\User\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2014-12-06] (OCS)
HKLM\...\Run: [Windows10FirewallControl] => C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe [1153592 2015-06-03] (Sphinx Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-06] (LogMeIn Inc.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [Spiele Post] => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [49152 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\\Overwolf.exe [43760 2015-09-29] (Overwolf LTD)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\MountPoints2: {e89a29d7-3b63-11e5-93d0-6c626d887930} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30871144 2014-12-03] (Skype Technologies S.A.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-09] (Spotify Ltd)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [6611512 2015-03-09] (Spotify Ltd)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [515072 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {e89a29d7-3b63-11e5-93d0-6c626d887930} - "F:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\..\Interfaces\{732048a9-7e8d-428f-9af3-d5be1f66bc7a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9a295cd5-a244-421c-a8ef-9e3a343737cb}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://terra.im/
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.firetab.org/?type=ds3nt
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://terra.im/
HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM -> DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> DefaultScope {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im.anonymize-me.de/?anonymto=687474703A2F2F74657272612E696D2F7365617263683F713D7B7365617263685465726D737D&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {1C542DF7-3396-4D42-B172-0BB3112B443A} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im.anonymize-me.de/?anonymto=687474703A2F2F74657272612E696D2F7365617263683F713D7B7365617263685465726D737D&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {5F479614-7D29-4B6F-9A25-655F51040A54} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {739E9E60-0D96-CF0A-F381-313EA71EEAB9} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D696537&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {8A604491-5B94-4FB6-B577-D6496603425B} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {9AD09901-06DD-4DDD-A62D-6D2243B771AB} URL = hxxp://start.myplaycity.com.anonymize-me.de/?anonymto=687474703A2F2F73746172742E6D79706C6179636974792E636F6D2F726573756C74732E7068703F63617465676F72793D77656226733D7B7365617263685465726D737D&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {9F83E414-E084-43BB-9B34-58CA5E2599F3} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {DE8CDA62-F792-46BD-96A0-8E0B11F3672A} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> {FAFEC997-12BC-4538-8ACF-E518208DF1DB} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=1bb3aef0-e69b-4f72-b662-70fd602e1de3&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {739E9E60-0D96-CF0A-F381-313EA71EEAB9} URL =
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={C8AC27CA-07FA-4A0F-AFD5-98722651E931}&mid=7a32709e964f47d09a99bd2b2b6c90c3-ce3459d2a217299ab9ef231c670fdbc9aaf836df&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-20 18:13:58&v=18.1.5.512&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://start.myplaycity.com/results.php?category=web&s={searchTerms}
BHO: PriceSparrow -> {3F2DC1E7-A56F-49D8-B0CF-DB2300594497} -> C:\Program Files\PriceSparrow\Internet Explorer\pricesparrow.dll [2013-03-11] ()
Toolbar: HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Keine Datei
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095}
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default
FF DefaultSearchEngine,S:
FF SearchEngineOrder.1,S:
FF SelectedSearchEngine: Search
FF Homepage: about:home
FF Keyword.URL: hxxp://start.myplaycity.com/results.php?category=web&s=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2010-08-18] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2010-08-30] (Oracle)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-09-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1756924282-4294452273-3083732856-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\User\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [2012-03-19] ()
FF Plugin HKU\S-1-5-21-1756924282-4294452273-3083732856-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Philipp\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-29] (Unity Technologies ApS)
FF Extension: Kein Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-08-05]
FF Extension: Kein Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2014-12-06]
FF Extension: WallPepper ВКонтакте - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\Extensions\wp_loader@wall-pepper.ru [2014-12-09]
FF Extension: PriceSparrow - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\Extensions\extension@pricesparrow.com.xpi [2015-01-17]
FF HKLM\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Philipp\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Philipp\AppData\Roaming\Helper [2014-12-06]
Chrome:
=======
CHR HomePage: Default -> hxxp://start.myplaycity.com/
CHR StartupUrls: Default -> "hxxp://start.myplaycity.com/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-05-17]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-20]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-21]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-25]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-20]
CHR Extension: (Avira Browserschutz) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-01]
CHR Extension: (Superpricer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\koeojioiofmpegljihjleakgpmnolcbc [2015-10-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21]
CHR Extension: (YouTube Unblocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2015-05-17]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-20]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-03]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-03]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-03]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-03]
CHR Extension: (PriceSparrow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kljkanaekoongefljnjbghkgjjocmikm [2015-05-03]
CHR Extension: (Superpricer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\koeojioiofmpegljihjleakgpmnolcbc [2015-10-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-03]
CHR Extension: (WallPepper ВКонтакте) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pepjgkdpkihjnbdaggonbpphlfkbhdli [2015-08-23]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-03]
CHR HKLM\...\Chrome\Extension: [kljkanaekoongefljnjbghkgjjocmikm] - C:\Program Files\PriceSparrow\Chrome\pricesparrow-1.4.9.crx [2013-03-11]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1148688 2015-09-27] (Avira Operations GmbH & Co. KG)
S2 Apache2.2; c:\xampp\apache\bin\httpd.exe [18432 2011-09-10] (Apache Software Foundation) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [237864 2015-02-18] (EasyAntiCheat Ltd)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [Datei ist nicht signiert]
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1883496 2015-08-06] (LogMeIn Inc.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-08-06] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1006320 2015-09-29] (Overwolf LTD)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-05-20] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
R2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [2153016 2015-06-03] (Sphinx Software)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105352 2015-09-27] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-06-02] (AVG Technologies)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [138800 2015-07-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [37896 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [55912 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-08] (BlueStack Systems)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2015-08-15] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2015-08-15] (Windows (R) Win 7 DDK provider)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [71952 2015-10-10] (Multi Theft Auto)
R3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [38512 2015-08-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [492032 2015-07-10] (Realtek )
R3 SCREAMINGBDRIVER; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-16] (Avira Operations GmbH & Co. KG)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [65256 2015-07-30] (Wellbia.com)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-10 19:59 - 2015-10-10 19:59 - 01699328 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2015-10-10 19:53 - 2015-10-10 19:53 - 00016148 _____ C:\WINDOWS\system32\USER-PC_User_HistoryPrediction.bin
2015-10-10 18:36 - 2015-10-10 18:36 - 00001137 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-10 17:01 - 2015-10-10 17:02 - 10163295 _____ C:\Users\User\Downloads\164409-toyota-gt86-lowstance-gtasa.zip
2015-10-10 16:40 - 2015-10-10 16:40 - 00016148 _____ C:\WINDOWS\system32\USER-PC_David_HistoryPrediction.bin
2015-10-10 11:55 - 2015-10-10 11:55 - 00000000 ____D C:\Users\User\AppData\Local\AMD
2015-10-10 11:54 - 2015-10-10 11:54 - 02485168 _____ C:\Users\User\Downloads\1386791645_Lamborghini REVENTON 2009 v2 Ktbffh.rar
2015-10-09 18:53 - 2015-10-09 18:55 - 30547042 _____ C:\Users\User\Downloads\1423150725_2014 Mercedes Benz C250 AMG Edition V1.0.zip
2015-10-09 18:47 - 2015-10-09 18:47 - 05498413 _____ C:\Users\User\Downloads\1409781721_Mercedes-Benz E63 AMG.rar
2015-10-08 20:38 - 2015-10-08 20:39 - 19734087 _____ C:\Users\User\Downloads\168532-lamborghini-aventador-lb-performance-gtasa.zip
2015-10-08 20:34 - 2015-10-08 20:36 - 10565423 _____ C:\Users\User\Downloads\166158-mercedes-benz-c250-2014-gtasa.zip
2015-10-08 16:18 - 2015-10-08 16:18 - 39721456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atioglxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumdva.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumdag.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 03471376 _____ C:\WINDOWS\system32\atiumdva.cap
2015-10-08 16:18 - 2015-10-08 16:18 - 01004032 _____ C:\WINDOWS\system32\amdocl_as32.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00807424 _____ C:\WINDOWS\system32\amdocl_ld32.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-10-08 16:18 - 2015-10-08 16:18 - 00553456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00390304 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00303600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00203776 _____ C:\WINDOWS\system32\clinfo.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00198640 _____ C:\WINDOWS\system32\amdgfxinfo32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00173040 _____ (AMD) C:\WINDOWS\system32\atitmmxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00152560 _____ C:\WINDOWS\system32\atieah32.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atigktxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00132080 _____ C:\WINDOWS\system32\amdhdl32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9pag.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00068080 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00064298 _____ C:\WINDOWS\system32\mantle32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00056270 _____ C:\WINDOWS\system32\hsa-thunk.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00053744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00052715 _____ C:\WINDOWS\system32\mantleaxl32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00037872 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00001456 _____ C:\WINDOWS\system32\detoured.dll
2015-10-07 21:12 - 2015-10-07 21:13 - 09723744 _____ C:\Users\User\Downloads\55883-mercedes-benz-cls-63-amg.zip
2015-10-07 18:34 - 2015-10-07 20:33 - 01379073 _____ C:\Users\User\Downloads\bewerbung.psd
2015-10-05 21:06 - 2015-10-05 21:06 - 00115498 _____ C:\Users\User\Downloads\sannnnsssnnsn.psd
2015-10-03 20:03 - 2015-10-03 20:04 - 04511170 _____ C:\Users\User\Downloads\Major Tom (Völlig Losgelöst)
2015-10-03 20:01 - 2015-10-03 20:01 - 04291741 _____ C:\Users\User\Downloads\Linkin Park - New Divide (Official Video)
2015-10-03 19:57 - 2015-10-03 19:57 - 03458749 _____ C:\Users\User\Downloads\JBB 2014 [8tel-Finale 4-8 HR] - Aytee vs. Diverse (prod. by Epipto)
2015-10-01 21:07 - 2015-10-01 21:07 - 00095391 _____ C:\Users\User\Downloads\Gangwar-Script.rar
2015-10-01 18:30 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 18:30 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 18:30 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:30 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 18:30 - 2015-09-17 08:26 - 01856848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 18:30 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 18:30 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 18:30 - 2015-09-17 07:47 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 18:30 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 18:30 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 18:30 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 18:30 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 18:30 - 2015-09-17 07:39 - 01829376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 18:30 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 03026432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 18:30 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 18:30 - 2015-09-17 07:32 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 18:30 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 18:30 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 18:29 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 18:29 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 18:29 - 2015-09-25 01:18 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 18:29 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 18:29 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 18:29 - 2015-09-25 00:42 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 18:29 - 2015-09-25 00:37 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 18:29 - 2015-09-25 00:30 - 02985472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 18:29 - 2015-09-25 00:29 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 18:29 - 2015-09-25 00:28 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 18:29 - 2015-09-25 00:28 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 18:29 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 18:29 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 18:29 - 2015-09-25 00:11 - 01499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 18:29 - 2015-09-19 05:50 - 00083160 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 06265168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 18:29 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 01343952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 00680144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 18:29 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 18:29 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 00083792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 18:29 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 18:29 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 01708376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00436064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00414560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 18:29 - 2015-09-17 08:26 - 00335696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00228192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 18:29 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 18:29 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 18:29 - 2015-09-17 08:15 - 00070744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 18:29 - 2015-09-17 08:13 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 18:29 - 2015-09-17 08:13 - 00918880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 18:29 - 2015-09-17 07:51 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 18:29 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 18:29 - 2015-09-17 07:51 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 18:29 - 2015-09-17 07:51 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 18:29 - 2015-09-17 07:49 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 18:29 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 18:29 - 2015-09-17 07:49 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 18:29 - 2015-09-17 07:48 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 18:29 - 2015-09-17 07:48 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 18:29 - 2015-09-17 07:48 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 18:29 - 2015-09-17 07:47 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 18:29 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 18:29 - 2015-09-17 07:46 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 18:29 - 2015-09-17 07:46 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 18:29 - 2015-09-17 07:45 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 18:29 - 2015-09-17 07:45 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 18:29 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 18:29 - 2015-09-17 07:43 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 18:29 - 2015-09-17 07:42 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 18:29 - 2015-09-17 07:41 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 18:29 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 18:29 - 2015-09-17 07:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 18:29 - 2015-09-17 07:39 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 18:29 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 06529024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 18:29 - 2015-09-17 07:35 - 01762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 18:29 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 18:29 - 2015-09-17 07:35 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 18:29 - 2015-09-17 07:34 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 18:29 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 18:29 - 2015-09-17 07:33 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 18:29 - 2015-09-17 07:33 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00989696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 18:29 - 2015-09-17 07:31 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 18:29 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 18:29 - 2015-09-17 07:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 18:29 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 18:29 - 2015-09-17 07:28 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 18:29 - 2015-09-17 07:28 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 18:29 - 2015-09-17 07:27 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 18:29 - 2015-09-17 07:27 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 18:29 - 2015-09-17 07:27 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 18:29 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 18:29 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 20:41 - 2015-09-30 20:41 - 00280310 _____ C:\Users\User\Downloads\Aufnahme.rar
2015-09-24 17:59 - 2015-09-24 17:59 - 00018514 _____ C:\Users\User\ESt2014_Horst_David_und_Horst_Lilia2.elfo
2015-09-24 16:55 - 2015-09-24 17:07 - 00099090 _____ C:\Users\User\ESt2014_Horst_David_und_Horst_Lilia.elfo
2015-09-24 15:01 - 2015-09-24 15:14 - 00000000 ____D C:\Users\User\AppData\Local\elfopatch
2015-09-23 17:34 - 2015-09-23 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2015-09-23 17:33 - 2015-09-23 17:34 - 00000000 ____D C:\Program Files\MTA San Andreas 1.4
2015-09-20 17:05 - 2015-09-20 17:05 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-20 17:05 - 2015-09-20 17:05 - 00000000 ____D C:\Program Files\AGEIA Technologies
2015-09-19 20:14 - 2015-09-19 20:37 - 47037373 _____ C:\Users\User\Downloads\Ephiikz Effects Pack.rar
2015-09-19 19:04 - 2015-09-19 19:04 - 00215650 _____ C:\Users\User\Downloads\Angelsofdeath.psd
2015-09-16 15:17 - 2015-09-16 15:17 - 00175760 _____ C:\Users\User\Downloads\linkinpark_chase (1).zip
2015-09-16 15:11 - 2015-09-16 15:11 - 00175760 _____ C:\Users\User\Downloads\linkinpark_chase.zip
2015-09-14 15:17 - 2015-09-14 15:17 - 05335603 _____ C:\Users\User\Downloads\12445-uaz-3909-gtasa (3).zip
2015-09-12 21:08 - 2015-10-10 19:54 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn Hamachi
2015-09-12 21:08 - 2015-09-12 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-09-12 21:08 - 2015-09-12 21:08 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2015-09-12 21:05 - 2015-09-12 21:08 - 08716288 _____ C:\Users\User\Downloads\hamachi.msi
2015-09-12 20:49 - 2015-09-12 21:02 - 01162528 _____ C:\Users\User\Downloads\LogMeIn Hamachi - CHIP-Installer.exe
2015-09-11 21:44 - 2015-09-11 21:46 - 24219648 _____ C:\Users\User\Downloads\RuneScape.msi
2015-09-10 16:30 - 2015-09-10 16:30 - 00018916 _____ C:\Users\User\Downloads\JBB 2014 - Aytee vs. Diverse- Instrumental.aup
2015-09-10 16:30 - 2015-09-10 16:30 - 00000000 ____D C:\Users\User\Downloads\JBB 2014 - Aytee vs. Diverse- Instrumental_data
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-10 20:01 - 2013-12-01 21:55 - 00000000 ____D C:\FRST
2015-10-10 20:00 - 2012-05-11 16:25 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-10 19:58 - 2015-07-29 13:56 - 02030034 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-10 19:58 - 2014-03-28 19:29 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-10 19:56 - 2014-05-13 15:00 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2015-10-10 19:53 - 2015-05-12 19:36 - 00000000 ____D C:\Users\User\AppData\Local\HTC MediaHub
2015-10-10 19:53 - 2014-01-30 20:56 - 00001118 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-10 19:52 - 2015-07-29 13:50 - 00058892 _____ C:\WINDOWS\PFRO.log
2015-10-10 19:52 - 2015-07-10 11:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-10 19:52 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Registration
2015-10-10 19:52 - 2015-07-10 08:59 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-10 19:51 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-10 19:17 - 2014-01-30 20:56 - 00001122 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-10 18:38 - 2014-06-21 16:52 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-10 18:36 - 2014-06-21 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-10 18:36 - 2014-06-21 16:51 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-10-10 10:54 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-09 22:14 - 2013-11-20 19:11 - 00000000 ____D C:\Program Files\Overwolf
2015-10-09 22:14 - 2012-05-16 19:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-10-09 21:10 - 2012-12-29 16:34 - 00000000 ____D C:\Program Files\Steam
2015-10-09 17:23 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-10-08 18:12 - 2015-02-20 10:05 - 00000000 ____D C:\Users\User\AppData\Local\Steam
2015-10-08 18:11 - 2012-12-29 16:34 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-10-08 16:32 - 2015-07-29 13:58 - 00000000 ____D C:\Users\Philipp
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-08 16:22 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-08 16:19 - 2015-04-13 19:58 - 00000000 ____D C:\AMD
2015-10-08 16:18 - 2015-07-16 02:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx32.dll
2015-10-08 16:18 - 2015-07-16 02:11 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx32.dll
2015-10-08 16:18 - 2015-07-16 02:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxpag.dll
2015-10-08 16:18 - 2015-07-16 02:04 - 19525104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-10-08 16:18 - 2015-07-16 01:17 - 00223216 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-10-08 16:18 - 2015-07-16 01:13 - 00542192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-10-08 16:18 - 2015-07-16 01:12 - 00670208 _____ C:\WINDOWS\system32\coinst_15.20.dll
2015-10-08 16:14 - 2014-06-01 14:28 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2015-10-07 21:15 - 2015-03-09 21:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\www.gtavicecity.ru
2015-10-02 10:18 - 2015-08-23 16:29 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2015-09-30 20:43 - 2014-10-24 22:41 - 00000000 ____D C:\Users\User\AppData\Roaming\LolClient
2015-09-27 16:59 - 2014-06-21 12:07 - 00105352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-27 16:59 - 2014-06-21 12:07 - 00055912 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-26 10:41 - 2015-07-29 13:54 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-26 10:41 - 2015-07-06 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-26 10:39 - 2015-08-25 18:10 - 00000000 ____D C:\Users\David\AppData\Local\HTC MediaHub
2015-09-25 21:47 - 2015-07-10 11:53 - 04472496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-25 21:44 - 2015-07-10 15:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-24 18:20 - 2012-09-05 18:05 - 00000000 ____D C:\Users\User\AppData\Local\Paint.NET
2015-09-24 18:17 - 2012-11-20 19:18 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-09-24 15:15 - 2014-09-12 12:29 - 00000000 ____D C:\Program Files\ElsterFormular
2015-09-24 15:15 - 2012-08-16 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-09-24 12:26 - 2015-08-23 16:27 - 00000000 ____D C:\Users\David\AppData\Local\Google
2015-09-20 17:05 - 2012-12-23 12:31 - 00000000 ____D C:\Users\User\.swt\Documents\My Games
2015-09-20 12:20 - 2015-08-23 16:31 - 00002399 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-20 12:20 - 2015-08-23 16:31 - 00000000 ___RD C:\Users\David\OneDrive
2015-09-15 18:12 - 2015-07-10 10:29 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 10:29 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-09-14 14:33 - 2012-05-11 09:56 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-09-12 16:18 - 2015-08-10 18:26 - 00000000 ____D C:\Users\User\AppData\Roaming\YGOPro DevPro
2015-09-11 22:10 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-10 18:48 - 2014-09-21 14:57 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++
2015-09-10 18:47 - 2014-09-21 14:57 - 00000000 ____D C:\Program Files\Notepad++
2015-09-10 16:30 - 2015-05-17 13:43 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity
2015-09-10 16:04 - 2013-08-14 11:26 - 00000000 ____D C:\WINDOWS\system32\MRT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-02-26 08:34 - 2013-02-26 08:34 - 2547384 _____ (Beepa P/L) C:\Program Files\fraps.exe
2013-02-26 08:34 - 2013-02-26 08:34 - 0234168 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2013-12-24 16:06 - 2013-12-24 16:16 - 1073741824 _____ () C:\Program Files\MicroVolts_1.0.3.70_GER.exe
2014-04-20 18:12 - 2014-06-02 10:58 - 0003750 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2015-06-04 20:34 - 2015-06-04 20:34 - 0143445 _____ () C:\Program Files\YouTube-Unblocker-056.zip
2014-09-11 14:44 - 2014-09-11 15:02 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2013-11-19 17:05 - 2015-10-07 21:08 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-09-20 15:22 - 2014-08-03 12:27 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-05-20 14:13 - 2013-05-20 14:13 - 0138056 _____ () C:\Users\User\AppData\Roaming\PnkBstrK.sys
2013-12-19 11:44 - 2014-01-23 09:44 - 0000111 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2014-09-11 15:05 - 2015-04-21 15:17 - 0001456 _____ () C:\Users\User\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2012-05-24 18:07 - 2012-11-17 16:08 - 0007168 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-24 14:57 - 2013-10-24 18:22 - 0007597 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2013-05-08 19:07 - 2014-06-17 19:11 - 0003899 _____ () C:\ProgramData\dorrcrane_save.log
2015-07-29 13:53 - 2015-07-29 13:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-06-01 21:05 - 2014-06-15 19:14 - 0003400 _____ () C:\ProgramData\dscrane_save.log
2013-02-20 17:09 - 2013-02-20 17:09 - 0004928 _____ () C:\ProgramData\qiwmnyln.lsb
Einige Dateien in TEMP:
====================
C:\Users\David\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\09b612d1dd5ef4708fb92a12636bb249.dll
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\comFE9A.exe
C:\Users\User\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll
C:\Users\User\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\User\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\User\AppData\Local\Temp\utils.dll
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe
C:\Users\User\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 16:15
==================== Ende vom FRST.txt ============================
|
|
10.10.2015, 19:10
| #4 |
| | CCC.exe Ungültiges Bild Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:10-10-2015
durchgeführt von User (2015-10-10 20:03:48)
Gestartet von C:\Users\User\Downloads\Desktop
Microsoft Windows 10 Home (X86) (2015-07-29 12:23:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1756924282-4294452273-3083732856-500 - Administrator - Disabled)
David (S-1-5-21-1756924282-4294452273-3083732856-1007 - Limited - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-1756924282-4294452273-3083732856-503 - Limited - Disabled)
Gast (S-1-5-21-1756924282-4294452273-3083732856-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1756924282-4294452273-3083732856-1004 - Limited - Enabled)
Philipp (S-1-5-21-1756924282-4294452273-3083732856-1002 - Limited - Enabled) => C:\Users\Philipp
User (S-1-5-21-1756924282-4294452273-3083732856-1000 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\uTorrent) (Version: 3.4.3.40208 - BitTorrent Inc.)
Ace of Spades (HKLM\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)
Ace of Spades (HKLM\...\Steam App 224540) (Version: - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.1.2.232 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader 9.3.4 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.8.612 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Akamai) (Version: - Akamai Technologies, Inc)
Alabama Smith In Escape From Pompeii (HKLM\...\Alabama Smith In Escape From Pompeii_is1) (Version: 1.0 - MyPlayCity, Inc.)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{DE7D695C-2EC7-AFDF-F786-6E938DE83175}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ancient Secrets: Der goldene Schlüssel (HKLM\...\Ancient Secrets: Der goldene Schlüssel) (Version: 2.0.0.0 - INTENIUM GmbH)
APB Reloaded (HKLM\...\Steam App 113400) (Version: - Reloaded Productions)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aranjas (HKLM\...\Aranjas) (Version: 0.0.0.0 - INTENIUM GmbH)
Ashley Clark: Das Geheimnis des Rubins (HKLM\...\Ashley Clark: Das Geheimnis des Rubins) (Version: 2.0.0.0 - INTENIUM GmbH)
Atlantis - Mysteries of Ancient Inventors (HKLM\...\Atlantis - Mysteries of Ancient Inventors_is1) (Version: 1.0 - MyPlayCity, Inc.)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Battlefield Play4Free (HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
BearShare (Version: 10.0.0.128377 - Musiclab, LLC) Hidden
BigMacroTool 1.5 (HKLM\...\{620CAD2D-0757-43A9-AA5F-C8D48A1E4D85}_is1) (Version: - TLProd)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (Version: 2010.0527.1242.20909 - ATI) Hidden
Cinema 4D version R12 (HKLM\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cities Skylines (HKLM\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
CLEO 4.3 (HKLM\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
Das Rätsel der Eisprinzessin Sammleredition (HKLM\...\Das Rätsel der Eisprinzessin Sammleredition) (Version: 0.0.0.0 - INTENIUM GmbH)
Defiance (HKLM\...\Steam App 224600) (Version: - Trion Worlds, Inc.)
