| |
| |||||||
Log-Analyse und Auswertung: Neuer TeslaCrypt typ unter Win 7Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.12.2015, 03:42
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Neuer TeslaCrypt typ unter Win 7 Dass ich mitten drin bin dabei dir zu helfen, wir aber nen kleinen cut wegen deinem keygen scheiß hatten, hast du aber schon mitbekommen? 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.12.2015, 03:52
| #17 |
 | Neuer TeslaCrypt typ unter Win 7 Ja hab ich, bin auch dankbar, dass du mir um diese Uhrzeit noch hilfst.
__________________  |
|
11.12.2015, 03:56
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Neuer TeslaCrypt typ unter Win 7 Dann bitte jetzt Combofix ausführen:
__________________Scan mit Combofix
__________________ |
|
11.12.2015, 05:00
| #19 |
| | Neuer TeslaCrypt typ unter Win 7 So hier ist das Logfile von Combofix (Combofix hat gemeckert, dass Emsi anscheinend noch lief) Code:
ATTFilter ComboFix 15-12-07.01 - Der andere 11.12.2015 4:37.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.14335.11664 [GMT 1:00]
ausgeführt von:: c:\users\Der andere\Desktop\ComboFix.exe
AV: Emsisoft Anti-Malware *Enabled/Outdated* {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
SP: Emsisoft Anti-Malware *Enabled/Outdated* {9425001D-A331-13F4-34E6-D05C71B96A74}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\MediaTube_ver1.1573.0.exe
C:\StarCodec_ver1.5897.0.exe
C:\update.exe
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.html
c:\users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.txt
c:\users\Default\Favorites\how_recover+tsq.html
c:\users\Der andere\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.html
c:\users\Der andere\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.txt
c:\users\Der andere\AppData\Roaming\Microsoft\Windows\Recent\how_recover+tsq.html
c:\users\Der andere\AppData\Roaming\Microsoft\Windows\Recent\how_recover+tsq.txt
c:\users\Der andere\Favorites\how_recover+tsq.html
c:\users\Georg\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.html
c:\users\Georg\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.txt
c:\users\Georg\Favorites\how_recover+tsq.html
c:\users\Max PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.html
c:\users\Max PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.txt
c:\users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+bcu.html
c:\users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+bcu.txt
c:\users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.html
c:\users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\how_recover+tsq.txt
c:\users\Max\Favorites\how_recover+bcu.html
c:\users\Max\Favorites\how_recover+tsq.html
c:\users\Public\Favorites\how_recover+tsq.html
c:\windows\IsUn0407.exe
c:\windows\security\Database\tmp.edb
C:\wmcodec_update.exe
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-11-11 bis 2015-12-11 ))))))))))))))))))))))))))))))
.
.
2015-12-11 03:49 . 2015-12-11 03:49 -------- d-----w- c:\users\Max\AppData\Local\temp
2015-12-11 03:49 . 2015-12-11 03:49 -------- d-----w- c:\users\Max PC\AppData\Local\temp
2015-12-11 03:49 . 2015-12-11 03:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-11 03:08 . 2015-12-11 03:08 -------- d-----w- c:\users\Der andere\AppData\Local\Secunia PSI
2015-12-11 00:52 . 2015-12-11 03:22 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-12-11 00:49 . 2015-12-11 00:49 -------- d-----w- C:\OETemp
2015-12-10 02:20 . 2015-12-10 02:20 -------- d-----w- c:\users\Der andere\AppData\Local\Adobe
2015-12-10 00:18 . 2015-12-10 00:18 -------- d-----w- c:\programdata\Emsisoft
2015-12-10 00:07 . 2015-12-11 03:30 -------- d-----w- c:\program files\Emsisoft Anti-Malware
2015-12-09 23:42 . 2015-12-11 02:11 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-09 23:41 . 2015-12-11 02:11 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-09 23:41 . 2015-12-09 23:41 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-12-09 23:41 . 2015-12-09 23:41 -------- d-----w- c:\programdata\Malwarebytes
2015-12-09 23:41 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-09 23:41 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-12-09 23:40 . 2015-12-09 23:40 -------- d-----w- c:\users\Der andere\AppData\Local\Programs
2015-12-09 23:32 . 2015-12-09 23:32 -------- d-----w- c:\programdata\HitmanPro
2015-12-09 23:18 . 2015-12-10 00:46 -------- d-----w- C:\FRST
2015-12-09 02:04 . 2015-12-10 00:01 -------- d-----w- c:\windows\system32\MpEngineStore
2015-12-09 02:02 . 2015-12-09 02:02 -------- d-----w- c:\users\Der andere\AppData\Roaming\Notepad++
2015-12-09 02:01 . 2015-12-09 02:01 -------- d-----w- c:\users\Der andere\AppData\Roaming\OpenOffice
2015-12-09 00:57 . 2015-12-11 01:26 -------- d-----w- c:\users\Max\AppData\Local\Owics
2015-12-08 22:33 . 2015-11-05 19:02 2048 ----a-w- c:\windows\system32\tzres.dll
2015-12-08 22:33 . 2015-11-05 19:00 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2015-12-08 22:31 . 2015-10-08 23:22 69120