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
Deutschland Spielt - Spiele Post (HKLM\...\Deutschland Spielt - Spiele Post) (Version: 1.0.4.38 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory version 2.0.128 (HKLM\...\Dxtory2.0_is1) (Version: 2.0.128 - ExKode Co. Ltd.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Farmscapes(TM) Premium Edition (HKLM\...\00e1b559ced624f1a3ef930630c2d865) (Version: - zylom)
Firebird 2.5.0.26074 (Win32) (HKLM\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
FlatOut2 (HKLM\...\{7E641E46-81DB-4D1D-906A-48342523051C}) (Version: 1.00.0000 - Ihr Firmenname)
Frankenstein - The Dismembered Bride (HKLM\...\Frankenstein - The Dismembered Bride_is1) (Version: 1.0 - MyPlayCity, Inc.)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
GameCatalog15.2013 (Version: 1.00.0000 - Intenium GmbH) Hidden
Gardenscapes – Gestalte dein Haus (HKLM\...\Gardenscapes – Gestalte dein Haus_is1) (Version: - Playrix Entertainment)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Hidden Object Crosswords (HKLM\...\Hidden Object Crosswords_is1) (Version: 1.0 - MyPlayCity, Inc.)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
IdleMaster (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\1d85483b1c982d8c) (Version: 0.8.0.2 - IdleMaster)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java(TM) 6 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
join.me (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\JoinMe) (Version: 1.8.0.108 - LogMeIn, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
Loadout (HKLM\...\Steam App 208090) (Version: - Edge of Reality)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.385 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.385 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Masters of Mystery - Crime of Fashion (HKLM\...\Masters of Mystery - Crime of Fashion_is1) (Version: 1.0 - MyPlayCity, Inc.)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mermaid Adventures - the Frozen Time (HKLM\...\Mermaid Adventures - the Frozen Time_is1) (Version: 1.0 - MyPlayCity, Inc.)
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MicroVolts Surge (HKLM\...\Steam App 109400) (Version: - NQ Games)
Minecraft - 1.6.4 Packages (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Minecraft - 1.6.4 Packages) (Version: - ) <==== ACHTUNG
Minecraft (HKLM\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
MorphVOX Junior (HKLM\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Mortimer Beckett And The Time Paradox (HKLM\...\Mortimer Beckett And The Time Paradox_is1) (Version: 1.0 - MyPlayCity, Inc.)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MTA:SA v1.4.1 (HKLM\...\MTA:SA 1.4) (Version: v1.4.1 - Multi Theft Auto)
MTA:SA v1.5.0 (HKLM\...\MTA:SA 1.5) (Version: v1.5.0 - Multi Theft Auto)
Mysteries and Nightmares: Morgianas Fluch (HKLM\...\Mysteries and Nightmares: Morgianas Fluch) (Version: 2.0.0.0 - INTENIUM GmbH)
Mystic Gallery (HKLM\...\Mystic Gallery_is1) (Version: 1.0 - MyPlayCity, Inc.)
Need for Speed(TM) Hot Pursuit (HKLM\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Need For Speed™ World (HKLM\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1353 - Electronic Arts)
Notepad++ (HKLM\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Overwolf (HKLM\...\Overwolf) (Version: 0.89.107.0 - Overwolf Ltd.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Pidgin (HKLM\...\Pidgin) (Version: 2.10.11 - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PriceSparrow (HKLM\...\{3F2DC1E7-A56F-49D8-B0CF-DB2300594497}) (Version: 1.4.9 - Ciuvo GmbH) <==== ACHTUNG
PRIME Z-DW Gaming Mouse (HKLM\...\PRIME Gaming Mouse) (Version: 1.0 - SPEEDLINK)
RaceRoom Racing Experience Launcher (HKLM\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
RIDGE RACER™ Driftopia (HKLM\...\Steam App 226410) (Version: - BUGBEAR)
Robocraft (HKLM\...\Steam App 301520) (Version: - Freejam)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix)
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version: - Punk Software)
S4 League_EU (HKLM\...\{A7D97EE5-6C35-4EF3-8BAD-98B8D4E83770}) (Version: 1.00.0000 - )
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
Season Match - Curse of the Witch Crow (HKLM\...\Season Match - Curse of the Witch Crow_is1) (Version: 1.0 - MyPlayCity, Inc.)
Skype™ 7.0 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.0.100 - Skype Technologies S.A.)
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
SOE Web Installer (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sonic & All-Stars Racing Transformed (HKLM\...\Steam App 212480) (Version: - Sumo Digital)
Sonic and SEGA All Stars Racing (HKLM\...\Steam App 34190) (Version: - Sumo Digital)
Sothink SWF Decompiler (HKLM\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.0 - SourceTec Software Co., LTD)
Sothink SWF Editor Version 1.0 (HKLM\...\{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1) (Version: 1.0 - So Think, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spirits of Mystery: Der dunkle Minotaurus (HKLM\...\BFG-Spirits of Mystery - Der dunkle Minotaurus) (Version: - )
Spotify (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Spotify (HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StormFall (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StormFall) (Version: - StormFall) <==== ACHTUNG
Tales From The Dragon Mountain 2: The Lair (HKLM\...\Tales From The Dragon Mountain 2: The Lair) (Version: 0.0.0.0 - INTENIUM GmbH)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Test Drive Unlimited 2 (HKLM\...\Test Drive Unlimited 2_is1) (Version: - Atari)
The Crew (Worldwide) (HKLM\...\Uplay Install 413) (Version: - Ubisoft)
The Dream Voyagers: Die Traumheiler (HKLM\...\The Dream Voyagers: Die Traumheiler) (Version: 2.0.0.0 - INTENIUM GmbH)
The Path of Hercules (HKLM\...\The Path of Hercules_is1) (Version: 1.0 - Playrix Entertainment)
Unity Web Player (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM\...\Uplay) (Version: 4.9 - Ubisoft)
Vampire Saga - Welcome to Hellock (HKLM\...\Vampire Saga - Welcome to Hellock_is1) (Version: 1.0 - MyPlayCity, Inc.)
Vegas Pro 11.0 (HKLM\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
VirtualDJ Home FREE (HKLM\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
VirtualDJ PRO Full (HKLM\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
Webocton - Scriptly 0.8.95.6 (HKLM\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows10FirewallControl Basic 7.2.105.116 (HKLM\...\Windows10FirewallControl_is1) (Version: 7.2.105.116 - Sphinx Software)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wonderland Online (HKLM\...\Wonderland Online_is1) (Version: 6.1.8 - IGG,Inc.)
XAMPP 1.7.7 (HKLM\...\xampp) (Version: - )
YGOPro DevPro (HKLM\...\{A115F80F-2B26-464E-97A3-8B13EC533C3D}) (Version: 2.1.2 - DevPro, LLC)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{000F1EA4-5E08-4564-A29B-29076F63A37A}\InprocServer32 -> C:\Users\User\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
==================== Wiederherstellungspunkte =========================
08-10-2015 16:15:47 Windows Update
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0408822E-7F37-45E8-8A7E-6BDB28845C24} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {049C8435-9056-408C-86C9-0B45479D2E66} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04CF40E1-6710-4141-86B4-106A679BE6F1} - System32\Tasks\{9738F50E-C0E0-4B9E-B00E-A4FC4FE9DB65} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=12031
Task: {08CEF25C-2297-4DE5-AE6D-E09CBE40AFCE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {0CAB2961-8A26-4ADB-879D-A365168B3270} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0ECCFCD1-C313-451E-9BC1-62AE7822299D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1AB50A0E-732D-464D-9D23-D3077A9F43A3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1FE0D709-36AA-4685-9D76-D715A0D8D8E1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {21E7BC0A-C9A6-4828-9040-BC1B59E34C63} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F52831A-C63F-4C66-98C8-7202CEA54C9E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {340E9A09-D230-4309-B984-9F5AA9EA54B1} - System32\Tasks\{1655C560-5A86-4479-8A4C-65887C481E75} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=12031
Task: {35D1F3E0-DF55-42AF-9180-88752691E2DB} - System32\Tasks\{A84C3686-18D9-4C50-B3C5-F971D1026B97} => pcalua.exe -a "C:\Program Files\Tuguu SL\VAFPlayer\Uninstall.exe" -d "C:\Program Files\Tuguu SL\VAFPlayer"
Task: {3A34A524-8E74-4110-B06D-76E003074815} - System32\Tasks\pricesparrowSWU => Cscript.exe "C:\Program Files\PriceSparrow\Internet Explorer\swu.vbs"
Task: {3AD6FA87-D484-4B36-B36A-0C41FD43A962} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3FAA0553-A304-4509-A1EA-DC8415F3EE34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {44F96C3D-9FC8-46EA-9B64-1265D898DBB5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4DD04DC2-2146-4790-831B-0ACFA25F85D5} - System32\Tasks\{FF20A75F-9C6E-42F0-BFAC-022CC13E33EF} => pcalua.exe -a "C:\Users\User\Downloads\DieWiegeRoms (1).exe" -d C:\Users\User\Downloads
Task: {53A59AF8-60DE-4DF2-A23A-1D95FDCC5C8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {558B9E84-CC15-447A-B3F5-4F30D1A3B2F7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {572EA14B-4479-430D-AD78-D83EC7CF14C7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5920712F-C28B-4A7F-90D0-D2BE609A21E9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {592468C8-1487-4F9A-AB78-7F5809E3CE3B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5B3D1B56-C200-4B45-ADA3-E7F775E9EBC9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {62867CC5-C650-4205-A769-0A2A957A1E60} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {65E6E7FA-0F26-4041-84F3-6D11980EAF6F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {75D581FC-9FD7-439A-8ABA-93F4E2F0D1F4} - System32\Tasks\{4CE26FDA-76BF-4CBB-8128-35E8DA1DE3D1} => pcalua.exe -a "C:\Users\User\Downloads\LauraJones (1).exe" -d C:\Users\User\Downloads
Task: {768A774D-D02A-4295-A741-17448DEC1114} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B7820B1-4F9D-4275-9BEF-C5F8E5436E67} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {7D20F69C-A5E6-458A-AE12-A2F82FB2A778} - System32\Tasks\{42E59334-3E85-458F-B13A-D73DCCFF2B42} => pcalua.exe -a C:\Users\User\Downloads\SchatzjaegerTreasureHunters.exe -d C:\Users\User\Downloads
Task: {85CDFC7B-BDC5-4581-9063-7AD59A246BF1} - System32\Tasks\{350FEF7D-0484-41DF-A1F5-6613CD56A397} => pcalua.exe -a "C:\Users\User\Downloads\mysticgallery_setup (2).exe" -d C:\Users\User\Downloads
Task: {874D95F5-19F0-44E3-ABF2-9AC5C404C8F6} - System32\Tasks\{540EDBBA-0D60-4BFE-96A1-6308F1A29326} => pcalua.exe -a "C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client\package_inst.exe" -d C:\Users\User\Downloads -c "C:\Users\User\Downloads\soundboard-0.9.9.6b-win32.ts3_plugin"
Task: {89CC7417-74D2-4624-93C2-DC8113C13E4C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8A1DEEF8-8F35-40CB-B63D-D66B2591C7E6} - System32\Tasks\{E4B3DF97-23B5-4212-9EF1-8B3E2EA5D741} => pcalua.exe -a "C:\Users\User\Downloads\loki_setup (1).exe" -d C:\Users\User\Downloads
Task: {8D6A2521-E4A7-4F08-8626-251CB3251717} - System32\Tasks\{ABF1FFF9-E6F7-44F3-96E1-6EA86F1C6E89} => pcalua.exe -a C:\Users\User\Downloads\witchcrow_setup.exe -d C:\Users\User\Downloads
Task: {8DD0CC02-29AE-4921-91D5-28A791189E39} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {907A5884-3CF8-4805-BA70-65CBAABA06EB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90EDEA0C-FE1B-4FE2-89D6-DDD43B56D9AB} - System32\Tasks\Overwolf Updater Task => C:\Program Files\Overwolf\OverwolfUpdater.exe [2015-09-29] (Overwolf LTD)
Task: {91107982-7FF7-47FE-88ED-7B2B8EF1A8C0} - System32\Tasks\{CAD8A498-50EF-4FFB-A877-AB5B0BDC6CB7} => pcalua.exe -a "C:\Users\User\Downloads\DieWiegeOlympias3 (1).exe" -d C:\Users\User\Downloads
Task: {91376F64-3E43-4EFC-A190-2A791134456F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {91D7AAC1-697B-4ED6-A40F-26F37A101C74} - System32\Tasks\{A47C8D3D-514B-4520-AB3D-29E6564E0BE1} => pcalua.exe -a C:\Users\User\Downloads\MortimerBeckett3.exe -d C:\Users\User\Downloads
Task: {9216A6DF-4486-4F86-BC04-D66D43F5ADE2} - System32\Tasks\{A9244D4B-5AF2-4A79-A04D-387223DC37BD} => pcalua.exe -a "C:\Users\User\Downloads\rainbowweb3_setup (1).exe" -d C:\Users\User\Downloads
Task: {A0729C9E-ADC0-489C-AB3E-A93FE35C1575} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: {A0AEDE99-851E-445F-9ADD-5A6B4D48D489} - System32\Tasks\{B4271D65-C748-4D7D-A4BA-BC8AEF3EBBCA} => pcalua.exe -a "C:\Program Files\OXXOGames\GPlayer\\MyInstall.exe" -c ScriptUInst "C:\Program Files\OXXOGames\GPlayer\Install\\Game_7Wonders.log"
Task: {A5B38ED5-0275-4091-88A2-93E9FFFE392C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A93CD7F5-A075-47D9-A106-643C97EF9E71} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AEBDFAC9-37A9-4BD3-BBF3-123B641EA2C7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B05517AE-2F70-4F65-96F9-B91D200D0A73} - System32\Tasks\{67C537DC-A8FE-4583-B3C4-5E73D5617CD5} => pcalua.exe -a "C:\Users\User\Downloads\DieZauberhoehle (1).exe" -d C:\Users\User\Downloads
Task: {B1FC5A9D-C78F-45A6-9647-2500CA878F4B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B23611E0-FD7C-4DF3-8539-C8FC02B71B4F} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {B46260FF-6C55-4339-8908-B1BE4DE90CEC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF301BD7-09D8-452B-8C9E-0CCFD3AC23CC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C0452960-C86D-4E17-A4F2-412D434B17A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2A6C8E8-CBA5-4FEE-8EAE-3F02C2FA7DFC} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-Philipp => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {C54C67A6-31CD-4CAF-B469-5A4CDB30FB74} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7B77295-13FA-4AB0-886C-6BFE514C19AD} - System32\Tasks\SimpleFiles Update Service => C:\Program Files\SimpleFilesUpdater\SimpleFilesUpdater.exe
Task: {CCF36A05-4AFF-4EE4-B152-6FC17F27CC9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {D9D5B052-D43E-43D7-8C0E-FCA5B7FB0CCA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E5B1FE5D-677E-4DA8-8187-BC30EA11946A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE1F2C4B-AEEA-4420-B911-F1B381A55DCD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-29 14:44 - 2015-07-29 14:44 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 13:40 - 2015-08-11 10:53 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-04-13 15:55 - 2015-04-13 15:55 - 00129376 _____ () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2013-05-20 14:12 - 2013-05-20 14:50 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2015-10-01 18:30 - 2015-09-17 08:27 - 01766952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:30 - 2015-09-17 08:27 - 01766952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-08-30 10:01 - 2013-08-30 10:01 - 02601840 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll
2012-05-19 12:23 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2015-04-13 15:55 - 2015-04-13 15:55 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2015-07-10 10:24 - 2015-07-10 10:24 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-04 09:54 - 2015-09-24 18:17 - 00149480 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2015-08-04 09:53 - 2015-09-24 18:17 - 00090088 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2015-08-04 09:53 - 2015-09-24 18:17 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2015-08-04 09:54 - 2015-09-24 18:17 - 00260072 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-08-04 09:54 - 2015-09-24 18:17 - 00291304 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\lua_plugin.dll
2015-09-09 17:33 - 2015-09-09 17:33 - 00433664 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
2015-08-04 09:54 - 2015-09-24 18:17 - 00369640 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2015-08-04 09:54 - 2015-09-24 18:17 - 00025576 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\test_plugin.dll
2015-08-04 09:54 - 2015-09-24 18:17 - 00034280 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\ts3g15.dll
2015-09-26 15:20 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-26 15:20 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-10-01 18:29 - 2015-09-17 07:26 - 00707072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-10-01 18:30 - 2015-09-17 07:26 - 01386496 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-10-01 18:29 - 2015-09-17 07:25 - 01183232 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 18:29 - 2015-09-17 07:25 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-29 14:44 - 2015-07-29 14:44 - 00500736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-07-30 20:51 - 2015-07-30 20:51 - 00170496 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\13711a764aa1f017ffa9f306e149169e\IsdiInterop.ni.dll
2010-08-30 20:04 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-10-01 18:30 - 2015-09-17 07:28 - 04317696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00642048 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-10-01 18:30 - 2015-09-17 07:26 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 10:25 - 2015-07-10 15:16 - 00107520 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-01-21 17:54 - 2015-03-28 19:26 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-09-30 19:31 - 2015-09-30 19:31 - 02220536 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.0\deploy\LoLLauncher.exe
2015-09-30 19:33 - 2015-09-30 19:33 - 04043768 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.40\deploy\LoLPatcher.exe
2015-09-30 19:33 - 2015-09-30 19:33 - 01602552 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.40\deploy\RiotLauncher.dll
2015-03-28 21:17 - 2015-03-28 21:17 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.161\deploy\LolClient.exe
2015-09-30 19:45 - 2015-09-30 19:45 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.161\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-09-30 19:45 - 2015-09-30 19:46 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.161\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\Temp:258D2F8B
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:3B812EE0
AlternateDataStreams: C:\ProgramData\Temp:98CF1A39
AlternateDataStreams: C:\ProgramData\Temp:A7D26093
AlternateDataStreams: C:\ProgramData\Temp:F4CA4D70
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\aeriastatic.com -> aeriastatic.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Downloads\sasuke-uchiha.jpg
HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\Downloads\naruto_663___rikudou_madara__by_designerrenan-d757177.png
HKU\S-1-5-21-1756924282-4294452273-3083732856-1007-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files\ExKode\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Ocs_SM => C:\Users\User\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
MSCONFIG\startupreg: PRIME Gaming Mouse => "C:\Program Files\SPEEDLINK Gaming Mouse\Gaming Mouse.exe" /hide
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spiele Post => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
HKLM\...\StartupApproved\Run: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run: => "Ocs_SM"
HKLM\...\StartupApproved\Run: => "Windows10FirewallControl"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "Spiele Post"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{42689E27-F427-4ED4-AFE2-AF8606675B76}C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe] => (Allow) C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe
FirewallRules: [TCP Query User{711044CF-97B9-4359-84E8-4A232A7CFD7B}C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe] => (Allow) C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe
FirewallRules: [{5400D9D5-3090-43E4-B93A-E31C484B5CB3}] => (Allow) C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [UDP Query User{C88BB359-7CE2-4410-91DC-803021B7F139}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{44C3DEB4-B2AD-4A12-AADC-9097EA0E5260}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{756C8AC2-BFF2-4D69-A061-ABFADE855005}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{69C70296-ACA5-42E6-B842-1793DB7CC383}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{74FEAC59-30A1-45AF-98FD-EBF9E2ADF970}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{6C8FD3F8-5769-4821-9EE4-27E79A7F706D}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [UDP Query User{0BB8C592-660F-491F-8EED-3169FB09C7C5}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{EAE93C0C-8D16-4BC5-95E9-A0632A941258}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3CB6298F-6175-41F5-9F23-5DD3A1A0FA94}] => (Allow) C:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{31F2CDA1-757D-449E-9A81-9B0C60A3631F}] => (Allow) C:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{C8D556FB-232D-4449-BEBE-43893161298D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1145C3AB-3958-442D-A8E4-F09E855DE8FD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CE4700E9-1066-4A35-8A2D-D82C37BDA8B0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{092BFFD0-5ABD-45DC-A6DC-21B56019C4AA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{8174A619-97D3-4139-AFD0-5C39AFCF9224}C:\program files\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files\speedlink gaming mouse\gaming mouse.exe
FirewallRules: [TCP Query User{A4789579-9415-418A-B591-F69866701A13}C:\program files\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files\speedlink gaming mouse\gaming mouse.exe
FirewallRules: [UDP Query User{A01E6294-7DE2-43D0-A7D2-594C1A08BDE0}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{708C0719-F688-4C53-9645-3684F706CC88}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{525F6525-E841-4EA4-A23B-9D54DD156FE3}] => (Allow) C:\Program Files\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{95CBE699-0DAB-4026-86E2-2C6DE5E046AA}] => (Allow) C:\Program Files\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{FD90EDE9-B026-4EE6-AAE6-896DCE8D91A7}] => (Allow) C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AECAD51C-6F50-4DDE-BBA8-33003E7BD64B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [UDP Query User{FF5BFADD-9272-4932-B635-BF421C0A274F}C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{AC9B6C99-0968-407D-8716-8C4ED7582B46}C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{4D4FA519-472C-4F49-8788-A17F2FB1F70E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4CE4E705-68C6-45A9-A464-C1AA7E63A277}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6DE5180C-FC36-43D6-A8CB-B7CF1627BC88}] => (Allow) C:\Program Files\Ubisoft\Ivory Tower\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{4A8F3F65-54C2-45BD-A34C-8FD00123BB60}] => (Allow) C:\Program Files\Ubisoft\Ivory Tower\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{F61EE33A-9F0A-4253-9039-2B8A570D1C4C}] => (Allow) C:\Users\User\AppData\Local\Temp\nsa80F6.tmp\CnetInstaller-75095296.exe
FirewallRules: [{EBA35DEB-C468-4944-9C90-EDE01A7BD8A4}] => (Allow) C:\Users\User\AppData\Local\Temp\nsa80F6.tmp\CnetInstaller-75095296.exe
FirewallRules: [{E5947700-8BC3-4DCF-8CD5-821F5B51E76E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{0686AE97-A6F8-4778-8D3A-0B0259072A86}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3EA4A022-4095-4E38-9E8F-20EE8A0E96F0}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D46C49AF-4759-46CD-8952-66627EFE0CA9}] => (Allow) C:\Program Files\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{F5CC3CF0-103C-4591-9770-FA0A4EDA18AF}] => (Allow) C:\Program Files\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [UDP Query User{437C0A07-88A2-4577-A34F-8CCC14654897}C:\program files\mta san andreas 1.4\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.4\server\mta server.exe
FirewallRules: [TCP Query User{6CC858C4-50DF-4505-BEEC-2449D022C5A5}C:\program files\mta san andreas 1.4\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.4\server\mta server.exe
FirewallRules: [{7BD304F6-B77E-44A1-AEC0-F3798F6625F3}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{1182AD4C-227F-4862-853D-7EB780765D2B}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{68E389F8-F388-4AB0-9208-45F2AEBC7961}C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe] => (Allow) C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe
FirewallRules: [TCP Query User{5524EE5A-1827-4479-BA49-CACD95750CF7}C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe] => (Allow) C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe
FirewallRules: [UDP Query User{70F8B244-2DD7-4A28-9132-DB65991C0C9D}C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe] => (Allow) C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe
FirewallRules: [TCP Query User{2C8C9B63-CD0B-42F2-B4EB-597ECED0AA83}C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe] => (Allow) C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe
FirewallRules: [{36696375-2164-48C1-AEC8-483A8215C2A6}] => (Allow) C:\Program Files\SimpleFiles\downloader.exe
FirewallRules: [{C8B4A7AE-07EF-43EB-927B-D297CCC28577}] => (Allow) C:\Program Files\SimpleFiles\downloader.exe
FirewallRules: [{BE451030-BE2B-487E-82BF-8FEFE3C00B3C}] => (Allow) C:\Program Files\SimpleFiles\SimpleFiles.exe
FirewallRules: [{3CB7AF29-3D2A-4747-A4A8-B7EA9C8AA35A}] => (Allow) C:\Program Files\SimpleFiles\SimpleFiles.exe
FirewallRules: [{5EC3D59B-ABD5-41A4-950D-B99AB02C48D9}] => (Allow) C:\Program Files\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{8B7540F2-C5CC-4E3F-940B-77F08F6A902E}] => (Allow) C:\Program Files\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{22E36250-FADC-4CF8-ADB7-71E3D3C0756B}] => (Block) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [{6EE25ADB-83D8-4944-9F01-951B2132574C}] => (Block) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [UDP Query User{354B9E68-0A26-4662-9556-AF1ECEB0449F}C:\program files\mta san andreas 1.3\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [TCP Query User{D55DECD9-47F2-4EF9-A1AB-DE64BA6051A8}C:\program files\mta san andreas 1.3\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [UDP Query User{48AE4AF0-72D3-4706-9D26-F0AC68BA2076}C:\users\user\downloads\desktop\sa\gta_sa.exe] => (Block) C:\users\user\downloads\desktop\sa\gta_sa.exe
FirewallRules: [TCP Query User{AB554167-3350-4745-9A72-B37B788FC829}C:\users\user\downloads\desktop\sa\gta_sa.exe] => (Block) C:\users\user\downloads\desktop\sa\gta_sa.exe
FirewallRules: [{27A01E99-0473-4D53-A977-3CDD25DD34C4}] => (Allow) C:\Program Files\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{15808D04-43BA-4C22-B855-DE57DBE3AA8D}] => (Allow) C:\Program Files\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{68695488-3C6C-40EF-A8FD-3699203A02BB}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Bin\Microvolts.exe
FirewallRules: [{0FFD959A-DB2D-4010-8902-641C0B52BC8F}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Bin\Microvolts.exe
FirewallRules: [{DF599311-4B40-467F-ACBB-A8ACCB4A2439}] => (Allow) C:\Program Files\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{F2615F03-C27F-47EC-98CC-39750843FF06}] => (Allow) C:\Program Files\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C12B01E2-B216-420D-B010-61F69C4C7F1B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{54AFAE2C-522C-404C-A7E9-D8A50CD824E1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{628F8006-0447-4F53-9B8E-C1230095FBAD}] => (Allow) C:\Program Files\Steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe
FirewallRules: [{72496693-4460-4758-8132-D04746D6BB3C}] => (Allow) C:\Program Files\Steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe
FirewallRules: [{3998233D-51FE-4C25-A1DE-7CD904D6C1F6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BAEABCED-9E2F-468A-8B9F-44EED819DBA6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{60EDEE2E-3352-4E92-8B5B-AC59935C0371}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Launcher.exe
FirewallRules: [{42215ED3-A233-4D8F-BAA7-EF69F0E76E59}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Launcher.exe
FirewallRules: [{BB21F2EC-7E75-471F-8908-0EDCE59BAADF}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [{B8A97513-AE03-4D3B-8B0C-25AD56433960}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [UDP Query User{03993AD6-C4ED-425B-82F6-119953CEA1A2}C:\program files\atari\tdu2\testdrive2.exe] => (Allow) C:\program files\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{C2E56BCC-BA54-43A9-AADB-BE12B4175C88}C:\program files\atari\tdu2\testdrive2.exe] => (Allow) C:\program files\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{2CAB46F3-C43D-4B62-A72F-BCDB0C1F8DDA}C:\program files\atari\tdu2\uplauncher.exe] => (Allow) C:\program files\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{6048F5A1-1046-4803-B782-495ABC3F2289}C:\program files\atari\tdu2\uplauncher.exe] => (Allow) C:\program files\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{854CF552-A8B7-4041-8D43-E530A92FCE94}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [TCP Query User{D5519F1D-CB9C-4E45-8FA6-DEEF27161CF0}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [{9BE63902-C7FF-4629-9F2C-D12721A3AA37}] => (Allow) C:\Program Files\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{19A0E7CA-9483-4F69-B42E-25BE4C49FD3E}] => (Allow) C:\Program Files\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [UDP Query User{219E2558-DC5E-4B08-B371-5904513D0FAA}C:\users\user\downloads\desktop\darkgunz\gunz.exe] => (Allow) C:\users\user\downloads\desktop\darkgunz\gunz.exe
FirewallRules: [TCP Query User{37DED193-3CEA-4C29-8901-A1BC49DB2875}C:\users\user\downloads\desktop\darkgunz\gunz.exe] => (Allow) C:\users\user\downloads\desktop\darkgunz\gunz.exe
FirewallRules: [UDP Query User{61C06FA3-7B01-4216-941F-1CD44A87577F}C:\program files\virtualdj\virtualdj_pro.exe] => (Block) C:\program files\virtualdj\virtualdj_pro.exe
FirewallRules: [TCP Query User{BA4028C2-DE0C-441D-80B4-7B2861AACA44}C:\program files\virtualdj\virtualdj_pro.exe] => (Block) C:\program files\virtualdj\virtualdj_pro.exe
FirewallRules: [{CB927443-30DE-4FE1-ABD6-BBC31DFCA980}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{DD07B4F2-B611-47A1-B9C0-6574DD5A8949}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{B3BAD9B2-E142-4B65-8485-B0FB622B618B}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{09391EB3-834B-4B60-A067-401EE4635161}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{FF76863F-D153-4F6E-96DF-52D889778CDE}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{5020F75F-602B-41A7-811F-7E83D33511CF}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{3C92E447-12A7-4968-B1C7-D70093181A7F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [UDP Query User{8882115E-0CE7-4238-A0D7-DA70184DEABE}C:\ace of spades\server.exe] => (Allow) C:\ace of spades\server.exe
FirewallRules: [TCP Query User{5D533ED5-822C-4EC4-8A0B-8F4361DACD6C}C:\ace of spades\server.exe] => (Allow) C:\ace of spades\server.exe
FirewallRules: [UDP Query User{515CC01F-96FE-4207-9BF7-26CA35F8C10F}C:\users\philipp\desktop\skype.exe] => (Allow) C:\users\philipp\desktop\skype.exe
FirewallRules: [TCP Query User{27B11B87-F7A5-4340-A989-CD17ABBD5780}C:\users\philipp\desktop\skype.exe] => (Allow) C:\users\philipp\desktop\skype.exe
FirewallRules: [UDP Query User{5AE74B59-5412-470C-B936-BC5176E1A2B5}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{C5BD7998-B46B-4F7C-9444-D01C6B2B36CE}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [{EFBD7B9A-AF27-4596-B962-605A1A807B78}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{719DD8C9-49DF-4696-AA99-10F5FC1525C0}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [UDP Query User{4E8E8B5A-A161-4180-99D8-245920306018}F:\retro conects\emu\3.8.1\phoenix.exe] => (Allow) F:\retro conects\emu\3.8.1\phoenix.exe
FirewallRules: [TCP Query User{7DA755EA-DB5C-4CA1-8B21-8FFF5F3DFC6D}F:\retro conects\emu\3.8.1\phoenix.exe] => (Allow) F:\retro conects\emu\3.8.1\phoenix.exe
FirewallRules: [{78BDBC6C-FA68-470F-8C59-E1A705E94772}] => (Allow) C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{26172B2C-49EC-4290-8233-5F502A5E8F9A}] => (Allow) C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [UDP Query User{FCD6DDE2-F95A-4C9B-B803-06F9102A28A4}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{A2C291FE-5472-47C1-A6C2-22B1919C5338}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{5AA0543C-316B-4F21-966B-84C99FA50CC0}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{885BD716-FC35-48B5-832C-EC88961BA15E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{E7E973C0-4228-4F5F-BD2C-F5712354DA46}] => (Allow) C:\Users\Philipp\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{FBB1A55D-4FEE-448D-94EF-47AA484C1078}] => (Allow) C:\Users\Philipp\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [UDP Query User{760D4AAB-10E3-4D11-AA41-5009BCBAB86A}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{9B1B28A0-C2DF-4551-A727-CDF8BEE2ECEA}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{C88C2F36-3F41-4F26-B5FE-9ACEC60B6D88}C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe
FirewallRules: [TCP Query User{A7E69A7E-18BE-401D-8260-D941DE649D9B}C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe
FirewallRules: [UDP Query User{EFB4C96A-9D0F-4238-9733-9E06E933209D}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{A60D8900-EDAA-4EE8-9B28-11DBAD8A6D60}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{BCABBB62-F67C-4B9A-880B-F9B74DC43DB9}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{0752F99D-E2BF-4E83-B722-2EEDE718C17F}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{5017EFE8-7869-49F1-9E25-8B2642F7D2D0}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{33C61532-C68D-49F3-9A21-EF2B22C6AC07}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{C013538C-9D1C-4141-9C95-70868081A59A}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{4E6AA875-E905-45AA-A711-6F0C3ABAED0A}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{299984B2-C8D5-42CD-9008-384C10A00B69}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{CB478090-2321-48B1-8F4B-8011A1991C90}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{46CC76CC-4E42-4F77-8DC8-FC8124702B3C}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{85D1F3C3-16E7-4931-B186-5A2AB23C8F39}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [UDP Query User{53DF6DE2-4C81-41C0-A9A7-EC1B2A7B459E}C:\program files\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe
FirewallRules: [TCP Query User{A7759118-3F7A-4D38-8A16-667762A18CA1}C:\program files\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe
FirewallRules: [UDP Query User{F62D7050-9DBA-4C4E-9759-EB9011CC98D5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{4764D584-6134-41B8-AEE8-A82FA412192D}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{3A20C30F-16FC-462C-80EC-9FCB8ADC4A02}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{4D61F701-A2BF-4938-BAE3-11552DFC97EB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{8358DF11-488F-4467-9A8E-28188AB7B994}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{4F8F98BD-627F-47E8-B15C-61CC3829D443}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{1DDFB383-BB26-4C63-8C87-B4F870C22F30}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F30CE0D4-CEB1-48FF-9D4A-600DF23C27EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F729D051-3879-48DD-98C4-4892839A2444}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{84323AA2-4332-4B50-9A32-4F6CEAFD61B3}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B6FAAD0D-533A-41A4-97D2-78AA90725162}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{87E6175E-D3C6-498C-BE20-BBFA3737CD32}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
FirewallRules: [{1B0BEDD0-5AB4-47ED-A442-1AEF1E806015}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
FirewallRules: [TCP Query User{F44513D8-BE35-4EE0-B2F8-82A22BA544A6}C:\program files\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.5\server\mta server.exe
FirewallRules: [UDP Query User{6BD19584-0F32-4A5C-AAE9-8C49A9FF36A6}C:\program files\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{F6E2C86F-D024-469A-B096-FCCF2CA1895B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{720E313D-467E-45AD-ABE3-3F86B563D121}] => (Allow) C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{43420097-400A-47AB-9A62-8FF9EEFE1B66}C:\users\user\appdata\roaming\ygopro devpro\devpro.dll] => (Allow) C:\users\user\appdata\roaming\ygopro devpro\devpro.dll
FirewallRules: [UDP Query User{A4501A90-1DDE-44E6-9634-3F891598A2E8}C:\users\user\appdata\roaming\ygopro devpro\devpro.dll] => (Allow) C:\users\user\appdata\roaming\ygopro devpro\devpro.dll
FirewallRules: [TCP Query User{661BCD85-D778-4E2C-B4C4-FE3812A7004A}C:\program files\teamspeak 3 client\ts3client_win32.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win32.exe
FirewallRules: [UDP Query User{8CB2FE79-D27E-4B7C-890F-B8A31B560073}C:\program files\teamspeak 3 client\ts3client_win32.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win32.exe
FirewallRules: [{B821FFD6-F705-446F-81D1-F1B9518199C5}] => (Allow) C:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0DEDE563-F747-40A7-AC59-9ACE8F4F8F47}] => (Allow) C:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{99D34D43-39FC-4CDC-8BB2-016F429C5C07}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/10/2015 07:56:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11b8
Startzeit: 01d103849d0db596
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Berichts-ID: 3df9552a-6f78-11e5-93da-6c626d887930
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI
Error: (10/10/2015 07:56:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: USER-PC)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (10/10/2015 07:55:48 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (10/10/2015 07:55:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x54dca1de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1b74
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (10/10/2015 07:55:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei ATI.ACE.ADL.ADL+ADLImport.ADL2_Graphics_MantleVersion_Get(IntPtr, ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.ADL.ADL.Synchronized_ADL2_Mantle_Versions_Get(ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.GetMantleDetails()
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.Initialize()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Initialize(ATI.ACE.CLI.Foundation.XCastesBase)
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/10/2015 07:55:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x54dca1de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1a24
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (10/10/2015 07:55:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei ATI.ACE.ADL.ADL+ADLImport.ADL2_Graphics_MantleVersion_Get(IntPtr, ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.ADL.ADL.Synchronized_ADL2_Mantle_Versions_Get(ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.GetMantleDetails()
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.Initialize()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Initialize(ATI.ACE.CLI.Foundation.XCastesBase)
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/10/2015 07:52:47 PM) (Source: Apache Service) (EventID: 3299) (User: )
Description: The Apache service named reported the following error:
>>> Unable to open logs .
Error: (10/10/2015 07:52:47 PM) (Source: Apache Service) (EventID: 3299) (User: )
Description: The Apache service named reported the following error:
>>> no listening sockets available, shutting down .
Error: (10/10/2015 07:52:47 PM) (Source: Apache Service) (EventID: 3299) (User: )
Description: The Apache service named reported the following error:
>>> (OS 10013)Der Zugriff auf einen Socket war aufgrund der Zugriffsrechte des Sockets unzulässig. : make_sock: could not bind to address 0.0.0.0:80 .
Systemfehler:
=============
Error: (10/10/2015 07:55:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (10/10/2015 07:52:47 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Apache2.2" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%1
Error: (10/10/2015 07:52:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/10/2015 07:51:33 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (10/10/2015 07:50:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session1 erreicht.
Error: (10/10/2015 07:50:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _Session1 erreicht.
Error: (10/10/2015 07:50:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerdatenspeicher _Session1" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (10/10/2015 07:50:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/10/2015 07:50:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/10/2015 07:50:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 65%
Installierter physikalischer RAM: 3063.11 MB
Verfügbarer physikalischer RAM: 1063.57 MB
Summe virtueller Speicher: 7657.11 MB
Verfügbarer virtueller Speicher: 4763.7 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:1356.16 GB) (Free:851.63 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:21.06 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: C62503B8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende vom Addition.txt ============================
|
|
11.10.2015, 07:32
| #5 |
| /// the machine /// TB-Ausbilder | CCC.exe Ungültiges Bild Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.10.2015, 10:44
| #6 |
| | CCC.exe Ungültiges BildCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 11.10.2015 Suchlaufzeit: 10:03 Protokolldatei: ss.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.10.11.01 Rootkit-Datenbank: v2015.10.06.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x86 Dateisystem: NTFS Benutzer: User Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 543064 Abgelaufene Zeit: 55 Min., 38 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.013 - Bericht erstellt am 11/10/2015 um 11:21:38
# Aktualisiert am 09/10/2015 von Xplode
# Datenbank : 2015-10-04.3 [Lokal]
# Betriebssystem : Windows 10 Home (x86)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Downloads\AdwCleaner_5.013.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner Gefunden : C:\ProgramData\AstralaxWrapper
Ordner Gefunden : C:\ProgramData\36efa2f8444e4226
Ordner Gefunden : C:\Users\Public\Documents\iWin
Ordner Gefunden : C:\Users\Public\Documents\MyPlayCity
Ordner Gefunden : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl
Ordner Gefunden : C:\Users\User\AppData\Roaming\DesktopIconForAmazon
Ordner Gefunden : C:\Users\User\AppData\Roaming\OCS
Ordner Gefunden : C:\Users\User\Downloads\Desktop\Browser
***** [ Dateien ] *****
Datei Gefunden : C:\Users\User\AppData\Local\Temp\Utils.dll
Datei Gefunden : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\Extensions\extension@pricesparrow.com.xpi
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
Task Gefunden : Express FilesUpdate
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OCS_Sm
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Ocs_SM]
Schlüssel Gefunden : HKCU\Software\Mozilla\Extends
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3F2DC1E7-A56F-49D8-B0CF-DB2300594497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3F2DC1E7-A56F-49D8-B0CF-DB2300594497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Schlüssel Gefunden : HKU\.DEFAULT\Software\AVG Nation toolbar
Schlüssel Gefunden : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Schlüssel Gefunden : HKU\.DEFAULT\Software\AVG Secure Search
Schlüssel Gefunden : HKU\.DEFAULT\Software\Avg Secure Update
Schlüssel Gefunden : HKCU\Software\Ciuvo
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\RegistryDrLanguage
Schlüssel Gefunden : HKCU\Software\Avg Secure Update
Schlüssel Gefunden : HKCU\Software\SetMyHomePage
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.firetab.org/?type=ds3nt
Daten Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.firetab.org/?type=ds3nt
Daten Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.firetab.org/?type=ds3nt
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1C542DF7-3396-4D42-B172-0BB3112B443A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5F479614-7D29-4B6F-9A25-655F51040A54}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{739E9E60-0D96-CF0A-F381-313EA71EEAB9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A604491-5B94-4FB6-B577-D6496603425B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9F83E414-E084-43BB-9B34-58CA5E2599F3}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DE8CDA62-F792-46BD-96A0-8E0B11F3672A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FAFEC997-12BC-4538-8ACF-E518208DF1DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1C542DF7-3396-4D42-B172-0BB3112B443A}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
Daten Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5F479614-7D29-4B6F-9A25-655F51040A54}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{739E9E60-0D96-CF0A-F381-313EA71EEAB9}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8A604491-5B94-4FB6-B577-D6496603425B}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9F83E414-E084-43BB-9B34-58CA5E2599F3}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DE8CDA62-F792-46BD-96A0-8E0B11F3672A}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FAFEC997-12BC-4538-8ACF-E518208DF1DB}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{1C542DF7-3396-4D42-B172-0BB3112B443A}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
Daten Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{5F479614-7D29-4B6F-9A25-655F51040A54}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{739E9E60-0D96-CF0A-F381-313EA71EEAB9}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{8A604491-5B94-4FB6-B577-D6496603425B}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{9F83E414-E084-43BB-9B34-58CA5E2599F3}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{DE8CDA62-F792-46BD-96A0-8E0B11F3672A}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{FAFEC997-12BC-4538-8ACF-E518208DF1DB}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
***** [ Internetbrowser ] *****
[C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\prefs.js] [Preference] Gefunden : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\prefs.js] [Preference] Gefunden : user_pref("extensions.quick_start.enable_search1", false);
[C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\prefs.js] [Preference] Gefunden : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\prefs.js] [Preference] Gefunden : user_pref("keyword.URL", "hxxp://start.myplaycity.com/results.php?category=web&s=");
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gefunden : mpcstart
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gefunden : hxxp://start.myplaycity.com/
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : flolnhkojafikhpkpidiphabnpgedplh
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : iibmmjhgclhlahmjniokmhleigemjpbh
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : kljkanaekoongefljnjbghkgjjocmikm
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : npnkeeiehehhefofiekoflfedgehcdhl
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gefunden : hxxp://start.myplaycity.com/
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [11809 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x86
Ran by User on 11.10.2015 at 11:37:20,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\users\Public\Documents\alawarwrapper
Successfully deleted: [Folder] C:\Users\User\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\User\Appdata\Local\cre
Successfully deleted: [Folder] C:\Users\User\AppData\Roaming\alawar
Successfully deleted: [Folder] C:\WINDOWS\System32\ai_recyclebin
~~~ Chrome
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.10.2015 at 11:39:25,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:10-10-2015
durchgeführt von User (2015-10-11 11:42:28)
Gestartet von C:\Users\User\Downloads\Desktop
Microsoft Windows 10 Home (X86) (2015-07-29 12:23:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1756924282-4294452273-3083732856-500 - Administrator - Disabled)
David (S-1-5-21-1756924282-4294452273-3083732856-1007 - Limited - Enabled)
DefaultAccount (S-1-5-21-1756924282-4294452273-3083732856-503 - Limited - Disabled)
Gast (S-1-5-21-1756924282-4294452273-3083732856-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1756924282-4294452273-3083732856-1004 - Limited - Enabled)
Philipp (S-1-5-21-1756924282-4294452273-3083732856-1002 - Limited - Enabled) => C:\Users\Philipp
User (S-1-5-21-1756924282-4294452273-3083732856-1000 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\uTorrent) (Version: 3.4.3.40208 - BitTorrent Inc.)
Ace of Spades (HKLM\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)
Ace of Spades (HKLM\...\Steam App 224540) (Version: - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.1.2.232 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader 9.3.4 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.8.612 - Adobe Systems, Inc.)
Alabama Smith In Escape From Pompeii (HKLM\...\Alabama Smith In Escape From Pompeii_is1) (Version: 1.0 - MyPlayCity, Inc.)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{DE7D695C-2EC7-AFDF-F786-6E938DE83175}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ancient Secrets: Der goldene Schlüssel (HKLM\...\Ancient Secrets: Der goldene Schlüssel) (Version: 2.0.0.0 - INTENIUM GmbH)
APB Reloaded (HKLM\...\Steam App 113400) (Version: - Reloaded Productions)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aranjas (HKLM\...\Aranjas) (Version: 0.0.0.0 - INTENIUM GmbH)
Ashley Clark: Das Geheimnis des Rubins (HKLM\...\Ashley Clark: Das Geheimnis des Rubins) (Version: 2.0.0.0 - INTENIUM GmbH)
Atlantis - Mysteries of Ancient Inventors (HKLM\...\Atlantis - Mysteries of Ancient Inventors_is1) (Version: 1.0 - MyPlayCity, Inc.)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
BearShare (Version: 10.0.0.128377 - Musiclab, LLC) Hidden
BigMacroTool 1.5 (HKLM\...\{620CAD2D-0757-43A9-AA5F-C8D48A1E4D85}_is1) (Version: - TLProd)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (Version: 2010.0527.1242.20909 - ATI) Hidden
Cinema 4D version R12 (HKLM\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cities Skylines (HKLM\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
CLEO 4.3 (HKLM\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
Das Rätsel der Eisprinzessin Sammleredition (HKLM\...\Das Rätsel der Eisprinzessin Sammleredition) (Version: 0.0.0.0 - INTENIUM GmbH)
Defiance (HKLM\...\Steam App 224600) (Version: - Trion Worlds, Inc.)
Deutschland Spielt - Spiele Post (HKLM\...\Deutschland Spielt - Spiele Post) (Version: 1.0.4.38 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Farmscapes(TM) Premium Edition (HKLM\...\00e1b559ced624f1a3ef930630c2d865) (Version: - zylom)
Firebird 2.5.0.26074 (Win32) (HKLM\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
FlatOut2 (HKLM\...\{7E641E46-81DB-4D1D-906A-48342523051C}) (Version: 1.00.0000 - Ihr Firmenname)
Frankenstein - The Dismembered Bride (HKLM\...\Frankenstein - The Dismembered Bride_is1) (Version: 1.0 - MyPlayCity, Inc.)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
GameCatalog15.2013 (Version: 1.00.0000 - Intenium GmbH) Hidden
Gardenscapes – Gestalte dein Haus (HKLM\...\Gardenscapes – Gestalte dein Haus_is1) (Version: - Playrix Entertainment)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Hidden Object Crosswords (HKLM\...\Hidden Object Crosswords_is1) (Version: 1.0 - MyPlayCity, Inc.)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
IdleMaster (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\1d85483b1c982d8c) (Version: 0.8.0.2 - IdleMaster)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java(TM) 6 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
join.me (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\JoinMe) (Version: 1.8.0.108 - LogMeIn, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
Loadout (HKLM\...\Steam App 208090) (Version: - Edge of Reality)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.385 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.385 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Masters of Mystery - Crime of Fashion (HKLM\...\Masters of Mystery - Crime of Fashion_is1) (Version: 1.0 - MyPlayCity, Inc.)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mermaid Adventures - the Frozen Time (HKLM\...\Mermaid Adventures - the Frozen Time_is1) (Version: 1.0 - MyPlayCity, Inc.)
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MicroVolts Surge (HKLM\...\Steam App 109400) (Version: - NQ Games)
Minecraft (HKLM\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
MorphVOX Junior (HKLM\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Mortimer Beckett And The Time Paradox (HKLM\...\Mortimer Beckett And The Time Paradox_is1) (Version: 1.0 - MyPlayCity, Inc.)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MTA:SA v1.4.1 (HKLM\...\MTA:SA 1.4) (Version: v1.4.1 - Multi Theft Auto)
MTA:SA v1.5.0 (HKLM\...\MTA:SA 1.5) (Version: v1.5.0 - Multi Theft Auto)
Mysteries and Nightmares: Morgianas Fluch (HKLM\...\Mysteries and Nightmares: Morgianas Fluch) (Version: 2.0.0.0 - INTENIUM GmbH)
Mystic Gallery (HKLM\...\Mystic Gallery_is1) (Version: 1.0 - MyPlayCity, Inc.)
Need for Speed(TM) Hot Pursuit (HKLM\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Need For Speed™ World (HKLM\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1353 - Electronic Arts)
Notepad++ (HKLM\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Overwolf (HKLM\...\Overwolf) (Version: 0.89.107.0 - Overwolf Ltd.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Pidgin (HKLM\...\Pidgin) (Version: 2.10.11 - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PRIME Z-DW Gaming Mouse (HKLM\...\PRIME Gaming Mouse) (Version: 1.0 - SPEEDLINK)
RaceRoom Racing Experience Launcher (HKLM\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIDGE RACER™ Driftopia (HKLM\...\Steam App 226410) (Version: - BUGBEAR)
Robocraft (HKLM\...\Steam App 301520) (Version: - Freejam)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix)
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version: - Punk Software)
S4 League_EU (HKLM\...\{A7D97EE5-6C35-4EF3-8BAD-98B8D4E83770}) (Version: 1.00.0000 - )
Season Match - Curse of the Witch Crow (HKLM\...\Season Match - Curse of the Witch Crow_is1) (Version: 1.0 - MyPlayCity, Inc.)
Skype™ 7.0 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.0.100 - Skype Technologies S.A.)
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
SOE Web Installer (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sonic & All-Stars Racing Transformed (HKLM\...\Steam App 212480) (Version: - Sumo Digital)
Sonic and SEGA All Stars Racing (HKLM\...\Steam App 34190) (Version: - Sumo Digital)
Sothink SWF Decompiler (HKLM\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.0 - SourceTec Software Co., LTD)
Sothink SWF Editor Version 1.0 (HKLM\...\{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1) (Version: 1.0 - So Think, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spirits of Mystery: Der dunkle Minotaurus (HKLM\...\BFG-Spirits of Mystery - Der dunkle Minotaurus) (Version: - )
Spotify (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tales From The Dragon Mountain 2: The Lair (HKLM\...\Tales From The Dragon Mountain 2: The Lair) (Version: 0.0.0.0 - INTENIUM GmbH)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Test Drive Unlimited 2 (HKLM\...\Test Drive Unlimited 2_is1) (Version: - Atari)
The Crew (Worldwide) (HKLM\...\Uplay Install 413) (Version: - Ubisoft)
The Dream Voyagers: Die Traumheiler (HKLM\...\The Dream Voyagers: Die Traumheiler) (Version: 2.0.0.0 - INTENIUM GmbH)
The Path of Hercules (HKLM\...\The Path of Hercules_is1) (Version: 1.0 - Playrix Entertainment)
Unity Web Player (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM\...\Uplay) (Version: 4.9 - Ubisoft)
Vampire Saga - Welcome to Hellock (HKLM\...\Vampire Saga - Welcome to Hellock_is1) (Version: 1.0 - MyPlayCity, Inc.)
Vegas Pro 11.0 (HKLM\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
VirtualDJ Home FREE (HKLM\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
VirtualDJ PRO Full (HKLM\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
Webocton - Scriptly 0.8.95.6 (HKLM\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows10FirewallControl Basic 7.2.105.116 (HKLM\...\Windows10FirewallControl_is1) (Version: 7.2.105.116 - Sphinx Software)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wonderland Online (HKLM\...\Wonderland Online_is1) (Version: 6.1.8 - IGG,Inc.)
XAMPP 1.7.7 (HKLM\...\xampp) (Version: - )
YGOPro DevPro (HKLM\...\{A115F80F-2B26-464E-97A3-8B13EC533C3D}) (Version: 2.1.2 - DevPro, LLC)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{000F1EA4-5E08-4564-A29B-29076F63A37A}\InprocServer32 -> C:\Users\User\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
==================== Wiederherstellungspunkte =========================
08-10-2015 16:15:47 Windows Update
11-10-2015 09:52:56 Revo Uninstaller's restore point - Minecraft - 1.6.4 Packages
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0408822E-7F37-45E8-8A7E-6BDB28845C24} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {049C8435-9056-408C-86C9-0B45479D2E66} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04CF40E1-6710-4141-86B4-106A679BE6F1} - System32\Tasks\{9738F50E-C0E0-4B9E-B00E-A4FC4FE9DB65} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=12031
Task: {08CEF25C-2297-4DE5-AE6D-E09CBE40AFCE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {0CAB2961-8A26-4ADB-879D-A365168B3270} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0ECCFCD1-C313-451E-9BC1-62AE7822299D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1AB50A0E-732D-464D-9D23-D3077A9F43A3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1FE0D709-36AA-4685-9D76-D715A0D8D8E1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {21E7BC0A-C9A6-4828-9040-BC1B59E34C63} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F52831A-C63F-4C66-98C8-7202CEA54C9E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {340E9A09-D230-4309-B984-9F5AA9EA54B1} - System32\Tasks\{1655C560-5A86-4479-8A4C-65887C481E75} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=12031
Task: {35D1F3E0-DF55-42AF-9180-88752691E2DB} - System32\Tasks\{A84C3686-18D9-4C50-B3C5-F971D1026B97} => pcalua.exe -a "C:\Program Files\Tuguu SL\VAFPlayer\Uninstall.exe" -d "C:\Program Files\Tuguu SL\VAFPlayer"
Task: {3AD6FA87-D484-4B36-B36A-0C41FD43A962} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3FAA0553-A304-4509-A1EA-DC8415F3EE34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {44F96C3D-9FC8-46EA-9B64-1265D898DBB5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4DD04DC2-2146-4790-831B-0ACFA25F85D5} - System32\Tasks\{FF20A75F-9C6E-42F0-BFAC-022CC13E33EF} => pcalua.exe -a "C:\Users\User\Downloads\DieWiegeRoms (1).exe" -d C:\Users\User\Downloads
Task: {53A59AF8-60DE-4DF2-A23A-1D95FDCC5C8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {558B9E84-CC15-447A-B3F5-4F30D1A3B2F7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {572EA14B-4479-430D-AD78-D83EC7CF14C7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5920712F-C28B-4A7F-90D0-D2BE609A21E9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {592468C8-1487-4F9A-AB78-7F5809E3CE3B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5B3D1B56-C200-4B45-ADA3-E7F775E9EBC9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {62867CC5-C650-4205-A769-0A2A957A1E60} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {65E6E7FA-0F26-4041-84F3-6D11980EAF6F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {75D581FC-9FD7-439A-8ABA-93F4E2F0D1F4} - System32\Tasks\{4CE26FDA-76BF-4CBB-8128-35E8DA1DE3D1} => pcalua.exe -a "C:\Users\User\Downloads\LauraJones (1).exe" -d C:\Users\User\Downloads
Task: {768A774D-D02A-4295-A741-17448DEC1114} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B7820B1-4F9D-4275-9BEF-C5F8E5436E67} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {7D20F69C-A5E6-458A-AE12-A2F82FB2A778} - System32\Tasks\{42E59334-3E85-458F-B13A-D73DCCFF2B42} => pcalua.exe -a C:\Users\User\Downloads\SchatzjaegerTreasureHunters.exe -d C:\Users\User\Downloads
Task: {85CDFC7B-BDC5-4581-9063-7AD59A246BF1} - System32\Tasks\{350FEF7D-0484-41DF-A1F5-6613CD56A397} => pcalua.exe -a "C:\Users\User\Downloads\mysticgallery_setup (2).exe" -d C:\Users\User\Downloads
Task: {874D95F5-19F0-44E3-ABF2-9AC5C404C8F6} - System32\Tasks\{540EDBBA-0D60-4BFE-96A1-6308F1A29326} => pcalua.exe -a "C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client\package_inst.exe" -d C:\Users\User\Downloads -c "C:\Users\User\Downloads\soundboard-0.9.9.6b-win32.ts3_plugin"
Task: {89CC7417-74D2-4624-93C2-DC8113C13E4C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8A1DEEF8-8F35-40CB-B63D-D66B2591C7E6} - System32\Tasks\{E4B3DF97-23B5-4212-9EF1-8B3E2EA5D741} => pcalua.exe -a "C:\Users\User\Downloads\loki_setup (1).exe" -d C:\Users\User\Downloads
Task: {8D6A2521-E4A7-4F08-8626-251CB3251717} - System32\Tasks\{ABF1FFF9-E6F7-44F3-96E1-6EA86F1C6E89} => pcalua.exe -a C:\Users\User\Downloads\witchcrow_setup.exe -d C:\Users\User\Downloads
Task: {8DD0CC02-29AE-4921-91D5-28A791189E39} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {907A5884-3CF8-4805-BA70-65CBAABA06EB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90EDEA0C-FE1B-4FE2-89D6-DDD43B56D9AB} - System32\Tasks\Overwolf Updater Task => C:\Program Files\Overwolf\OverwolfUpdater.exe [2015-09-29] (Overwolf LTD)
Task: {91107982-7FF7-47FE-88ED-7B2B8EF1A8C0} - System32\Tasks\{CAD8A498-50EF-4FFB-A877-AB5B0BDC6CB7} => pcalua.exe -a "C:\Users\User\Downloads\DieWiegeOlympias3 (1).exe" -d C:\Users\User\Downloads
Task: {91376F64-3E43-4EFC-A190-2A791134456F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {91D7AAC1-697B-4ED6-A40F-26F37A101C74} - System32\Tasks\{A47C8D3D-514B-4520-AB3D-29E6564E0BE1} => pcalua.exe -a C:\Users\User\Downloads\MortimerBeckett3.exe -d C:\Users\User\Downloads
Task: {9216A6DF-4486-4F86-BC04-D66D43F5ADE2} - System32\Tasks\{A9244D4B-5AF2-4A79-A04D-387223DC37BD} => pcalua.exe -a "C:\Users\User\Downloads\rainbowweb3_setup (1).exe" -d C:\Users\User\Downloads
Task: {A0729C9E-ADC0-489C-AB3E-A93FE35C1575} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: {A0AEDE99-851E-445F-9ADD-5A6B4D48D489} - System32\Tasks\{B4271D65-C748-4D7D-A4BA-BC8AEF3EBBCA} => pcalua.exe -a "C:\Program Files\OXXOGames\GPlayer\\MyInstall.exe" -c ScriptUInst "C:\Program Files\OXXOGames\GPlayer\Install\\Game_7Wonders.log"
Task: {A5B38ED5-0275-4091-88A2-93E9FFFE392C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A93CD7F5-A075-47D9-A106-643C97EF9E71} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AEBDFAC9-37A9-4BD3-BBF3-123B641EA2C7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B05517AE-2F70-4F65-96F9-B91D200D0A73} - System32\Tasks\{67C537DC-A8FE-4583-B3C4-5E73D5617CD5} => pcalua.exe -a "C:\Users\User\Downloads\DieZauberhoehle (1).exe" -d C:\Users\User\Downloads
Task: {B1FC5A9D-C78F-45A6-9647-2500CA878F4B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B23611E0-FD7C-4DF3-8539-C8FC02B71B4F} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {B46260FF-6C55-4339-8908-B1BE4DE90CEC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF301BD7-09D8-452B-8C9E-0CCFD3AC23CC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C0452960-C86D-4E17-A4F2-412D434B17A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2A6C8E8-CBA5-4FEE-8EAE-3F02C2FA7DFC} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-Philipp => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {C54C67A6-31CD-4CAF-B469-5A4CDB30FB74} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7B77295-13FA-4AB0-886C-6BFE514C19AD} - System32\Tasks\SimpleFiles Update Service => C:\Program Files\SimpleFilesUpdater\SimpleFilesUpdater.exe
Task: {CCF36A05-4AFF-4EE4-B152-6FC17F27CC9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {D9D5B052-D43E-43D7-8C0E-FCA5B7FB0CCA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E5B1FE5D-677E-4DA8-8187-BC30EA11946A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE1F2C4B-AEEA-4420-B911-F1B381A55DCD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-29 14:44 - 2015-07-29 14:44 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 13:40 - 2015-08-11 10:53 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 18:30 - 2015-09-17 08:27 - 01766952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:30 - 2015-09-17 08:27 - 01766952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-08-30 10:01 - 2013-08-30 10:01 - 02601840 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll
2012-05-19 12:23 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2015-07-30 20:51 - 2015-07-30 20:51 - 00170496 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\13711a764aa1f017ffa9f306e149169e\IsdiInterop.ni.dll
2010-08-30 20:04 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2015-07-10 10:24 - 2015-07-10 10:24 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 18:30 - 2015-09-17 07:28 - 04317696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 18:29 - 2015-09-17 07:25 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00642048 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-10-01 18:29 - 2015-09-17 07:25 - 01183232 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 18:30 - 2015-09-17 07:26 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-01 18:29 - 2015-09-17 07:26 - 00707072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-09-26 15:20 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-26 15:20 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\Temp:258D2F8B
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:3B812EE0
AlternateDataStreams: C:\ProgramData\Temp:98CF1A39
AlternateDataStreams: C:\ProgramData\Temp:A7D26093
AlternateDataStreams: C:\ProgramData\Temp:F4CA4D70
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Downloads\sasuke-uchiha.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files\ExKode\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PRIME Gaming Mouse => "C:\Program Files\SPEEDLINK Gaming Mouse\Gaming Mouse.exe" /hide
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spiele Post => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
HKLM\...\StartupApproved\Run: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run: => "Ocs_SM"
HKLM\...\StartupApproved\Run: => "Windows10FirewallControl"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "Spiele Post"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{42689E27-F427-4ED4-AFE2-AF8606675B76}C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe] => (Allow) C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe
FirewallRules: [TCP Query User{711044CF-97B9-4359-84E8-4A232A7CFD7B}C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe] => (Allow) C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe
FirewallRules: [{5400D9D5-3090-43E4-B93A-E31C484B5CB3}] => (Allow) C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [UDP Query User{C88BB359-7CE2-4410-91DC-803021B7F139}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{44C3DEB4-B2AD-4A12-AADC-9097EA0E5260}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{756C8AC2-BFF2-4D69-A061-ABFADE855005}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{69C70296-ACA5-42E6-B842-1793DB7CC383}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{74FEAC59-30A1-45AF-98FD-EBF9E2ADF970}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{6C8FD3F8-5769-4821-9EE4-27E79A7F706D}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [UDP Query User{0BB8C592-660F-491F-8EED-3169FB09C7C5}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{EAE93C0C-8D16-4BC5-95E9-A0632A941258}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3CB6298F-6175-41F5-9F23-5DD3A1A0FA94}] => (Allow) C:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{31F2CDA1-757D-449E-9A81-9B0C60A3631F}] => (Allow) C:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{C8D556FB-232D-4449-BEBE-43893161298D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1145C3AB-3958-442D-A8E4-F09E855DE8FD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CE4700E9-1066-4A35-8A2D-D82C37BDA8B0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{092BFFD0-5ABD-45DC-A6DC-21B56019C4AA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{8174A619-97D3-4139-AFD0-5C39AFCF9224}C:\program files\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files\speedlink gaming mouse\gaming mouse.exe
FirewallRules: [TCP Query User{A4789579-9415-418A-B591-F69866701A13}C:\program files\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files\speedlink gaming mouse\gaming mouse.exe
FirewallRules: [UDP Query User{A01E6294-7DE2-43D0-A7D2-594C1A08BDE0}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{708C0719-F688-4C53-9645-3684F706CC88}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{525F6525-E841-4EA4-A23B-9D54DD156FE3}] => (Allow) C:\Program Files\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{95CBE699-0DAB-4026-86E2-2C6DE5E046AA}] => (Allow) C:\Program Files\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{FD90EDE9-B026-4EE6-AAE6-896DCE8D91A7}] => (Allow) C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AECAD51C-6F50-4DDE-BBA8-33003E7BD64B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [UDP Query User{FF5BFADD-9272-4932-B635-BF421C0A274F}C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{AC9B6C99-0968-407D-8716-8C4ED7582B46}C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{4D4FA519-472C-4F49-8788-A17F2FB1F70E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4CE4E705-68C6-45A9-A464-C1AA7E63A277}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6DE5180C-FC36-43D6-A8CB-B7CF1627BC88}] => (Allow) C:\Program Files\Ubisoft\Ivory Tower\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{4A8F3F65-54C2-45BD-A34C-8FD00123BB60}] => (Allow) C:\Program Files\Ubisoft\Ivory Tower\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{F61EE33A-9F0A-4253-9039-2B8A570D1C4C}] => (Allow) C:\Users\User\AppData\Local\Temp\nsa80F6.tmp\CnetInstaller-75095296.exe
FirewallRules: [{EBA35DEB-C468-4944-9C90-EDE01A7BD8A4}] => (Allow) C:\Users\User\AppData\Local\Temp\nsa80F6.tmp\CnetInstaller-75095296.exe
FirewallRules: [{E5947700-8BC3-4DCF-8CD5-821F5B51E76E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{0686AE97-A6F8-4778-8D3A-0B0259072A86}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3EA4A022-4095-4E38-9E8F-20EE8A0E96F0}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D46C49AF-4759-46CD-8952-66627EFE0CA9}] => (Allow) C:\Program Files\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{F5CC3CF0-103C-4591-9770-FA0A4EDA18AF}] => (Allow) C:\Program Files\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [UDP Query User{437C0A07-88A2-4577-A34F-8CCC14654897}C:\program files\mta san andreas 1.4\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.4\server\mta server.exe
FirewallRules: [TCP Query User{6CC858C4-50DF-4505-BEEC-2449D022C5A5}C:\program files\mta san andreas 1.4\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.4\server\mta server.exe
FirewallRules: [{7BD304F6-B77E-44A1-AEC0-F3798F6625F3}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{1182AD4C-227F-4862-853D-7EB780765D2B}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{68E389F8-F388-4AB0-9208-45F2AEBC7961}C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe] => (Allow) C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe
FirewallRules: [TCP Query User{5524EE5A-1827-4479-BA49-CACD95750CF7}C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe] => (Allow) C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe
FirewallRules: [UDP Query User{70F8B244-2DD7-4A28-9132-DB65991C0C9D}C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe] => (Allow) C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe
FirewallRules: [TCP Query User{2C8C9B63-CD0B-42F2-B4EB-597ECED0AA83}C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe] => (Allow) C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe
FirewallRules: [{36696375-2164-48C1-AEC8-483A8215C2A6}] => (Allow) C:\Program Files\SimpleFiles\downloader.exe
FirewallRules: [{C8B4A7AE-07EF-43EB-927B-D297CCC28577}] => (Allow) C:\Program Files\SimpleFiles\downloader.exe
FirewallRules: [{BE451030-BE2B-487E-82BF-8FEFE3C00B3C}] => (Allow) C:\Program Files\SimpleFiles\SimpleFiles.exe
FirewallRules: [{3CB7AF29-3D2A-4747-A4A8-B7EA9C8AA35A}] => (Allow) C:\Program Files\SimpleFiles\SimpleFiles.exe
FirewallRules: [{5EC3D59B-ABD5-41A4-950D-B99AB02C48D9}] => (Allow) C:\Program Files\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{8B7540F2-C5CC-4E3F-940B-77F08F6A902E}] => (Allow) C:\Program Files\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{22E36250-FADC-4CF8-ADB7-71E3D3C0756B}] => (Block) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [{6EE25ADB-83D8-4944-9F01-951B2132574C}] => (Block) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [UDP Query User{354B9E68-0A26-4662-9556-AF1ECEB0449F}C:\program files\mta san andreas 1.3\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [TCP Query User{D55DECD9-47F2-4EF9-A1AB-DE64BA6051A8}C:\program files\mta san andreas 1.3\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [UDP Query User{48AE4AF0-72D3-4706-9D26-F0AC68BA2076}C:\users\user\downloads\desktop\sa\gta_sa.exe] => (Block) C:\users\user\downloads\desktop\sa\gta_sa.exe
FirewallRules: [TCP Query User{AB554167-3350-4745-9A72-B37B788FC829}C:\users\user\downloads\desktop\sa\gta_sa.exe] => (Block) C:\users\user\downloads\desktop\sa\gta_sa.exe
FirewallRules: [{27A01E99-0473-4D53-A977-3CDD25DD34C4}] => (Allow) C:\Program Files\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{15808D04-43BA-4C22-B855-DE57DBE3AA8D}] => (Allow) C:\Program Files\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{68695488-3C6C-40EF-A8FD-3699203A02BB}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Bin\Microvolts.exe
FirewallRules: [{0FFD959A-DB2D-4010-8902-641C0B52BC8F}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Bin\Microvolts.exe
FirewallRules: [{DF599311-4B40-467F-ACBB-A8ACCB4A2439}] => (Allow) C:\Program Files\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{F2615F03-C27F-47EC-98CC-39750843FF06}] => (Allow) C:\Program Files\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C12B01E2-B216-420D-B010-61F69C4C7F1B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{54AFAE2C-522C-404C-A7E9-D8A50CD824E1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{628F8006-0447-4F53-9B8E-C1230095FBAD}] => (Allow) C:\Program Files\Steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe
FirewallRules: [{72496693-4460-4758-8132-D04746D6BB3C}] => (Allow) C:\Program Files\Steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe
FirewallRules: [{3998233D-51FE-4C25-A1DE-7CD904D6C1F6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BAEABCED-9E2F-468A-8B9F-44EED819DBA6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{60EDEE2E-3352-4E92-8B5B-AC59935C0371}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Launcher.exe
FirewallRules: [{42215ED3-A233-4D8F-BAA7-EF69F0E76E59}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Launcher.exe
FirewallRules: [{BB21F2EC-7E75-471F-8908-0EDCE59BAADF}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [{B8A97513-AE03-4D3B-8B0C-25AD56433960}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [UDP Query User{03993AD6-C4ED-425B-82F6-119953CEA1A2}C:\program files\atari\tdu2\testdrive2.exe] => (Allow) C:\program files\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{C2E56BCC-BA54-43A9-AADB-BE12B4175C88}C:\program files\atari\tdu2\testdrive2.exe] => (Allow) C:\program files\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{2CAB46F3-C43D-4B62-A72F-BCDB0C1F8DDA}C:\program files\atari\tdu2\uplauncher.exe] => (Allow) C:\program files\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{6048F5A1-1046-4803-B782-495ABC3F2289}C:\program files\atari\tdu2\uplauncher.exe] => (Allow) C:\program files\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{854CF552-A8B7-4041-8D43-E530A92FCE94}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [TCP Query User{D5519F1D-CB9C-4E45-8FA6-DEEF27161CF0}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [{9BE63902-C7FF-4629-9F2C-D12721A3AA37}] => (Allow) C:\Program Files\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{19A0E7CA-9483-4F69-B42E-25BE4C49FD3E}] => (Allow) C:\Program Files\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [UDP Query User{219E2558-DC5E-4B08-B371-5904513D0FAA}C:\users\user\downloads\desktop\darkgunz\gunz.exe] => (Allow) C:\users\user\downloads\desktop\darkgunz\gunz.exe
FirewallRules: [TCP Query User{37DED193-3CEA-4C29-8901-A1BC49DB2875}C:\users\user\downloads\desktop\darkgunz\gunz.exe] => (Allow) C:\users\user\downloads\desktop\darkgunz\gunz.exe
FirewallRules: [UDP Query User{61C06FA3-7B01-4216-941F-1CD44A87577F}C:\program files\virtualdj\virtualdj_pro.exe] => (Block) C:\program files\virtualdj\virtualdj_pro.exe
FirewallRules: [TCP Query User{BA4028C2-DE0C-441D-80B4-7B2861AACA44}C:\program files\virtualdj\virtualdj_pro.exe] => (Block) C:\program files\virtualdj\virtualdj_pro.exe
FirewallRules: [{CB927443-30DE-4FE1-ABD6-BBC31DFCA980}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{DD07B4F2-B611-47A1-B9C0-6574DD5A8949}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{B3BAD9B2-E142-4B65-8485-B0FB622B618B}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{09391EB3-834B-4B60-A067-401EE4635161}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{FF76863F-D153-4F6E-96DF-52D889778CDE}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{5020F75F-602B-41A7-811F-7E83D33511CF}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{3C92E447-12A7-4968-B1C7-D70093181A7F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [UDP Query User{8882115E-0CE7-4238-A0D7-DA70184DEABE}C:\ace of spades\server.exe] => (Allow) C:\ace of spades\server.exe
FirewallRules: [TCP Query User{5D533ED5-822C-4EC4-8A0B-8F4361DACD6C}C:\ace of spades\server.exe] => (Allow) C:\ace of spades\server.exe
FirewallRules: [UDP Query User{515CC01F-96FE-4207-9BF7-26CA35F8C10F}C:\users\philipp\desktop\skype.exe] => (Allow) C:\users\philipp\desktop\skype.exe
FirewallRules: [TCP Query User{27B11B87-F7A5-4340-A989-CD17ABBD5780}C:\users\philipp\desktop\skype.exe] => (Allow) C:\users\philipp\desktop\skype.exe
FirewallRules: [UDP Query User{5AE74B59-5412-470C-B936-BC5176E1A2B5}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{C5BD7998-B46B-4F7C-9444-D01C6B2B36CE}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [{EFBD7B9A-AF27-4596-B962-605A1A807B78}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{719DD8C9-49DF-4696-AA99-10F5FC1525C0}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [UDP Query User{4E8E8B5A-A161-4180-99D8-245920306018}F:\retro conects\emu\3.8.1\phoenix.exe] => (Allow) F:\retro conects\emu\3.8.1\phoenix.exe
FirewallRules: [TCP Query User{7DA755EA-DB5C-4CA1-8B21-8FFF5F3DFC6D}F:\retro conects\emu\3.8.1\phoenix.exe] => (Allow) F:\retro conects\emu\3.8.1\phoenix.exe
FirewallRules: [{78BDBC6C-FA68-470F-8C59-E1A705E94772}] => (Allow) C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{26172B2C-49EC-4290-8233-5F502A5E8F9A}] => (Allow) C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [UDP Query User{FCD6DDE2-F95A-4C9B-B803-06F9102A28A4}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{A2C291FE-5472-47C1-A6C2-22B1919C5338}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{5AA0543C-316B-4F21-966B-84C99FA50CC0}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{885BD716-FC35-48B5-832C-EC88961BA15E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{E7E973C0-4228-4F5F-BD2C-F5712354DA46}] => (Allow) C:\Users\Philipp\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{FBB1A55D-4FEE-448D-94EF-47AA484C1078}] => (Allow) C:\Users\Philipp\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [UDP Query User{760D4AAB-10E3-4D11-AA41-5009BCBAB86A}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{9B1B28A0-C2DF-4551-A727-CDF8BEE2ECEA}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{C88C2F36-3F41-4F26-B5FE-9ACEC60B6D88}C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe
FirewallRules: [TCP Query User{A7E69A7E-18BE-401D-8260-D941DE649D9B}C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe
FirewallRules: [UDP Query User{EFB4C96A-9D0F-4238-9733-9E06E933209D}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{A60D8900-EDAA-4EE8-9B28-11DBAD8A6D60}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{BCABBB62-F67C-4B9A-880B-F9B74DC43DB9}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{0752F99D-E2BF-4E83-B722-2EEDE718C17F}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{5017EFE8-7869-49F1-9E25-8B2642F7D2D0}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{33C61532-C68D-49F3-9A21-EF2B22C6AC07}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{C013538C-9D1C-4141-9C95-70868081A59A}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{4E6AA875-E905-45AA-A711-6F0C3ABAED0A}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{299984B2-C8D5-42CD-9008-384C10A00B69}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{CB478090-2321-48B1-8F4B-8011A1991C90}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{46CC76CC-4E42-4F77-8DC8-FC8124702B3C}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{85D1F3C3-16E7-4931-B186-5A2AB23C8F39}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [UDP Query User{53DF6DE2-4C81-41C0-A9A7-EC1B2A7B459E}C:\program files\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe
FirewallRules: [TCP Query User{A7759118-3F7A-4D38-8A16-667762A18CA1}C:\program files\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe
FirewallRules: [UDP Query User{F62D7050-9DBA-4C4E-9759-EB9011CC98D5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{4764D584-6134-41B8-AEE8-A82FA412192D}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{3A20C30F-16FC-462C-80EC-9FCB8ADC4A02}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{4D61F701-A2BF-4938-BAE3-11552DFC97EB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{8358DF11-488F-4467-9A8E-28188AB7B994}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{4F8F98BD-627F-47E8-B15C-61CC3829D443}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{1DDFB383-BB26-4C63-8C87-B4F870C22F30}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F30CE0D4-CEB1-48FF-9D4A-600DF23C27EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F729D051-3879-48DD-98C4-4892839A2444}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{84323AA2-4332-4B50-9A32-4F6CEAFD61B3}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B6FAAD0D-533A-41A4-97D2-78AA90725162}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{87E6175E-D3C6-498C-BE20-BBFA3737CD32}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
FirewallRules: [{1B0BEDD0-5AB4-47ED-A442-1AEF1E806015}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
FirewallRules: [TCP Query User{F44513D8-BE35-4EE0-B2F8-82A22BA544A6}C:\program files\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.5\server\mta server.exe
FirewallRules: [UDP Query User{6BD19584-0F32-4A5C-AAE9-8C49A9FF36A6}C:\program files\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{F6E2C86F-D024-469A-B096-FCCF2CA1895B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{720E313D-467E-45AD-ABE3-3F86B563D121}] => (Allow) C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{43420097-400A-47AB-9A62-8FF9EEFE1B66}C:\users\user\appdata\roaming\ygopro devpro\devpro.dll] => (Allow) C:\users\user\appdata\roaming\ygopro devpro\devpro.dll
FirewallRules: [UDP Query User{A4501A90-1DDE-44E6-9634-3F891598A2E8}C:\users\user\appdata\roaming\ygopro devpro\devpro.dll] => (Allow) C:\users\user\appdata\roaming\ygopro devpro\devpro.dll
FirewallRules: [TCP Query User{661BCD85-D778-4E2C-B4C4-FE3812A7004A}C:\program files\teamspeak 3 client\ts3client_win32.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win32.exe
FirewallRules: [UDP Query User{8CB2FE79-D27E-4B7C-890F-B8A31B560073}C:\program files\teamspeak 3 client\ts3client_win32.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win32.exe
FirewallRules: [{B821FFD6-F705-446F-81D1-F1B9518199C5}] => (Allow) C:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0DEDE563-F747-40A7-AC59-9ACE8F4F8F47}] => (Allow) C:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{99D34D43-39FC-4CDC-8BB2-016F429C5C07}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/11/2015 11:36:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 498
Startzeit: 01d10407eb41c9f5
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Berichts-ID: 8a2b0abe-6ffb-11e5-93db-6c626d887930
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI
Error: (10/11/2015 11:36:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: USER-PC)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (10/11/2015 11:35:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x54dca1de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1510
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (10/11/2015 11:35:05 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei ATI.ACE.ADL.ADL+ADLImport.ADL2_Graphics_MantleVersion_Get(IntPtr, ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.ADL.ADL.Synchronized_ADL2_Mantle_Versions_Get(ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.GetMantleDetails()
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.Initialize()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Initialize(ATI.ACE.CLI.Foundation.XCastesBase)
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/11/2015 11:34:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x54dca1de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1df0
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (10/11/2015 11:34:46 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei ATI.ACE.ADL.ADL+ADLImport.ADL2_Graphics_MantleVersion_Get(IntPtr, ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.ADL.ADL.Synchronized_ADL2_Mantle_Versions_Get(ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.GetMantleDetails()
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.Initialize()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Initialize(ATI.ACE.CLI.Foundation.XCastesBase)
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/11/2015 11:34:10 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (10/11/2015 09:53:04 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (10/11/2015 09:52:56 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1756924282-4294452273-3083732856-1007.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {794b8576-611d-4445-a9d5-b40eedad49c1}
Error: (10/11/2015 09:52:56 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1756924282-4294452273-3083732856-1007.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {794b8576-611d-4445-a9d5-b40eedad49c1}
Systemfehler:
=============
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SeaPort" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Protexis Licensing V2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Internet Pass-Through Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost 5 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Firebird Server - DefaultInstance" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Message Queuing" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MSCamSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/11/2015 11:37:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 3063.11 MB
Verfügbarer physikalischer RAM: 1558.14 MB
Summe virtueller Speicher: 7657.11 MB
Verfügbarer virtueller Speicher: 5732.04 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:1356.16 GB) (Free:851.55 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:21.06 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: C62503B8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende vom Addition.txt ============================
Geändert von Strikerx44 (11.10.2015 um 10:43 Uhr) |
|
11.10.2015, 17:46
| #7 |
| | CCC.exe Ungültiges Bild FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:10-10-2015
durchgeführt von User (Administrator) auf USER-PC (11-10-2015 11:40:26)
Gestartet von C:\Users\User\Downloads\Desktop
Geladene Profile: User (Verfügbare Profile: User & Philipp & DefaultAppPool)
Platform: Microsoft Windows 10 Home (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Windows10FirewallControl] => C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe [1153592 2015-06-03] (Sphinx Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-06] (LogMeIn Inc.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [Spiele Post] => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [49152 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\\Overwolf.exe [43760 2015-09-29] (Overwolf LTD)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\MountPoints2: {e89a29d7-3b63-11e5-93d0-6c626d887930} - "F:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\..\Interfaces\{732048a9-7e8d-428f-9af3-d5be1f66bc7a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9a295cd5-a244-421c-a8ef-9e3a343737cb}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095}
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default
FF DefaultSearchEngine,S:
FF SearchEngineOrder.1,S:
FF SelectedSearchEngine: Search
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2010-08-18] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2010-08-30] (Oracle)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-09-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1756924282-4294452273-3083732856-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\User\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [2012-03-19] ()
FF Plugin HKU\S-1-5-21-1756924282-4294452273-3083732856-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF Extension: Kein Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-08-05]
FF Extension: Kein Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2014-12-06]
FF Extension: WallPepper ВКонтакте - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\Extensions\wp_loader@wall-pepper.ru [2014-12-09]
FF Extension: Helper - C:\Users\Philipp\AppData\Roaming\Helper [2014-12-06]
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-05-17]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-20]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-21]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-25]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-20]
CHR Extension: (Avira Browserschutz) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-01]
CHR Extension: (Superpricer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\koeojioiofmpegljihjleakgpmnolcbc [2015-10-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-20]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-03]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-03]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-03]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-03]
CHR Extension: (PriceSparrow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kljkanaekoongefljnjbghkgjjocmikm [2015-05-03]
CHR Extension: (Superpricer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\koeojioiofmpegljihjleakgpmnolcbc [2015-10-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-03]
CHR Extension: (WallPepper ВКонтакте) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pepjgkdpkihjnbdaggonbpphlfkbhdli [2015-08-23]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-03]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1148688 2015-09-27] (Avira Operations GmbH & Co. KG)
S2 Apache2.2; c:\xampp\apache\bin\httpd.exe [18432 2011-09-10] (Apache Software Foundation) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [237864 2015-02-18] (EasyAntiCheat Ltd)
S2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [Datei ist nicht signiert]
S3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [Datei ist nicht signiert]
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1883496 2015-08-06] (LogMeIn Inc.)
S2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-08-06] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1006320 2015-09-29] (Overwolf LTD)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-05-20] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
S2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [2153016 2015-06-03] (Sphinx Software)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105352 2015-09-27] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-06-02] (AVG Technologies)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [138800 2015-07-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [37896 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [55912 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-08] (BlueStack Systems)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2015-08-15] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2015-08-15] (Windows (R) Win 7 DDK provider)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [71952 2015-10-10] (Multi Theft Auto)
R3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [38512 2015-08-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [492032 2015-07-10] (Realtek )
R3 SCREAMINGBDRIVER; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-16] (Avira Operations GmbH & Co. KG)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [65256 2015-07-30] (Wellbia.com)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-11 11:39 - 2015-10-11 11:39 - 00001742 _____ C:\Users\User\Desktop\JRT.txt
2015-10-11 11:37 - 2015-10-05 23:23 - 01801288 _____ (Malwarebytes) C:\Users\User\Desktop\JRT.exe
2015-10-11 11:36 - 2015-10-11 11:36 - 01798976 _____ (Malwarebytes) C:\Users\User\Downloads\JRT.exe
2015-10-11 11:33 - 2015-10-11 11:33 - 00016148 _____ C:\WINDOWS\system32\USER-PC_User_HistoryPrediction.bin
2015-10-11 11:20 - 2015-10-11 11:20 - 01682432 _____ C:\Users\User\Downloads\AdwCleaner_5.013.exe
2015-10-11 09:41 - 2015-10-11 09:41 - 00000000 ____D C:\Program Files\VS Revo Group
2015-10-11 09:40 - 2015-10-11 09:40 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95.exe
2015-10-11 09:04 - 2015-10-11 09:04 - 00016148 _____ C:\WINDOWS\system32\USER-PC_David_HistoryPrediction.bin
2015-10-10 19:59 - 2015-10-10 19:59 - 01699328 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2015-10-10 18:36 - 2015-10-10 18:36 - 00001137 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-10 17:01 - 2015-10-10 17:02 - 10163295 _____ C:\Users\User\Downloads\164409-toyota-gt86-lowstance-gtasa.zip
2015-10-10 11:55 - 2015-10-10 11:55 - 00000000 ____D C:\Users\User\AppData\Local\AMD
2015-10-10 11:54 - 2015-10-10 11:54 - 02485168 _____ C:\Users\User\Downloads\1386791645_Lamborghini REVENTON 2009 v2 Ktbffh.rar
2015-10-09 18:53 - 2015-10-09 18:55 - 30547042 _____ C:\Users\User\Downloads\1423150725_2014 Mercedes Benz C250 AMG Edition V1.0.zip
2015-10-09 18:47 - 2015-10-09 18:47 - 05498413 _____ C:\Users\User\Downloads\1409781721_Mercedes-Benz E63 AMG.rar
2015-10-08 20:38 - 2015-10-08 20:39 - 19734087 _____ C:\Users\User\Downloads\168532-lamborghini-aventador-lb-performance-gtasa.zip
2015-10-08 20:34 - 2015-10-08 20:36 - 10565423 _____ C:\Users\User\Downloads\166158-mercedes-benz-c250-2014-gtasa.zip
2015-10-08 16:18 - 2015-10-08 16:18 - 39721456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atioglxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumdva.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumdag.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 03471376 _____ C:\WINDOWS\system32\atiumdva.cap
2015-10-08 16:18 - 2015-10-08 16:18 - 01004032 _____ C:\WINDOWS\system32\amdocl_as32.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00807424 _____ C:\WINDOWS\system32\amdocl_ld32.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-10-08 16:18 - 2015-10-08 16:18 - 00553456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00390304 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00303600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00203776 _____ C:\WINDOWS\system32\clinfo.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00198640 _____ C:\WINDOWS\system32\amdgfxinfo32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00173040 _____ (AMD) C:\WINDOWS\system32\atitmmxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00152560 _____ C:\WINDOWS\system32\atieah32.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atigktxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00132080 _____ C:\WINDOWS\system32\amdhdl32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9pag.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00068080 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00064298 _____ C:\WINDOWS\system32\mantle32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00056270 _____ C:\WINDOWS\system32\hsa-thunk.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00053744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00052715 _____ C:\WINDOWS\system32\mantleaxl32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00037872 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00001456 _____ C:\WINDOWS\system32\detoured.dll
2015-10-07 21:12 - 2015-10-07 21:13 - 09723744 _____ C:\Users\User\Downloads\55883-mercedes-benz-cls-63-amg.zip
2015-10-07 18:34 - 2015-10-07 20:33 - 01379073 _____ C:\Users\User\Downloads\bewerbung.psd
2015-10-05 21:06 - 2015-10-05 21:06 - 00115498 _____ C:\Users\User\Downloads\sannnnsssnnsn.psd
2015-10-03 20:03 - 2015-10-03 20:04 - 04511170 _____ C:\Users\User\Downloads\Major Tom (Völlig Losgelöst)
2015-10-03 20:01 - 2015-10-03 20:01 - 04291741 _____ C:\Users\User\Downloads\Linkin Park - New Divide (Official Video)
2015-10-03 19:57 - 2015-10-03 19:57 - 03458749 _____ C:\Users\User\Downloads\JBB 2014 [8tel-Finale 4-8 HR] - Aytee vs. Diverse (prod. by Epipto)
2015-10-01 21:07 - 2015-10-01 21:07 - 00095391 _____ C:\Users\User\Downloads\Gangwar-Script.rar
2015-10-01 18:30 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 18:30 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 18:30 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:30 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 18:30 - 2015-09-17 08:26 - 01856848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 18:30 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 18:30 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 18:30 - 2015-09-17 07:47 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 18:30 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 18:30 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 18:30 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 18:30 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 18:30 - 2015-09-17 07:39 - 01829376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 18:30 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 03026432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 18:30 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 18:30 - 2015-09-17 07:32 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 18:30 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 18:30 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 18:29 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 18:29 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 18:29 - 2015-09-25 01:18 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 18:29 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 18:29 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 18:29 - 2015-09-25 00:42 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 18:29 - 2015-09-25 00:37 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 18:29 - 2015-09-25 00:30 - 02985472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 18:29 - 2015-09-25 00:29 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 18:29 - 2015-09-25 00:28 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 18:29 - 2015-09-25 00:28 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 18:29 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 18:29 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 18:29 - 2015-09-25 00:11 - 01499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 18:29 - 2015-09-19 05:50 - 00083160 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 06265168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 18:29 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 01343952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 00680144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 18:29 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 18:29 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 00083792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 18:29 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 18:29 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 01708376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00436064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00414560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 18:29 - 2015-09-17 08:26 - 00335696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00228192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 18:29 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 18:29 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 18:29 - 2015-09-17 08:15 - 00070744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 18:29 - 2015-09-17 08:13 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 18:29 - 2015-09-17 08:13 - 00918880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 18:29 - 2015-09-17 07:51 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 18:29 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 18:29 - 2015-09-17 07:51 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 18:29 - 2015-09-17 07:51 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 18:29 - 2015-09-17 07:49 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 18:29 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 18:29 - 2015-09-17 07:49 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 18:29 - 2015-09-17 07:48 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 18:29 - 2015-09-17 07:48 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 18:29 - 2015-09-17 07:48 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 18:29 - 2015-09-17 07:47 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 18:29 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 18:29 - 2015-09-17 07:46 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 18:29 - 2015-09-17 07:46 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 18:29 - 2015-09-17 07:45 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 18:29 - 2015-09-17 07:45 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 18:29 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 18:29 - 2015-09-17 07:43 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 18:29 - 2015-09-17 07:42 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 18:29 - 2015-09-17 07:41 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 18:29 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 18:29 - 2015-09-17 07:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 18:29 - 2015-09-17 07:39 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 18:29 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 06529024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 18:29 - 2015-09-17 07:35 - 01762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 18:29 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 18:29 - 2015-09-17 07:35 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 18:29 - 2015-09-17 07:34 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 18:29 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 18:29 - 2015-09-17 07:33 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 18:29 - 2015-09-17 07:33 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00989696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 18:29 - 2015-09-17 07:31 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 18:29 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 18:29 - 2015-09-17 07:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 18:29 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 18:29 - 2015-09-17 07:28 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 18:29 - 2015-09-17 07:28 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 18:29 - 2015-09-17 07:27 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 18:29 - 2015-09-17 07:27 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 18:29 - 2015-09-17 07:27 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 18:29 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 18:29 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 20:41 - 2015-09-30 20:41 - 00280310 _____ C:\Users\User\Downloads\Aufnahme.rar
2015-09-24 17:59 - 2015-09-24 17:59 - 00018514 _____ C:\Users\User\ESt2014_Horst_David_und_Horst_Lilia2.elfo
2015-09-24 16:55 - 2015-09-24 17:07 - 00099090 _____ C:\Users\User\ESt2014_Horst_David_und_Horst_Lilia.elfo
2015-09-24 15:01 - 2015-09-24 15:14 - 00000000 ____D C:\Users\User\AppData\Local\elfopatch
2015-09-23 17:34 - 2015-09-23 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2015-09-23 17:33 - 2015-09-23 17:34 - 00000000 ____D C:\Program Files\MTA San Andreas 1.4
2015-09-20 17:05 - 2015-09-20 17:05 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-20 17:05 - 2015-09-20 17:05 - 00000000 ____D C:\Program Files\AGEIA Technologies
2015-09-19 20:14 - 2015-09-19 20:37 - 47037373 _____ C:\Users\User\Downloads\Ephiikz Effects Pack.rar
2015-09-19 19:04 - 2015-09-19 19:04 - 00215650 _____ C:\Users\User\Downloads\Angelsofdeath.psd
2015-09-16 15:17 - 2015-09-16 15:17 - 00175760 _____ C:\Users\User\Downloads\linkinpark_chase (1).zip
2015-09-16 15:11 - 2015-09-16 15:11 - 00175760 _____ C:\Users\User\Downloads\linkinpark_chase.zip
2015-09-14 15:17 - 2015-09-14 15:17 - 05335603 _____ C:\Users\User\Downloads\12445-uaz-3909-gtasa (3).zip
2015-09-12 21:08 - 2015-10-10 19:54 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn Hamachi
2015-09-12 21:08 - 2015-09-12 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-09-12 21:08 - 2015-09-12 21:08 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2015-09-12 21:05 - 2015-09-12 21:08 - 08716288 _____ C:\Users\User\Downloads\hamachi.msi
2015-09-12 20:49 - 2015-09-12 21:02 - 01162528 _____ C:\Users\User\Downloads\LogMeIn Hamachi - CHIP-Installer.exe
2015-09-11 21:44 - 2015-09-11 21:46 - 24219648 _____ C:\Users\User\Downloads\RuneScape.msi
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-11 11:41 - 2012-05-11 16:25 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-11 11:40 - 2013-12-01 21:55 - 00000000 ____D C:\FRST
2015-10-11 11:33 - 2015-05-12 19:36 - 00000000 ____D C:\Users\User\AppData\Local\HTC MediaHub
2015-10-11 11:33 - 2014-01-30 20:56 - 00001118 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-11 11:31 - 2015-07-29 13:50 - 00059250 _____ C:\WINDOWS\PFRO.log
2015-10-11 11:31 - 2015-07-10 11:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-11 11:31 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-11 11:31 - 2015-07-10 08:59 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-11 11:28 - 2014-06-20 22:32 - 00000000 ____D C:\AdwCleaner
2015-10-11 11:17 - 2014-01-30 20:56 - 00001122 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-11 10:58 - 2014-03-28 19:29 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-11 10:03 - 2014-06-21 16:52 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-11 09:58 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-10 21:24 - 2014-05-13 15:00 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2015-10-10 20:38 - 2012-12-29 16:34 - 00000000 ____D C:\Program Files\Steam
2015-10-10 20:16 - 2012-12-29 16:34 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-10-10 19:58 - 2015-07-29 13:56 - 02030034 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-10 19:52 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Registration
2015-10-10 18:36 - 2014-06-21 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-10 18:36 - 2014-06-21 16:51 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-10-09 22:14 - 2013-11-20 19:11 - 00000000 ____D C:\Program Files\Overwolf
2015-10-09 22:14 - 2012-05-16 19:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-10-09 17:23 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-10-08 18:12 - 2015-02-20 10:05 - 00000000 ____D C:\Users\User\AppData\Local\Steam
2015-10-08 16:32 - 2015-07-29 13:58 - 00000000 ____D C:\Users\Philipp
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-08 16:22 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-08 16:19 - 2015-04-13 19:58 - 00000000 ____D C:\AMD
2015-10-08 16:18 - 2015-07-16 02:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx32.dll
2015-10-08 16:18 - 2015-07-16 02:11 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx32.dll
2015-10-08 16:18 - 2015-07-16 02:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxpag.dll
2015-10-08 16:18 - 2015-07-16 02:04 - 19525104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-10-08 16:18 - 2015-07-16 01:17 - 00223216 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-10-08 16:18 - 2015-07-16 01:13 - 00542192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-10-08 16:18 - 2015-07-16 01:12 - 00670208 _____ C:\WINDOWS\system32\coinst_15.20.dll
2015-10-08 16:14 - 2014-06-01 14:28 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2015-10-07 21:15 - 2015-03-09 21:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\www.gtavicecity.ru
2015-10-02 10:18 - 2015-08-23 16:29 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2015-09-30 20:43 - 2014-10-24 22:41 - 00000000 ____D C:\Users\User\AppData\Roaming\LolClient
2015-09-27 16:59 - 2014-06-21 12:07 - 00105352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-27 16:59 - 2014-06-21 12:07 - 00055912 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-26 10:41 - 2015-07-29 13:54 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-26 10:41 - 2015-07-06 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-26 10:39 - 2015-08-25 18:10 - 00000000 ____D C:\Users\David\AppData\Local\HTC MediaHub
2015-09-25 21:47 - 2015-07-10 11:53 - 04472496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-25 21:44 - 2015-07-10 15:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-24 18:20 - 2012-09-05 18:05 - 00000000 ____D C:\Users\User\AppData\Local\Paint.NET
2015-09-24 18:17 - 2012-11-20 19:18 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-09-24 15:15 - 2014-09-12 12:29 - 00000000 ____D C:\Program Files\ElsterFormular
2015-09-24 15:15 - 2012-08-16 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-09-24 12:26 - 2015-08-23 16:27 - 00000000 ____D C:\Users\David\AppData\Local\Google
2015-09-20 17:05 - 2012-12-23 12:31 - 00000000 ____D C:\Users\User\.swt\Documents\My Games
2015-09-20 12:20 - 2015-08-23 16:31 - 00002399 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-20 12:20 - 2015-08-23 16:31 - 00000000 ___RD C:\Users\David\OneDrive
2015-09-15 18:12 - 2015-07-10 10:29 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 10:29 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-09-14 14:33 - 2012-05-11 09:56 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-09-12 16:18 - 2015-08-10 18:26 - 00000000 ____D C:\Users\User\AppData\Roaming\YGOPro DevPro
2015-09-11 22:10 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\LiveKernelReports
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-02-26 08:34 - 2013-02-26 08:34 - 2547384 _____ (Beepa P/L) C:\Program Files\fraps.exe
2013-02-26 08:34 - 2013-02-26 08:34 - 0234168 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2013-12-24 16:06 - 2013-12-24 16:16 - 1073741824 _____ () C:\Program Files\MicroVolts_1.0.3.70_GER.exe
2014-04-20 18:12 - 2014-06-02 10:58 - 0003750 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2015-06-04 20:34 - 2015-06-04 20:34 - 0143445 _____ () C:\Program Files\YouTube-Unblocker-056.zip
2014-09-11 14:44 - 2014-09-11 15:02 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2013-11-19 17:05 - 2015-10-07 21:08 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-09-20 15:22 - 2014-08-03 12:27 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-05-20 14:13 - 2013-05-20 14:13 - 0138056 _____ () C:\Users\User\AppData\Roaming\PnkBstrK.sys
2013-12-19 11:44 - 2014-01-23 09:44 - 0000111 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2014-09-11 15:05 - 2015-04-21 15:17 - 0001456 _____ () C:\Users\User\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2012-05-24 18:07 - 2012-11-17 16:08 - 0007168 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-24 14:57 - 2013-10-24 18:22 - 0007597 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2013-05-08 19:07 - 2014-06-17 19:11 - 0003899 _____ () C:\ProgramData\dorrcrane_save.log
2015-07-29 13:53 - 2015-07-29 13:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-06-01 21:05 - 2014-06-15 19:14 - 0003400 _____ () C:\ProgramData\dscrane_save.log
2013-02-20 17:09 - 2013-02-20 17:09 - 0004928 _____ () C:\ProgramData\qiwmnyln.lsb
Einige Dateien in TEMP:
====================
C:\Users\David\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\09b612d1dd5ef4708fb92a12636bb249.dll
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\comFE9A.exe
C:\Users\User\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll
C:\Users\User\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\User\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe
C:\Users\User\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 16:15
==================== Ende vom FRST.txt ============================
|
|
12.10.2015, 17:16
| #8 |
| /// the machine /// TB-Ausbilder | CCC.exe Ungültiges Bild AdwCleaner nochmal, diesmal auch bitte auf Löschen klicken. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.10.2015, 18:43
| #9 |
| | CCC.exe Ungültiges Bild Adwcleaner Code:
ATTFilter # AdwCleaner v5.013 - Bericht erstellt am 11/10/2015 um 11:28:09
# Aktualisiert am 09/10/2015 von Xplode
# Datenbank : 2015-10-04.3 [Lokal]
# Betriebssystem : Windows 10 Home (x86)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Downloads\AdwCleaner_5.013.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\AstralaxWrapper
[-] Ordner Gelöscht : C:\ProgramData\36efa2f8444e4226
[-] Ordner Gelöscht : C:\Users\Public\Documents\iWin
[-] Ordner Gelöscht : C:\Users\Public\Documents\MyPlayCity
[-] Ordner Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl
[-] Ordner Gelöscht : C:\Users\User\AppData\Roaming\DesktopIconForAmazon
[-] Ordner Gelöscht : C:\Users\User\AppData\Roaming\OCS
[-] Ordner Gelöscht : C:\Users\User\Downloads\Desktop\Browser
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\User\AppData\Local\Temp\Utils.dll
[-] Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\Extensions\extension@pricesparrow.com.xpi
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : Express FilesUpdate
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OCS_Sm
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Ocs_SM]
[-] Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3F2DC1E7-A56F-49D8-B0CF-DB2300594497}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3F2DC1E7-A56F-49D8-B0CF-DB2300594497}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AVG Nation toolbar
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AVG Secure Search
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Avg Secure Update
[-] Schlüssel Gelöscht : HKCU\Software\Ciuvo
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\RegistryDrLanguage
[-] Schlüssel Gelöscht : HKCU\Software\Avg Secure Update
[-] Schlüssel Gelöscht : HKCU\Software\SetMyHomePage
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1C542DF7-3396-4D42-B172-0BB3112B443A}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5F479614-7D29-4B6F-9A25-655F51040A54}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{739E9E60-0D96-CF0A-F381-313EA71EEAB9}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A604491-5B94-4FB6-B577-D6496603425B}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9F83E414-E084-43BB-9B34-58CA5E2599F3}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DE8CDA62-F792-46BD-96A0-8E0B11F3672A}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FAFEC997-12BC-4538-8ACF-E518208DF1DB}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1C542DF7-3396-4D42-B172-0BB3112B443A}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5F479614-7D29-4B6F-9A25-655F51040A54}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{739E9E60-0D96-CF0A-F381-313EA71EEAB9}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8A604491-5B94-4FB6-B577-D6496603425B}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9F83E414-E084-43BB-9B34-58CA5E2599F3}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DE8CDA62-F792-46BD-96A0-8E0B11F3672A}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FAFEC997-12BC-4538-8ACF-E518208DF1DB}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{1C542DF7-3396-4D42-B172-0BB3112B443A}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{5F479614-7D29-4B6F-9A25-655F51040A54}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{739E9E60-0D96-CF0A-F381-313EA71EEAB9}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{8A604491-5B94-4FB6-B577-D6496603425B}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{9F83E414-E084-43BB-9B34-58CA5E2599F3}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{DE8CDA62-F792-46BD-96A0-8E0B11F3672A}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{FAFEC997-12BC-4538-8ACF-E518208DF1DB}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1756924282-4294452273-3083732856-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
***** [ Internetbrowser ] *****
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\prefs.js] [Preference] Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\prefs.js] [Preference] Gelöscht : user_pref("keyword.URL", "hxxp://start.myplaycity.com/results.php?category=web&s=");
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mpcstart
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxp://start.myplaycity.com/
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flolnhkojafikhpkpidiphabnpgedplh
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : iibmmjhgclhlahmjniokmhleigemjpbh
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : kljkanaekoongefljnjbghkgjjocmikm
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : npnkeeiehehhefofiekoflfedgehcdhl
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://start.myplaycity.com/
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [12149 Bytes] ##########
SecurityCheck Code:
ATTFilter Results of screen317's Security Check version 1.009
x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 21
Java version 32-bit out of Date!
Adobe Flash Player 18.0.0.209 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (39.0)
Google Chrome (45.0.2454.101)
Google Chrome (45.0.2454.99)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:11-10-2015 02
durchgeführt von User (Administrator) auf USER-PC (12-10-2015 19:51:21)
Gestartet von C:\Users\User\Downloads\Desktop
Geladene Profile: User (Verfügbare Profile: User & Philipp & David & DefaultAppPool)
Platform: Microsoft Windows 10 Home (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
() C:\Users\User\Downloads\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Windows10FirewallControl] => C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe [1153592 2015-06-03] (Sphinx Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-06] (LogMeIn Inc.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [Spiele Post] => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe [483400 2013-12-06] (Intenium)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [49152 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Run: [Overwolf] => C:\Program Files\Overwolf\\Overwolf.exe [43760 2015-09-29] (Overwolf LTD)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\MountPoints2: {e89a29d7-3b63-11e5-93d0-6c626d887930} - "F:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll [2013-08-30] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{732048a9-7e8d-428f-9af3-d5be1f66bc7a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9a295cd5-a244-421c-a8ef-9e3a343737cb}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095}
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default
FF DefaultSearchEngine,S:
FF SearchEngineOrder.1,S:
FF SelectedSearchEngine: Search
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2010-08-18] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2010-08-30] (Oracle)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-09-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1756924282-4294452273-3083732856-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\User\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [2012-03-19] ()
FF Plugin HKU\S-1-5-21-1756924282-4294452273-3083732856-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF Extension: Kein Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2012-08-05]
FF Extension: Kein Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2014-12-06]
FF Extension: WallPepper ВКонтакте - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rx4x1k3.default\Extensions\wp_loader@wall-pepper.ru [2014-12-09]
FF Extension: Helper - C:\Users\Philipp\AppData\Roaming\Helper [2014-12-06]
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-05-17]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-20]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-21]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-25]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-20]
CHR Extension: (Avira Browserschutz) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-20]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-03]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-03]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-03]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-03]
CHR Extension: (PriceSparrow) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kljkanaekoongefljnjbghkgjjocmikm [2015-05-03]
CHR Extension: (Superpricer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\koeojioiofmpegljihjleakgpmnolcbc [2015-10-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-03]
CHR Extension: (WallPepper ВКонтакте) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pepjgkdpkihjnbdaggonbpphlfkbhdli [2015-08-23]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-03]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1148688 2015-09-27] (Avira Operations GmbH & Co. KG)
S2 Apache2.2; c:\xampp\apache\bin\httpd.exe [18432 2011-09-10] (Apache Software Foundation) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [237864 2015-02-18] (EasyAntiCheat Ltd)
S2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [Datei ist nicht signiert]
S3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [Datei ist nicht signiert]
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1883496 2015-08-06] (LogMeIn Inc.)
S2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-08-06] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1006320 2015-09-29] (Overwolf LTD)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-05-20] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
S2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [2153016 2015-06-03] (Sphinx Software)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105352 2015-09-27] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-06-02] (AVG Technologies)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [138800 2015-07-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [37896 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [55912 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-08] (BlueStack Systems)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2015-08-15] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2015-08-15] (Windows (R) Win 7 DDK provider)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [71952 2015-10-11] (Multi Theft Auto)
R3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [38512 2015-08-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [492032 2015-07-10] (Realtek )
R3 SCREAMINGBDRIVER; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-16] (Avira Operations GmbH & Co. KG)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [65256 2015-07-30] (Wellbia.com)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-12 19:48 - 2015-10-12 19:48 - 00852720 _____ C:\Users\User\Downloads\SecurityCheck.exe
2015-10-12 19:44 - 2015-10-12 19:46 - 02870984 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_deu.exe
2015-10-12 15:31 - 2015-10-12 15:31 - 00016148 _____ C:\WINDOWS\system32\USER-PC_User_HistoryPrediction.bin
2015-10-12 08:56 - 2015-10-12 08:56 - 00016148 _____ C:\WINDOWS\system32\USER-PC_David_HistoryPrediction.bin
2015-10-11 21:02 - 2015-10-11 21:02 - 02169813 _____ C:\Users\User\Downloads\BruteForce_0.9.1.zip
2015-10-11 21:01 - 2015-10-11 21:02 - 01457952 _____ C:\Users\User\Downloads\BruteForcer - CHIP-Installer.exe
2015-10-11 12:30 - 2015-10-11 12:30 - 01457952 _____ C:\Users\User\Downloads\amd-catalyst-15.7.1-win10-32bit - CHIP-Installer.exe
2015-10-11 12:29 - 2015-10-11 12:29 - 01457952 _____ C:\Users\User\Downloads\amd-catalyst-15.7.1-win10-64bit - CHIP-Installer.exe
2015-10-11 12:01 - 2015-10-11 12:02 - 10263229 _____ C:\Users\User\Downloads\168114-subaru-impreza-stance-works-gtasa.zip
2015-10-11 11:39 - 2015-10-11 11:39 - 00001742 _____ C:\Users\User\Desktop\JRT.txt
2015-10-11 11:37 - 2015-10-05 23:23 - 01801288 _____ (Malwarebytes) C:\Users\User\Desktop\JRT.exe
2015-10-11 11:36 - 2015-10-11 11:36 - 01798976 _____ (Malwarebytes) C:\Users\User\Downloads\JRT.exe
2015-10-11 11:20 - 2015-10-11 11:20 - 01682432 _____ C:\Users\User\Downloads\AdwCleaner_5.013.exe
2015-10-11 09:41 - 2015-10-11 09:41 - 00000000 ____D C:\Program Files\VS Revo Group
2015-10-11 09:40 - 2015-10-11 09:40 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\User\Downloads\revosetup95.exe
2015-10-10 19:59 - 2015-10-10 19:59 - 01699328 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2015-10-10 18:36 - 2015-10-10 18:36 - 00001137 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-10 17:01 - 2015-10-10 17:02 - 10163295 _____ C:\Users\User\Downloads\164409-toyota-gt86-lowstance-gtasa.zip
2015-10-10 11:55 - 2015-10-10 11:55 - 00000000 ____D C:\Users\User\AppData\Local\AMD
2015-10-10 11:54 - 2015-10-10 11:54 - 02485168 _____ C:\Users\User\Downloads\1386791645_Lamborghini REVENTON 2009 v2 Ktbffh.rar
2015-10-09 18:53 - 2015-10-09 18:55 - 30547042 _____ C:\Users\User\Downloads\1423150725_2014 Mercedes Benz C250 AMG Edition V1.0.zip
2015-10-09 18:47 - 2015-10-09 18:47 - 05498413 _____ C:\Users\User\Downloads\1409781721_Mercedes-Benz E63 AMG.rar
2015-10-08 20:38 - 2015-10-08 20:39 - 19734087 _____ C:\Users\User\Downloads\168532-lamborghini-aventador-lb-performance-gtasa.zip
2015-10-08 20:34 - 2015-10-08 20:36 - 10565423 _____ C:\Users\User\Downloads\166158-mercedes-benz-c250-2014-gtasa.zip
2015-10-08 16:18 - 2015-10-08 16:18 - 39721456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atioglxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumdva.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumdag.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 03471376 _____ C:\WINDOWS\system32\atiumdva.cap
2015-10-08 16:18 - 2015-10-08 16:18 - 01004032 _____ C:\WINDOWS\system32\amdocl_as32.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00807424 _____ C:\WINDOWS\system32\amdocl_ld32.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-10-08 16:18 - 2015-10-08 16:18 - 00553456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00390304 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00303600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00203776 _____ C:\WINDOWS\system32\clinfo.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00198640 _____ C:\WINDOWS\system32\amdgfxinfo32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00173040 _____ (AMD) C:\WINDOWS\system32\atitmmxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00152560 _____ C:\WINDOWS\system32\atieah32.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atigktxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00132080 _____ C:\WINDOWS\system32\amdhdl32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9pag.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2015-10-08 16:18 - 2015-10-08 16:18 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00068080 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00064298 _____ C:\WINDOWS\system32\mantle32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00056270 _____ C:\WINDOWS\system32\hsa-thunk.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00053744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-10-08 16:18 - 2015-10-08 16:18 - 00052715 _____ C:\WINDOWS\system32\mantleaxl32.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00037872 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-10-08 16:18 - 2015-10-08 16:18 - 00001456 _____ C:\WINDOWS\system32\detoured.dll
2015-10-07 21:12 - 2015-10-07 21:13 - 09723744 _____ C:\Users\User\Downloads\55883-mercedes-benz-cls-63-amg.zip
2015-10-07 18:34 - 2015-10-07 20:33 - 01379073 _____ C:\Users\User\Downloads\bewerbung.psd
2015-10-05 21:06 - 2015-10-05 21:06 - 00115498 _____ C:\Users\User\Downloads\sannnnsssnnsn.psd
2015-10-03 20:03 - 2015-10-03 20:04 - 04511170 _____ C:\Users\User\Downloads\Major Tom (Völlig Losgelöst)
2015-10-03 20:01 - 2015-10-03 20:01 - 04291741 _____ C:\Users\User\Downloads\Linkin Park - New Divide (Official Video)
2015-10-03 19:57 - 2015-10-03 19:57 - 03458749 _____ C:\Users\User\Downloads\JBB 2014 [8tel-Finale 4-8 HR] - Aytee vs. Diverse (prod. by Epipto)
2015-10-01 21:07 - 2015-10-01 21:07 - 00095391 _____ C:\Users\User\Downloads\Gangwar-Script.rar
2015-10-01 18:30 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 18:30 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 18:30 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:30 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 18:30 - 2015-09-17 08:26 - 01856848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 18:30 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 18:30 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 18:30 - 2015-09-17 07:47 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 18:30 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 18:30 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 18:30 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 18:30 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 18:30 - 2015-09-17 07:39 - 01829376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 18:30 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 03026432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 18:30 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 18:30 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 18:30 - 2015-09-17 07:32 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 18:30 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 18:30 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 18:29 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 18:29 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 18:29 - 2015-09-25 01:18 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 18:29 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 18:29 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 18:29 - 2015-09-25 00:42 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 18:29 - 2015-09-25 00:37 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 18:29 - 2015-09-25 00:30 - 02985472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 18:29 - 2015-09-25 00:29 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 18:29 - 2015-09-25 00:28 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 18:29 - 2015-09-25 00:28 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 18:29 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 18:29 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 18:29 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 18:29 - 2015-09-25 00:11 - 01499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 18:29 - 2015-09-19 05:50 - 00083160 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 06265168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 18:29 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 01343952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 00680144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 18:29 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 18:29 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-10-01 18:29 - 2015-09-17 08:28 - 00083792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 18:29 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 18:29 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 01708376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00436064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 18:29 - 2015-09-17 08:26 - 00414560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 18:29 - 2015-09-17 08:26 - 00335696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 18:29 - 2015-09-17 08:26 - 00228192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 18:29 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 18:29 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 18:29 - 2015-09-17 08:15 - 00070744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 18:29 - 2015-09-17 08:13 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 18:29 - 2015-09-17 08:13 - 00918880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 18:29 - 2015-09-17 07:51 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 18:29 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 18:29 - 2015-09-17 07:51 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 18:29 - 2015-09-17 07:51 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 18:29 - 2015-09-17 07:49 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 18:29 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 18:29 - 2015-09-17 07:49 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 18:29 - 2015-09-17 07:48 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 18:29 - 2015-09-17 07:48 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 18:29 - 2015-09-17 07:48 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 18:29 - 2015-09-17 07:47 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 18:29 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 18:29 - 2015-09-17 07:46 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 18:29 - 2015-09-17 07:46 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 18:29 - 2015-09-17 07:45 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 18:29 - 2015-09-17 07:45 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 18:29 - 2015-09-17 07:45 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 18:29 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 18:29 - 2015-09-17 07:43 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 18:29 - 2015-09-17 07:42 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 18:29 - 2015-09-17 07:41 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 18:29 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 18:29 - 2015-09-17 07:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 18:29 - 2015-09-17 07:40 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 18:29 - 2015-09-17 07:39 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 18:29 - 2015-09-17 07:39 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 18:29 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 06529024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 18:29 - 2015-09-17 07:36 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 18:29 - 2015-09-17 07:35 - 01762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 18:29 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 18:29 - 2015-09-17 07:35 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 18:29 - 2015-09-17 07:34 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 18:29 - 2015-09-17 07:34 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 18:29 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 18:29 - 2015-09-17 07:33 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 18:29 - 2015-09-17 07:33 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00989696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 18:29 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 18:29 - 2015-09-17 07:31 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 18:29 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 18:29 - 2015-09-17 07:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 18:29 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 18:29 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 18:29 - 2015-09-17 07:28 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 18:29 - 2015-09-17 07:28 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 18:29 - 2015-09-17 07:27 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 18:29 - 2015-09-17 07:27 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 18:29 - 2015-09-17 07:27 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 18:29 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 18:29 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 20:41 - 2015-09-30 20:41 - 00280310 _____ C:\Users\User\Downloads\Aufnahme.rar
2015-09-24 17:59 - 2015-09-24 17:59 - 00018514 _____ C:\Users\User\ESt2014_Horst_David_und_Horst_Lilia2.elfo
2015-09-24 16:55 - 2015-09-24 17:07 - 00099090 _____ C:\Users\User\ESt2014_Horst_David_und_Horst_Lilia.elfo
2015-09-24 15:01 - 2015-09-24 15:14 - 00000000 ____D C:\Users\User\AppData\Local\elfopatch
2015-09-23 17:34 - 2015-09-23 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2015-09-23 17:33 - 2015-09-23 17:34 - 00000000 ____D C:\Program Files\MTA San Andreas 1.4
2015-09-20 17:05 - 2015-09-20 17:05 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-20 17:05 - 2015-09-20 17:05 - 00000000 ____D C:\Program Files\AGEIA Technologies
2015-09-19 20:14 - 2015-09-19 20:37 - 47037373 _____ C:\Users\User\Downloads\Ephiikz Effects Pack.rar
2015-09-19 19:04 - 2015-09-19 19:04 - 00215650 _____ C:\Users\User\Downloads\Angelsofdeath.psd
2015-09-16 15:17 - 2015-09-16 15:17 - 00175760 _____ C:\Users\User\Downloads\linkinpark_chase (1).zip
2015-09-16 15:11 - 2015-09-16 15:11 - 00175760 _____ C:\Users\User\Downloads\linkinpark_chase.zip
2015-09-14 15:17 - 2015-09-14 15:17 - 05335603 _____ C:\Users\User\Downloads\12445-uaz-3909-gtasa (3).zip
2015-09-12 21:08 - 2015-10-10 19:54 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn Hamachi
2015-09-12 21:08 - 2015-09-12 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-09-12 21:08 - 2015-09-12 21:08 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2015-09-12 21:05 - 2015-09-12 21:08 - 08716288 _____ C:\Users\User\Downloads\hamachi.msi
2015-09-12 20:49 - 2015-09-12 21:02 - 01162528 _____ C:\Users\User\Downloads\LogMeIn Hamachi - CHIP-Installer.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-12 19:51 - 2013-12-01 21:55 - 00000000 ____D C:\FRST
2015-10-12 19:49 - 2014-05-13 15:00 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2015-10-12 19:47 - 2012-05-11 16:25 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-12 19:31 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-12 19:17 - 2014-01-30 20:56 - 00001122 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-12 18:58 - 2014-03-28 19:29 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-12 18:33 - 2012-12-29 16:34 - 00000000 ____D C:\Program Files\Steam
2015-10-12 15:32 - 2014-01-30 20:56 - 00001118 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-12 15:30 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-11 12:52 - 2012-11-20 19:18 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-11 12:51 - 2013-08-24 14:57 - 00007597 _____ C:\Users\User\AppData\Local\Resmon.ResmonCfg
2015-10-11 11:33 - 2015-05-12 19:36 - 00000000 ____D C:\Users\User\AppData\Local\HTC MediaHub
2015-10-11 11:31 - 2015-07-29 13:50 - 00059250 _____ C:\WINDOWS\PFRO.log
2015-10-11 11:31 - 2015-07-10 11:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-11 11:31 - 2015-07-10 08:59 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-11 11:28 - 2014-06-20 22:32 - 00000000 ____D C:\AdwCleaner
2015-10-11 10:03 - 2014-06-21 16:52 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-10 20:16 - 2012-12-29 16:34 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-10-10 19:58 - 2015-07-29 13:56 - 02030034 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-10 19:52 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Registration
2015-10-10 18:36 - 2014-06-21 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-10 18:36 - 2014-06-21 16:51 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-10-09 22:14 - 2013-11-20 19:11 - 00000000 ____D C:\Program Files\Overwolf
2015-10-09 22:14 - 2012-05-16 19:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-10-09 17:23 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-10-08 18:12 - 2015-02-20 10:05 - 00000000 ____D C:\Users\User\AppData\Local\Steam
2015-10-08 16:32 - 2015-07-29 13:58 - 00000000 ____D C:\Users\Philipp
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-08 16:27 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-08 16:26 - 2015-07-10 10:28 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-08 16:22 - 2015-07-10 10:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-08 16:19 - 2015-04-13 19:58 - 00000000 ____D C:\AMD
2015-10-08 16:18 - 2015-07-16 02:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx32.dll
2015-10-08 16:18 - 2015-07-16 02:11 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx32.dll
2015-10-08 16:18 - 2015-07-16 02:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxpag.dll
2015-10-08 16:18 - 2015-07-16 02:04 - 19525104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-10-08 16:18 - 2015-07-16 01:17 - 00223216 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-10-08 16:18 - 2015-07-16 01:13 - 00542192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-10-08 16:18 - 2015-07-16 01:12 - 00670208 _____ C:\WINDOWS\system32\coinst_15.20.dll
2015-10-08 16:14 - 2014-06-01 14:28 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2015-10-07 21:15 - 2015-03-09 21:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\www.gtavicecity.ru
2015-10-02 10:18 - 2015-08-23 16:29 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2015-09-30 20:43 - 2014-10-24 22:41 - 00000000 ____D C:\Users\User\AppData\Roaming\LolClient
2015-09-27 16:59 - 2014-06-21 12:07 - 00105352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-27 16:59 - 2014-06-21 12:07 - 00055912 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-26 10:41 - 2015-07-29 13:54 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-26 10:41 - 2015-07-06 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-26 10:39 - 2015-08-25 18:10 - 00000000 ____D C:\Users\David\AppData\Local\HTC MediaHub
2015-09-25 21:47 - 2015-07-10 11:53 - 04472496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-25 21:44 - 2015-07-10 15:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-24 18:20 - 2012-09-05 18:05 - 00000000 ____D C:\Users\User\AppData\Local\Paint.NET
2015-09-24 15:15 - 2014-09-12 12:29 - 00000000 ____D C:\Program Files\ElsterFormular
2015-09-24 15:15 - 2012-08-16 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-09-24 12:26 - 2015-08-23 16:27 - 00000000 ____D C:\Users\David\AppData\Local\Google
2015-09-20 17:05 - 2012-12-23 12:31 - 00000000 ____D C:\Users\User\.swt\Documents\My Games
2015-09-20 12:20 - 2015-08-23 16:31 - 00002399 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-20 12:20 - 2015-08-23 16:31 - 00000000 ___RD C:\Users\David\OneDrive
2015-09-15 18:12 - 2015-07-10 10:29 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 10:29 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-09-14 14:33 - 2012-05-11 09:56 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-09-12 16:18 - 2015-08-10 18:26 - 00000000 ____D C:\Users\User\AppData\Roaming\YGOPro DevPro
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-02-26 08:34 - 2013-02-26 08:34 - 2547384 _____ (Beepa P/L) C:\Program Files\fraps.exe
2013-02-26 08:34 - 2013-02-26 08:34 - 0234168 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2013-12-24 16:06 - 2013-12-24 16:16 - 1073741824 _____ () C:\Program Files\MicroVolts_1.0.3.70_GER.exe
2014-04-20 18:12 - 2014-06-02 10:58 - 0003750 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2015-06-04 20:34 - 2015-06-04 20:34 - 0143445 _____ () C:\Program Files\YouTube-Unblocker-056.zip
2014-09-11 14:44 - 2014-09-11 15:02 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2013-11-19 17:05 - 2015-10-07 21:08 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-09-20 15:22 - 2014-08-03 12:27 - 0000132 _____ () C:\Users\User\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-05-20 14:13 - 2013-05-20 14:13 - 0138056 _____ () C:\Users\User\AppData\Roaming\PnkBstrK.sys
2013-12-19 11:44 - 2014-01-23 09:44 - 0000111 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2014-09-11 15:05 - 2015-04-21 15:17 - 0001456 _____ () C:\Users\User\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2012-05-24 18:07 - 2012-11-17 16:08 - 0007168 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-24 14:57 - 2015-10-11 12:51 - 0007597 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2013-05-08 19:07 - 2014-06-17 19:11 - 0003899 _____ () C:\ProgramData\dorrcrane_save.log
2015-07-29 13:53 - 2015-07-29 13:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-06-01 21:05 - 2014-06-15 19:14 - 0003400 _____ () C:\ProgramData\dscrane_save.log
2013-02-20 17:09 - 2013-02-20 17:09 - 0004928 _____ () C:\ProgramData\qiwmnyln.lsb
Einige Dateien in TEMP:
====================
C:\Users\David\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\09b612d1dd5ef4708fb92a12636bb249.dll
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\comFE9A.exe
C:\Users\User\AppData\Local\Temp\fb1d5c12ab65a33663c67a42c8bf47b2.dll
C:\Users\User\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\User\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe
C:\Users\User\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 16:15
==================== Ende vom FRST.txt ============================
Geändert von Strikerx44 (12.10.2015 um 18:57 Uhr) |
|
12.10.2015, 18:57
| #10 |
| | CCC.exe Ungültiges Bild Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:11-10-2015 02
durchgeführt von User (2015-10-12 19:53:38)
Gestartet von C:\Users\User\Downloads\Desktop
Microsoft Windows 10 Home (X86) (2015-07-29 12:23:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1756924282-4294452273-3083732856-500 - Administrator - Disabled)
David (S-1-5-21-1756924282-4294452273-3083732856-1007 - Limited - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-1756924282-4294452273-3083732856-503 - Limited - Disabled)
Gast (S-1-5-21-1756924282-4294452273-3083732856-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1756924282-4294452273-3083732856-1004 - Limited - Enabled)
Philipp (S-1-5-21-1756924282-4294452273-3083732856-1002 - Limited - Enabled) => C:\Users\Philipp
User (S-1-5-21-1756924282-4294452273-3083732856-1000 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\uTorrent) (Version: 3.4.3.40208 - BitTorrent Inc.)
Ace of Spades (HKLM\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)
Ace of Spades (HKLM\...\Steam App 224540) (Version: - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.1.2.232 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader 9.3.4 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.8.612 - Adobe Systems, Inc.)
Alabama Smith In Escape From Pompeii (HKLM\...\Alabama Smith In Escape From Pompeii_is1) (Version: 1.0 - MyPlayCity, Inc.)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{DE7D695C-2EC7-AFDF-F786-6E938DE83175}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ancient Secrets: Der goldene Schlüssel (HKLM\...\Ancient Secrets: Der goldene Schlüssel) (Version: 2.0.0.0 - INTENIUM GmbH)
APB Reloaded (HKLM\...\Steam App 113400) (Version: - Reloaded Productions)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aranjas (HKLM\...\Aranjas) (Version: 0.0.0.0 - INTENIUM GmbH)
Ashley Clark: Das Geheimnis des Rubins (HKLM\...\Ashley Clark: Das Geheimnis des Rubins) (Version: 2.0.0.0 - INTENIUM GmbH)
Atlantis - Mysteries of Ancient Inventors (HKLM\...\Atlantis - Mysteries of Ancient Inventors_is1) (Version: 1.0 - MyPlayCity, Inc.)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
BearShare (Version: 10.0.0.128377 - Musiclab, LLC) Hidden
BigMacroTool 1.5 (HKLM\...\{620CAD2D-0757-43A9-AA5F-C8D48A1E4D85}_is1) (Version: - TLProd)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (Version: 2010.0527.1242.20909 - ATI) Hidden
Cinema 4D version R12 (HKLM\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cities Skylines (HKLM\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
CLEO 4.3 (HKLM\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
Das Rätsel der Eisprinzessin Sammleredition (HKLM\...\Das Rätsel der Eisprinzessin Sammleredition) (Version: 0.0.0.0 - INTENIUM GmbH)
Defiance (HKLM\...\Steam App 224600) (Version: - Trion Worlds, Inc.)
Deutschland Spielt - Spiele Post (HKLM\...\Deutschland Spielt - Spiele Post) (Version: 1.0.4.38 - INTENIUM GmbH)
DEUTSCHLAND SPIELT GAME CENTER (HKLM\...\DSGPlayer) (Version: 2.4.2.14 - INTENIUM GmbH)
Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Farmscapes(TM) Premium Edition (HKLM\...\00e1b559ced624f1a3ef930630c2d865) (Version: - zylom)
Firebird 2.5.0.26074 (Win32) (HKLM\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
FlatOut2 (HKLM\...\{7E641E46-81DB-4D1D-906A-48342523051C}) (Version: 1.00.0000 - Ihr Firmenname)
Frankenstein - The Dismembered Bride (HKLM\...\Frankenstein - The Dismembered Bride_is1) (Version: 1.0 - MyPlayCity, Inc.)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
GameCatalog15.2013 (Version: 1.00.0000 - Intenium GmbH) Hidden
Gardenscapes – Gestalte dein Haus (HKLM\...\Gardenscapes – Gestalte dein Haus_is1) (Version: - Playrix Entertainment)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Hidden Object Crosswords (HKLM\...\Hidden Object Crosswords_is1) (Version: 1.0 - MyPlayCity, Inc.)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
IdleMaster (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\1d85483b1c982d8c) (Version: 0.8.0.2 - IdleMaster)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java(TM) 6 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
join.me (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\JoinMe) (Version: 1.8.0.108 - LogMeIn, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
Loadout (HKLM\...\Steam App 208090) (Version: - Edge of Reality)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.385 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.385 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Masters of Mystery - Crime of Fashion (HKLM\...\Masters of Mystery - Crime of Fashion_is1) (Version: 1.0 - MyPlayCity, Inc.)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mermaid Adventures - the Frozen Time (HKLM\...\Mermaid Adventures - the Frozen Time_is1) (Version: 1.0 - MyPlayCity, Inc.)
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MicroVolts Surge (HKLM\...\Steam App 109400) (Version: - NQ Games)
Minecraft (HKLM\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
MorphVOX Junior (HKLM\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Mortimer Beckett And The Time Paradox (HKLM\...\Mortimer Beckett And The Time Paradox_is1) (Version: 1.0 - MyPlayCity, Inc.)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MTA:SA v1.4.1 (HKLM\...\MTA:SA 1.4) (Version: v1.4.1 - Multi Theft Auto)
MTA:SA v1.5.0 (HKLM\...\MTA:SA 1.5) (Version: v1.5.0 - Multi Theft Auto)
Mysteries and Nightmares: Morgianas Fluch (HKLM\...\Mysteries and Nightmares: Morgianas Fluch) (Version: 2.0.0.0 - INTENIUM GmbH)
Mystic Gallery (HKLM\...\Mystic Gallery_is1) (Version: 1.0 - MyPlayCity, Inc.)
Need for Speed(TM) Hot Pursuit (HKLM\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Need For Speed™ World (HKLM\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1353 - Electronic Arts)
Notepad++ (HKLM\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Overwolf (HKLM\...\Overwolf) (Version: 0.89.107.0 - Overwolf Ltd.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Pidgin (HKLM\...\Pidgin) (Version: 2.10.11 - )
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PRIME Z-DW Gaming Mouse (HKLM\...\PRIME Gaming Mouse) (Version: 1.0 - SPEEDLINK)
RaceRoom Racing Experience Launcher (HKLM\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIDGE RACER™ Driftopia (HKLM\...\Steam App 226410) (Version: - BUGBEAR)
Robocraft (HKLM\...\Steam App 301520) (Version: - Freejam)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix)
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version: - Punk Software)
S4 League_EU (HKLM\...\{A7D97EE5-6C35-4EF3-8BAD-98B8D4E83770}) (Version: 1.00.0000 - )
Season Match - Curse of the Witch Crow (HKLM\...\Season Match - Curse of the Witch Crow_is1) (Version: 1.0 - MyPlayCity, Inc.)
Skype™ 7.0 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.0.100 - Skype Technologies S.A.)
SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios)
SOE Web Installer (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sonic & All-Stars Racing Transformed (HKLM\...\Steam App 212480) (Version: - Sumo Digital)
Sonic and SEGA All Stars Racing (HKLM\...\Steam App 34190) (Version: - Sumo Digital)
Sothink SWF Decompiler (HKLM\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.0 - SourceTec Software Co., LTD)
Sothink SWF Editor Version 1.0 (HKLM\...\{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1) (Version: 1.0 - So Think, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spirits of Mystery: Der dunkle Minotaurus (HKLM\...\BFG-Spirits of Mystery - Der dunkle Minotaurus) (Version: - )
Spotify (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tales From The Dragon Mountain 2: The Lair (HKLM\...\Tales From The Dragon Mountain 2: The Lair) (Version: 0.0.0.0 - INTENIUM GmbH)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Test Drive Unlimited 2 (HKLM\...\Test Drive Unlimited 2_is1) (Version: - Atari)
The Crew (Worldwide) (HKLM\...\Uplay Install 413) (Version: - Ubisoft)
The Dream Voyagers: Die Traumheiler (HKLM\...\The Dream Voyagers: Die Traumheiler) (Version: 2.0.0.0 - INTENIUM GmbH)
The Path of Hercules (HKLM\...\The Path of Hercules_is1) (Version: 1.0 - Playrix Entertainment)
Unity Web Player (HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM\...\Uplay) (Version: 4.9 - Ubisoft)
Vampire Saga - Welcome to Hellock (HKLM\...\Vampire Saga - Welcome to Hellock_is1) (Version: 1.0 - MyPlayCity, Inc.)
Vegas Pro 11.0 (HKLM\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
VirtualDJ Home FREE (HKLM\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
VirtualDJ PRO Full (HKLM\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
Webocton - Scriptly 0.8.95.6 (HKLM\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows10FirewallControl Basic 7.2.105.116 (HKLM\...\Windows10FirewallControl_is1) (Version: 7.2.105.116 - Sphinx Software)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wonderland Online (HKLM\...\Wonderland Online_is1) (Version: 6.1.8 - IGG,Inc.)
XAMPP 1.7.7 (HKLM\...\xampp) (Version: - )
YGOPro DevPro (HKLM\...\{A115F80F-2B26-464E-97A3-8B13EC533C3D}) (Version: 2.1.2 - DevPro, LLC)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{000F1EA4-5E08-4564-A29B-29076F63A37A}\InprocServer32 -> C:\Users\User\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
==================== Wiederherstellungspunkte =========================
08-10-2015 16:15:47 Windows Update
11-10-2015 09:52:56 Revo Uninstaller's restore point - Minecraft - 1.6.4 Packages
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0408822E-7F37-45E8-8A7E-6BDB28845C24} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {049C8435-9056-408C-86C9-0B45479D2E66} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04CF40E1-6710-4141-86B4-106A679BE6F1} - System32\Tasks\{9738F50E-C0E0-4B9E-B00E-A4FC4FE9DB65} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=12031
Task: {08CEF25C-2297-4DE5-AE6D-E09CBE40AFCE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {0CAB2961-8A26-4ADB-879D-A365168B3270} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0ECCFCD1-C313-451E-9BC1-62AE7822299D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1AB50A0E-732D-464D-9D23-D3077A9F43A3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1FE0D709-36AA-4685-9D76-D715A0D8D8E1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {21E7BC0A-C9A6-4828-9040-BC1B59E34C63} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F52831A-C63F-4C66-98C8-7202CEA54C9E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {340E9A09-D230-4309-B984-9F5AA9EA54B1} - System32\Tasks\{1655C560-5A86-4479-8A4C-65887C481E75} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.100&LastError=12031
Task: {35D1F3E0-DF55-42AF-9180-88752691E2DB} - System32\Tasks\{A84C3686-18D9-4C50-B3C5-F971D1026B97} => pcalua.exe -a "C:\Program Files\Tuguu SL\VAFPlayer\Uninstall.exe" -d "C:\Program Files\Tuguu SL\VAFPlayer"
Task: {3AD6FA87-D484-4B36-B36A-0C41FD43A962} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3FAA0553-A304-4509-A1EA-DC8415F3EE34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {44F96C3D-9FC8-46EA-9B64-1265D898DBB5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4DD04DC2-2146-4790-831B-0ACFA25F85D5} - System32\Tasks\{FF20A75F-9C6E-42F0-BFAC-022CC13E33EF} => pcalua.exe -a "C:\Users\User\Downloads\DieWiegeRoms (1).exe" -d C:\Users\User\Downloads
Task: {53A59AF8-60DE-4DF2-A23A-1D95FDCC5C8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {558B9E84-CC15-447A-B3F5-4F30D1A3B2F7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {572EA14B-4479-430D-AD78-D83EC7CF14C7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5920712F-C28B-4A7F-90D0-D2BE609A21E9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {592468C8-1487-4F9A-AB78-7F5809E3CE3B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5B3D1B56-C200-4B45-ADA3-E7F775E9EBC9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {62867CC5-C650-4205-A769-0A2A957A1E60} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {65E6E7FA-0F26-4041-84F3-6D11980EAF6F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {75D581FC-9FD7-439A-8ABA-93F4E2F0D1F4} - System32\Tasks\{4CE26FDA-76BF-4CBB-8128-35E8DA1DE3D1} => pcalua.exe -a "C:\Users\User\Downloads\LauraJones (1).exe" -d C:\Users\User\Downloads
Task: {768A774D-D02A-4295-A741-17448DEC1114} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B7820B1-4F9D-4275-9BEF-C5F8E5436E67} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {7D20F69C-A5E6-458A-AE12-A2F82FB2A778} - System32\Tasks\{42E59334-3E85-458F-B13A-D73DCCFF2B42} => pcalua.exe -a C:\Users\User\Downloads\SchatzjaegerTreasureHunters.exe -d C:\Users\User\Downloads
Task: {85CDFC7B-BDC5-4581-9063-7AD59A246BF1} - System32\Tasks\{350FEF7D-0484-41DF-A1F5-6613CD56A397} => pcalua.exe -a "C:\Users\User\Downloads\mysticgallery_setup (2).exe" -d C:\Users\User\Downloads
Task: {874D95F5-19F0-44E3-ABF2-9AC5C404C8F6} - System32\Tasks\{540EDBBA-0D60-4BFE-96A1-6308F1A29326} => pcalua.exe -a "C:\Users\Philipp\AppData\Local\TeamSpeak 3 Client\package_inst.exe" -d C:\Users\User\Downloads -c "C:\Users\User\Downloads\soundboard-0.9.9.6b-win32.ts3_plugin"
Task: {89CC7417-74D2-4624-93C2-DC8113C13E4C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8A1DEEF8-8F35-40CB-B63D-D66B2591C7E6} - System32\Tasks\{E4B3DF97-23B5-4212-9EF1-8B3E2EA5D741} => pcalua.exe -a "C:\Users\User\Downloads\loki_setup (1).exe" -d C:\Users\User\Downloads
Task: {8D6A2521-E4A7-4F08-8626-251CB3251717} - System32\Tasks\{ABF1FFF9-E6F7-44F3-96E1-6EA86F1C6E89} => pcalua.exe -a C:\Users\User\Downloads\witchcrow_setup.exe -d C:\Users\User\Downloads
Task: {8DD0CC02-29AE-4921-91D5-28A791189E39} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {907A5884-3CF8-4805-BA70-65CBAABA06EB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90EDEA0C-FE1B-4FE2-89D6-DDD43B56D9AB} - System32\Tasks\Overwolf Updater Task => C:\Program Files\Overwolf\OverwolfUpdater.exe [2015-09-29] (Overwolf LTD)
Task: {91107982-7FF7-47FE-88ED-7B2B8EF1A8C0} - System32\Tasks\{CAD8A498-50EF-4FFB-A877-AB5B0BDC6CB7} => pcalua.exe -a "C:\Users\User\Downloads\DieWiegeOlympias3 (1).exe" -d C:\Users\User\Downloads
Task: {91376F64-3E43-4EFC-A190-2A791134456F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {91D7AAC1-697B-4ED6-A40F-26F37A101C74} - System32\Tasks\{A47C8D3D-514B-4520-AB3D-29E6564E0BE1} => pcalua.exe -a C:\Users\User\Downloads\MortimerBeckett3.exe -d C:\Users\User\Downloads
Task: {9216A6DF-4486-4F86-BC04-D66D43F5ADE2} - System32\Tasks\{A9244D4B-5AF2-4A79-A04D-387223DC37BD} => pcalua.exe -a "C:\Users\User\Downloads\rainbowweb3_setup (1).exe" -d C:\Users\User\Downloads
Task: {A0729C9E-ADC0-489C-AB3E-A93FE35C1575} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: {A0AEDE99-851E-445F-9ADD-5A6B4D48D489} - System32\Tasks\{B4271D65-C748-4D7D-A4BA-BC8AEF3EBBCA} => pcalua.exe -a "C:\Program Files\OXXOGames\GPlayer\\MyInstall.exe" -c ScriptUInst "C:\Program Files\OXXOGames\GPlayer\Install\\Game_7Wonders.log"
Task: {A5B38ED5-0275-4091-88A2-93E9FFFE392C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A93CD7F5-A075-47D9-A106-643C97EF9E71} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AEBDFAC9-37A9-4BD3-BBF3-123B641EA2C7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B05517AE-2F70-4F65-96F9-B91D200D0A73} - System32\Tasks\{67C537DC-A8FE-4583-B3C4-5E73D5617CD5} => pcalua.exe -a "C:\Users\User\Downloads\DieZauberhoehle (1).exe" -d C:\Users\User\Downloads
Task: {B1FC5A9D-C78F-45A6-9647-2500CA878F4B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B23611E0-FD7C-4DF3-8539-C8FC02B71B4F} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {B46260FF-6C55-4339-8908-B1BE4DE90CEC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF301BD7-09D8-452B-8C9E-0CCFD3AC23CC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C0452960-C86D-4E17-A4F2-412D434B17A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2A6C8E8-CBA5-4FEE-8EAE-3F02C2FA7DFC} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-Philipp => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {C54C67A6-31CD-4CAF-B469-5A4CDB30FB74} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7B77295-13FA-4AB0-886C-6BFE514C19AD} - System32\Tasks\SimpleFiles Update Service => C:\Program Files\SimpleFilesUpdater\SimpleFilesUpdater.exe
Task: {CCF36A05-4AFF-4EE4-B152-6FC17F27CC9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {D9D5B052-D43E-43D7-8C0E-FCA5B7FB0CCA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E5B1FE5D-677E-4DA8-8187-BC30EA11946A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE1F2C4B-AEEA-4420-B911-F1B381A55DCD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-29 14:44 - 2015-07-29 14:44 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 13:40 - 2015-08-11 10:53 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-30 20:51 - 2015-07-30 20:51 - 00170496 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\13711a764aa1f017ffa9f306e149169e\IsdiInterop.ni.dll
2010-08-30 20:04 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2015-10-01 18:30 - 2015-09-17 08:27 - 01766952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:30 - 2015-09-17 07:26 - 01386496 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-10-01 18:29 - 2015-09-17 07:25 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-29 14:44 - 2015-07-29 14:44 - 00500736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-10-01 18:29 - 2015-09-17 07:26 - 00707072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-10-01 18:29 - 2015-09-17 07:25 - 01183232 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 18:30 - 2015-09-17 08:27 - 01766952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-08-30 10:01 - 2013-08-30 10:01 - 02601840 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x86.dll
2012-05-19 12:23 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2015-07-10 10:24 - 2015-07-10 10:24 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 10:24 - 2015-07-10 10:24 - 00111104 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 18:30 - 2015-09-17 07:28 - 04317696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 18:29 - 2015-09-17 07:30 - 00642048 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-10-01 18:30 - 2015-09-17 07:26 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 10:25 - 2015-07-10 15:16 - 00107520 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2013-03-12 18:10 - 2015-10-05 18:18 - 00778752 _____ () C:\Program Files\Steam\SDL2.dll
2015-01-20 16:35 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files\Steam\v8.dll
2014-05-27 07:56 - 2015-10-09 01:02 - 02422864 _____ () C:\Program Files\Steam\video.dll
2014-09-06 08:14 - 2015-09-24 02:33 - 02549248 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-09-06 08:14 - 2015-09-24 02:33 - 00491008 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-09-06 08:14 - 2015-09-24 02:33 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2014-09-06 08:14 - 2015-09-24 02:33 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-09-06 08:14 - 2015-09-24 02:33 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2015-01-20 16:35 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files\Steam\icui18n.dll
2015-01-20 16:35 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files\Steam\icuuc.dll
2012-12-29 16:44 - 2015-10-09 01:02 - 00704592 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2015-07-25 15:42 - 2015-09-14 22:20 - 00193536 _____ () C:\Program Files\Steam\bin\openvr_api.dll
2012-12-29 16:44 - 2015-10-09 00:20 - 45010208 _____ () C:\Program Files\Steam\bin\libcef.dll
2015-01-20 16:35 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files\Steam\winh264.dll
2015-08-04 09:54 - 2015-10-11 12:52 - 00149480 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2015-08-04 09:53 - 2015-10-11 12:52 - 00090088 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2015-08-04 09:53 - 2015-10-11 12:52 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2015-08-04 09:54 - 2015-10-11 12:52 - 00260072 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-08-04 09:54 - 2015-10-11 12:52 - 00291304 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\lua_plugin.dll
2015-09-09 17:33 - 2015-09-09 17:33 - 00433664 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
2015-08-04 09:54 - 2015-10-11 12:52 - 00369640 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2015-08-04 09:54 - 2015-10-11 12:52 - 00025576 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\test_plugin.dll
2015-08-04 09:54 - 2015-10-11 12:52 - 00034280 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\ts3g15.dll
2015-07-17 14:37 - 2015-09-24 18:17 - 00270336 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2015-07-17 14:37 - 2015-09-24 18:17 - 01291776 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2015-09-26 15:20 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-26 15:20 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.101\libegl.dll
2015-10-12 19:48 - 2015-10-12 19:49 - 00852720 _____ () C:\Users\User\Downloads\Desktop\SecurityCheck.exe
2015-06-08 21:06 - 2015-06-08 21:06 - 00014336 _____ () C:\Program Files\Notepad++\plugins\NppExport.dll
2015-05-15 16:24 - 2015-05-15 16:24 - 02873856 _____ () C:\Program Files\Notepad++\plugins\NppFTP.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\Temp:258D2F8B
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:3B812EE0
AlternateDataStreams: C:\ProgramData\Temp:98CF1A39
AlternateDataStreams: C:\ProgramData\Temp:A7D26093
AlternateDataStreams: C:\ProgramData\Temp:F4CA4D70
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Downloads\sasuke-uchiha.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files\ExKode\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PRIME Gaming Mouse => "C:\Program Files\SPEEDLINK Gaming Mouse\Gaming Mouse.exe" /hide
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spiele Post => C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
HKLM\...\StartupApproved\Run: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run: => "Ocs_SM"
HKLM\...\StartupApproved\Run: => "Windows10FirewallControl"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "Spiele Post"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-1756924282-4294452273-3083732856-1000\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{42689E27-F427-4ED4-AFE2-AF8606675B76}C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe] => (Allow) C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe
FirewallRules: [TCP Query User{711044CF-97B9-4359-84E8-4A232A7CFD7B}C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe] => (Allow) C:\users\user\downloads\desktop\spiele\sa\proxy_sa.exe
FirewallRules: [{5400D9D5-3090-43E4-B93A-E31C484B5CB3}] => (Allow) C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [UDP Query User{C88BB359-7CE2-4410-91DC-803021B7F139}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{44C3DEB4-B2AD-4A12-AADC-9097EA0E5260}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{756C8AC2-BFF2-4D69-A061-ABFADE855005}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{69C70296-ACA5-42E6-B842-1793DB7CC383}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{74FEAC59-30A1-45AF-98FD-EBF9E2ADF970}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{6C8FD3F8-5769-4821-9EE4-27E79A7F706D}] => (Allow) C:\Program Files\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [UDP Query User{0BB8C592-660F-491F-8EED-3169FB09C7C5}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{EAE93C0C-8D16-4BC5-95E9-A0632A941258}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3CB6298F-6175-41F5-9F23-5DD3A1A0FA94}] => (Allow) C:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{31F2CDA1-757D-449E-9A81-9B0C60A3631F}] => (Allow) C:\Program Files\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{C8D556FB-232D-4449-BEBE-43893161298D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1145C3AB-3958-442D-A8E4-F09E855DE8FD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CE4700E9-1066-4A35-8A2D-D82C37BDA8B0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{092BFFD0-5ABD-45DC-A6DC-21B56019C4AA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{8174A619-97D3-4139-AFD0-5C39AFCF9224}C:\program files\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files\speedlink gaming mouse\gaming mouse.exe
FirewallRules: [TCP Query User{A4789579-9415-418A-B591-F69866701A13}C:\program files\speedlink gaming mouse\gaming mouse.exe] => (Allow) C:\program files\speedlink gaming mouse\gaming mouse.exe
FirewallRules: [UDP Query User{A01E6294-7DE2-43D0-A7D2-594C1A08BDE0}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{708C0719-F688-4C53-9645-3684F706CC88}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{525F6525-E841-4EA4-A23B-9D54DD156FE3}] => (Allow) C:\Program Files\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{95CBE699-0DAB-4026-86E2-2C6DE5E046AA}] => (Allow) C:\Program Files\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{FD90EDE9-B026-4EE6-AAE6-896DCE8D91A7}] => (Allow) C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AECAD51C-6F50-4DDE-BBA8-33003E7BD64B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [UDP Query User{FF5BFADD-9272-4932-B635-BF421C0A274F}C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{AC9B6C99-0968-407D-8716-8C4ED7582B46}C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{4D4FA519-472C-4F49-8788-A17F2FB1F70E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4CE4E705-68C6-45A9-A464-C1AA7E63A277}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6DE5180C-FC36-43D6-A8CB-B7CF1627BC88}] => (Allow) C:\Program Files\Ubisoft\Ivory Tower\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{4A8F3F65-54C2-45BD-A34C-8FD00123BB60}] => (Allow) C:\Program Files\Ubisoft\Ivory Tower\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{F61EE33A-9F0A-4253-9039-2B8A570D1C4C}] => (Allow) C:\Users\User\AppData\Local\Temp\nsa80F6.tmp\CnetInstaller-75095296.exe
FirewallRules: [{EBA35DEB-C468-4944-9C90-EDE01A7BD8A4}] => (Allow) C:\Users\User\AppData\Local\Temp\nsa80F6.tmp\CnetInstaller-75095296.exe
FirewallRules: [{E5947700-8BC3-4DCF-8CD5-821F5B51E76E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{0686AE97-A6F8-4778-8D3A-0B0259072A86}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3EA4A022-4095-4E38-9E8F-20EE8A0E96F0}C:\users\philipp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philipp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D46C49AF-4759-46CD-8952-66627EFE0CA9}] => (Allow) C:\Program Files\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{F5CC3CF0-103C-4591-9770-FA0A4EDA18AF}] => (Allow) C:\Program Files\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [UDP Query User{437C0A07-88A2-4577-A34F-8CCC14654897}C:\program files\mta san andreas 1.4\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.4\server\mta server.exe
FirewallRules: [TCP Query User{6CC858C4-50DF-4505-BEEC-2449D022C5A5}C:\program files\mta san andreas 1.4\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.4\server\mta server.exe
FirewallRules: [{7BD304F6-B77E-44A1-AEC0-F3798F6625F3}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{1182AD4C-227F-4862-853D-7EB780765D2B}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{68E389F8-F388-4AB0-9208-45F2AEBC7961}C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe] => (Allow) C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe
FirewallRules: [TCP Query User{5524EE5A-1827-4479-BA49-CACD95750CF7}C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe] => (Allow) C:\users\philipp\appdata\local\temp\rar$exa0.800\survivers_beta_3\survivers_beta_3.exe
FirewallRules: [UDP Query User{70F8B244-2DD7-4A28-9132-DB65991C0C9D}C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe] => (Allow) C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe
FirewallRules: [TCP Query User{2C8C9B63-CD0B-42F2-B4EB-597ECED0AA83}C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe] => (Allow) C:\users\user\downloads\desktop\swift 2.0 32bit\bin\debug\silverwave.exe
FirewallRules: [{36696375-2164-48C1-AEC8-483A8215C2A6}] => (Allow) C:\Program Files\SimpleFiles\downloader.exe
FirewallRules: [{C8B4A7AE-07EF-43EB-927B-D297CCC28577}] => (Allow) C:\Program Files\SimpleFiles\downloader.exe
FirewallRules: [{BE451030-BE2B-487E-82BF-8FEFE3C00B3C}] => (Allow) C:\Program Files\SimpleFiles\SimpleFiles.exe
FirewallRules: [{3CB7AF29-3D2A-4747-A4A8-B7EA9C8AA35A}] => (Allow) C:\Program Files\SimpleFiles\SimpleFiles.exe
FirewallRules: [{5EC3D59B-ABD5-41A4-950D-B99AB02C48D9}] => (Allow) C:\Program Files\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{8B7540F2-C5CC-4E3F-940B-77F08F6A902E}] => (Allow) C:\Program Files\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{22E36250-FADC-4CF8-ADB7-71E3D3C0756B}] => (Block) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [{6EE25ADB-83D8-4944-9F01-951B2132574C}] => (Block) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [UDP Query User{354B9E68-0A26-4662-9556-AF1ECEB0449F}C:\program files\mta san andreas 1.3\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [TCP Query User{D55DECD9-47F2-4EF9-A1AB-DE64BA6051A8}C:\program files\mta san andreas 1.3\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.3\server\mta server.exe
FirewallRules: [UDP Query User{48AE4AF0-72D3-4706-9D26-F0AC68BA2076}C:\users\user\downloads\desktop\sa\gta_sa.exe] => (Block) C:\users\user\downloads\desktop\sa\gta_sa.exe
FirewallRules: [TCP Query User{AB554167-3350-4745-9A72-B37B788FC829}C:\users\user\downloads\desktop\sa\gta_sa.exe] => (Block) C:\users\user\downloads\desktop\sa\gta_sa.exe
FirewallRules: [{27A01E99-0473-4D53-A977-3CDD25DD34C4}] => (Allow) C:\Program Files\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{15808D04-43BA-4C22-B855-DE57DBE3AA8D}] => (Allow) C:\Program Files\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{68695488-3C6C-40EF-A8FD-3699203A02BB}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Bin\Microvolts.exe
FirewallRules: [{0FFD959A-DB2D-4010-8902-641C0B52BC8F}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Bin\Microvolts.exe
FirewallRules: [{DF599311-4B40-467F-ACBB-A8ACCB4A2439}] => (Allow) C:\Program Files\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{F2615F03-C27F-47EC-98CC-39750843FF06}] => (Allow) C:\Program Files\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C12B01E2-B216-420D-B010-61F69C4C7F1B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{54AFAE2C-522C-404C-A7E9-D8A50CD824E1}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{628F8006-0447-4F53-9B8E-C1230095FBAD}] => (Allow) C:\Program Files\Steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe
FirewallRules: [{72496693-4460-4758-8132-D04746D6BB3C}] => (Allow) C:\Program Files\Steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe
FirewallRules: [{3998233D-51FE-4C25-A1DE-7CD904D6C1F6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BAEABCED-9E2F-468A-8B9F-44EED819DBA6}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{60EDEE2E-3352-4E92-8B5B-AC59935C0371}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Launcher.exe
FirewallRules: [{42215ED3-A233-4D8F-BAA7-EF69F0E76E59}] => (Allow) C:\Program Files\Steam\SteamApps\common\MicroVolts\Launcher.exe
FirewallRules: [{BB21F2EC-7E75-471F-8908-0EDCE59BAADF}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [{B8A97513-AE03-4D3B-8B0C-25AD56433960}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [UDP Query User{03993AD6-C4ED-425B-82F6-119953CEA1A2}C:\program files\atari\tdu2\testdrive2.exe] => (Allow) C:\program files\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{C2E56BCC-BA54-43A9-AADB-BE12B4175C88}C:\program files\atari\tdu2\testdrive2.exe] => (Allow) C:\program files\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{2CAB46F3-C43D-4B62-A72F-BCDB0C1F8DDA}C:\program files\atari\tdu2\uplauncher.exe] => (Allow) C:\program files\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{6048F5A1-1046-4803-B782-495ABC3F2289}C:\program files\atari\tdu2\uplauncher.exe] => (Allow) C:\program files\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{854CF552-A8B7-4041-8D43-E530A92FCE94}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [TCP Query User{D5519F1D-CB9C-4E45-8FA6-DEEF27161CF0}C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\program files\electronic arts\need for speed(tm) hot pursuit\nfs11.exe
FirewallRules: [{9BE63902-C7FF-4629-9F2C-D12721A3AA37}] => (Allow) C:\Program Files\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{19A0E7CA-9483-4F69-B42E-25BE4C49FD3E}] => (Allow) C:\Program Files\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [UDP Query User{219E2558-DC5E-4B08-B371-5904513D0FAA}C:\users\user\downloads\desktop\darkgunz\gunz.exe] => (Allow) C:\users\user\downloads\desktop\darkgunz\gunz.exe
FirewallRules: [TCP Query User{37DED193-3CEA-4C29-8901-A1BC49DB2875}C:\users\user\downloads\desktop\darkgunz\gunz.exe] => (Allow) C:\users\user\downloads\desktop\darkgunz\gunz.exe
FirewallRules: [UDP Query User{61C06FA3-7B01-4216-941F-1CD44A87577F}C:\program files\virtualdj\virtualdj_pro.exe] => (Block) C:\program files\virtualdj\virtualdj_pro.exe
FirewallRules: [TCP Query User{BA4028C2-DE0C-441D-80B4-7B2861AACA44}C:\program files\virtualdj\virtualdj_pro.exe] => (Block) C:\program files\virtualdj\virtualdj_pro.exe
FirewallRules: [{CB927443-30DE-4FE1-ABD6-BBC31DFCA980}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{DD07B4F2-B611-47A1-B9C0-6574DD5A8949}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{B3BAD9B2-E142-4B65-8485-B0FB622B618B}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{09391EB3-834B-4B60-A067-401EE4635161}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{FF76863F-D153-4F6E-96DF-52D889778CDE}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{5020F75F-602B-41A7-811F-7E83D33511CF}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{3C92E447-12A7-4968-B1C7-D70093181A7F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [UDP Query User{8882115E-0CE7-4238-A0D7-DA70184DEABE}C:\ace of spades\server.exe] => (Allow) C:\ace of spades\server.exe
FirewallRules: [TCP Query User{5D533ED5-822C-4EC4-8A0B-8F4361DACD6C}C:\ace of spades\server.exe] => (Allow) C:\ace of spades\server.exe
FirewallRules: [UDP Query User{515CC01F-96FE-4207-9BF7-26CA35F8C10F}C:\users\philipp\desktop\skype.exe] => (Allow) C:\users\philipp\desktop\skype.exe
FirewallRules: [TCP Query User{27B11B87-F7A5-4340-A989-CD17ABBD5780}C:\users\philipp\desktop\skype.exe] => (Allow) C:\users\philipp\desktop\skype.exe
FirewallRules: [UDP Query User{5AE74B59-5412-470C-B936-BC5176E1A2B5}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{C5BD7998-B46B-4F7C-9444-D01C6B2B36CE}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [{EFBD7B9A-AF27-4596-B962-605A1A807B78}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{719DD8C9-49DF-4696-AA99-10F5FC1525C0}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [UDP Query User{4E8E8B5A-A161-4180-99D8-245920306018}F:\retro conects\emu\3.8.1\phoenix.exe] => (Allow) F:\retro conects\emu\3.8.1\phoenix.exe
FirewallRules: [TCP Query User{7DA755EA-DB5C-4CA1-8B21-8FFF5F3DFC6D}F:\retro conects\emu\3.8.1\phoenix.exe] => (Allow) F:\retro conects\emu\3.8.1\phoenix.exe
FirewallRules: [{78BDBC6C-FA68-470F-8C59-E1A705E94772}] => (Allow) C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{26172B2C-49EC-4290-8233-5F502A5E8F9A}] => (Allow) C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [UDP Query User{FCD6DDE2-F95A-4C9B-B803-06F9102A28A4}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{A2C291FE-5472-47C1-A6C2-22B1919C5338}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{5AA0543C-316B-4F21-966B-84C99FA50CC0}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{885BD716-FC35-48B5-832C-EC88961BA15E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{E7E973C0-4228-4F5F-BD2C-F5712354DA46}] => (Allow) C:\Users\Philipp\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{FBB1A55D-4FEE-448D-94EF-47AA484C1078}] => (Allow) C:\Users\Philipp\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [UDP Query User{760D4AAB-10E3-4D11-AA41-5009BCBAB86A}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{9B1B28A0-C2DF-4551-A727-CDF8BEE2ECEA}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{C88C2F36-3F41-4F26-B5FE-9ACEC60B6D88}C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe
FirewallRules: [TCP Query User{A7E69A7E-18BE-401D-8260-D941DE649D9B}C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe\sambc.exe
FirewallRules: [UDP Query User{EFB4C96A-9D0F-4238-9733-9E06E933209D}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{A60D8900-EDAA-4EE8-9B28-11DBAD8A6D60}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{BCABBB62-F67C-4B9A-880B-F9B74DC43DB9}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{0752F99D-E2BF-4E83-B722-2EEDE718C17F}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{5017EFE8-7869-49F1-9E25-8B2642F7D2D0}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{33C61532-C68D-49F3-9A21-EF2B22C6AC07}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{C013538C-9D1C-4141-9C95-70868081A59A}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{4E6AA875-E905-45AA-A711-6F0C3ABAED0A}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{299984B2-C8D5-42CD-9008-384C10A00B69}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{CB478090-2321-48B1-8F4B-8011A1991C90}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{46CC76CC-4E42-4F77-8DC8-FC8124702B3C}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{85D1F3C3-16E7-4931-B186-5A2AB23C8F39}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [UDP Query User{53DF6DE2-4C81-41C0-A9A7-EC1B2A7B459E}C:\program files\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe
FirewallRules: [TCP Query User{A7759118-3F7A-4D38-8A16-667762A18CA1}C:\program files\spacialaudio\sambc\sambc.exe] => (Allow) C:\program files\spacialaudio\sambc\sambc.exe
FirewallRules: [UDP Query User{F62D7050-9DBA-4C4E-9759-EB9011CC98D5}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{4764D584-6134-41B8-AEE8-A82FA412192D}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{3A20C30F-16FC-462C-80EC-9FCB8ADC4A02}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{4D61F701-A2BF-4938-BAE3-11552DFC97EB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{8358DF11-488F-4467-9A8E-28188AB7B994}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{4F8F98BD-627F-47E8-B15C-61CC3829D443}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{1DDFB383-BB26-4C63-8C87-B4F870C22F30}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F30CE0D4-CEB1-48FF-9D4A-600DF23C27EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F729D051-3879-48DD-98C4-4892839A2444}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{84323AA2-4332-4B50-9A32-4F6CEAFD61B3}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B6FAAD0D-533A-41A4-97D2-78AA90725162}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{87E6175E-D3C6-498C-BE20-BBFA3737CD32}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
FirewallRules: [{1B0BEDD0-5AB4-47ED-A442-1AEF1E806015}] => (Allow) C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
FirewallRules: [TCP Query User{F44513D8-BE35-4EE0-B2F8-82A22BA544A6}C:\program files\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.5\server\mta server.exe
FirewallRules: [UDP Query User{6BD19584-0F32-4A5C-AAE9-8C49A9FF36A6}C:\program files\mta san andreas 1.5\server\mta server.exe] => (Allow) C:\program files\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{F6E2C86F-D024-469A-B096-FCCF2CA1895B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{720E313D-467E-45AD-ABE3-3F86B563D121}] => (Allow) C:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{43420097-400A-47AB-9A62-8FF9EEFE1B66}C:\users\user\appdata\roaming\ygopro devpro\devpro.dll] => (Allow) C:\users\user\appdata\roaming\ygopro devpro\devpro.dll
FirewallRules: [UDP Query User{A4501A90-1DDE-44E6-9634-3F891598A2E8}C:\users\user\appdata\roaming\ygopro devpro\devpro.dll] => (Allow) C:\users\user\appdata\roaming\ygopro devpro\devpro.dll
FirewallRules: [TCP Query User{661BCD85-D778-4E2C-B4C4-FE3812A7004A}C:\program files\teamspeak 3 client\ts3client_win32.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win32.exe
FirewallRules: [UDP Query User{8CB2FE79-D27E-4B7C-890F-B8A31B560073}C:\program files\teamspeak 3 client\ts3client_win32.exe] => (Allow) C:\program files\teamspeak 3 client\ts3client_win32.exe
FirewallRules: [{B821FFD6-F705-446F-81D1-F1B9518199C5}] => (Allow) C:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0DEDE563-F747-40A7-AC59-9ACE8F4F8F47}] => (Allow) C:\Program Files\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{99D34D43-39FC-4CDC-8BB2-016F429C5C07}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3D719220-AEFB-400E-9976-CFE364FF7061}C:\users\user\appdata\local\temp\rar$exa0.726\bruteforce\server\bfs.exe] => (Block) C:\users\user\appdata\local\temp\rar$exa0.726\bruteforce\server\bfs.exe
FirewallRules: [UDP Query User{E5E4630C-1693-4DA8-A9A6-8999652312F4}C:\users\user\appdata\local\temp\rar$exa0.726\bruteforce\server\bfs.exe] => (Block) C:\users\user\appdata\local\temp\rar$exa0.726\bruteforce\server\bfs.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/12/2015 03:32:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x54dca1de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (10/12/2015 03:32:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei ATI.ACE.ADL.ADL+ADLImport.ADL2_Graphics_MantleVersion_Get(IntPtr, ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.ADL.ADL.Synchronized_ADL2_Mantle_Versions_Get(ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.GetMantleDetails()
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.Initialize()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Initialize(ATI.ACE.CLI.Foundation.XCastesBase)
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/12/2015 03:32:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x54dca1de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1f04
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (10/12/2015 03:32:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei ATI.ACE.ADL.ADL+ADLImport.ADL2_Graphics_MantleVersion_Get(IntPtr, ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.ADL.ADL.Synchronized_ADL2_Mantle_Versions_Get(ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.GetMantleDetails()
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.Initialize()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Initialize(ATI.ACE.CLI.Foundation.XCastesBase)
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/12/2015 08:56:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: User-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/12/2015 08:44:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x54dca1de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x12ac
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (10/12/2015 08:44:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei ATI.ACE.ADL.ADL+ADLImport.ADL2_Graphics_MantleVersion_Get(IntPtr, ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.ADL.ADL.Synchronized_ADL2_Mantle_Versions_Get(ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.GetMantleDetails()
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.Initialize()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Initialize(ATI.ACE.CLI.Foundation.XCastesBase)
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/12/2015 08:43:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x54dca1de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1a2c
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (10/12/2015 08:43:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei ATI.ACE.ADL.ADL+ADLImport.ADL2_Graphics_MantleVersion_Get(IntPtr, ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.ADL.ADL.Synchronized_ADL2_Mantle_Versions_Get(ATI.ACE.ADL.ADLMantleAppInfo ByRef)
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.GetMantleDetails()
bei ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsCaste_N.Initialize()
bei ATI.ACE.CLI.Component.Runtime.Shared.Private.RTComponent.Initialize(ATI.ACE.CLI.Foundation.XCastesBase)
bei ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/11/2015 07:16:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (10/12/2015 08:56:17 AM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (10/12/2015 08:56:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 09:12:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 09:12:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 09:12:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 09:12:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 02:21:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 02:21:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 02:21:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/11/2015 02:21:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 3063.11 MB
Verfügbarer physikalischer RAM: 1229.61 MB
Summe virtueller Speicher: 7657.11 MB
Verfügbarer virtueller Speicher: 4990.67 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:1356.16 GB) (Free:850.49 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:21.06 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: C62503B8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende vom Addition.txt ============================
|
|
13.10.2015, 18:08
| #11 |
| /// the machine /// TB-Ausbilder | CCC.exe Ungültiges Bild Dann ESET bitte weg lassen und dafür das hier: Lade Dir bitte von hier  Emsisoft Emergency Kit herunter.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.10.2015, 16:18
| #12 |
| | CCC.exe Ungültiges Bild Lässt sich ebenfalls nicht Updaten. Soll ich trotzdem scannen? |
|
15.10.2015, 13:21
| #13 |
| /// the machine /// TB-Ausbilder | CCC.exe Ungültiges Bild Aber dein internet allgemein geht? Ja ohne Update scannen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.10.2015, 15:55
| #14 |
| | CCC.exe Ungültiges Bild Mein Internet war natürlich an. Alle Programme die Netzwerk zugriff hatten habe ich aber dann geschlossen. Code:
ATTFilter Emsisoft Emergency Kit - Version 10.0
Letztes Update: N/A
Benutzerkonto: USER-PC\User
Scan-Einstellungen:
Scan-Methode: Malware-Scan
Objekte: Rootkits, Speicher, Traces, Dateien
PUPs-Erkennung: An
Archiv-Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan-Beginn: 10/15/2015 4:36:53 PM
Value: HKEY_USERS\S-1-5-21-1756924282-4294452273-3083732856-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1756924282-4294452273-3083732856-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Gefunden: Setting.DisableRegistryTools (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\IWIN Gefunden: Application.InstallAd (A)
C:\settings.ini Gefunden: Gen:Adware.MPlug.1 (B)
C:\Users\Philipp\Downloads\cbsidlm-cbsi188-Likno_Web_Button_Maker_Free-BP-10500120.exe Gefunden: Application.Win32.AppInstall (A)
C:\Users\User\AppData\Local\Temp\mm_88FC.tmp\installer_m.exe Gefunden: Gen:Variant.Symmi.56652 (B)
C:\Users\User\AppData\Local\Temp\mm_C8F6.tmp\project_dl.exe Gefunden: Gen:Variant.Kazy.727463 (B)
Gescannt: 94956
Gefunden 7
Scan-Ende: 10/15/2015 4:53:33 PM
Scan-Zeit: 0:16:40
*** Scan aborted by om Benutzer beendet ***
C:\Users\User\AppData\Local\Temp\mm_C8F6.tmp\project_dl.exe Gelöscht Gen:Variant.Kazy.727463 (B)
C:\Users\User\AppData\Local\Temp\mm_88FC.tmp\installer_m.exe Gelöscht Gen:Variant.Symmi.56652 (B)
C:\Users\Philipp\Downloads\cbsidlm-cbsi188-Likno_Web_Button_Maker_Free-BP-10500120.exe Gelöscht Application.Win32.AppInstall (A)
C:\settings.ini Gelöscht Gen:Adware.MPlug.1 (B)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\IWIN Gelöscht Application.InstallAd (A)
Value: HKEY_USERS\S-1-5-21-1756924282-4294452273-3083732856-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Gelöscht Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1756924282-4294452273-3083732856-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Gelöscht Setting.DisableTaskMgr (A)
Gelöscht 7
|
|
16.10.2015, 18:37
| #15 |
| /// the machine /// TB-Ausbilder | CCC.exe Ungültiges Bild Frisches FRST log bitte, und eine genaue Beschreibung, was noch an Problemen besteht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu CCC.exe Ungültiges Bild |
| ausgeführt, avira, bereits, beschädigt, bild, c:\windows, datei, fehlermeldung, gelöscht, grafikkarte, grafikkarten, grafikkartentreiber, guten, hoffe, nicht mehr, problem, programm, richtig, starte, starten, system, system32, titel, treiber, windows |
dann auf 
und dann auf 
. 
Linear-Darstellung
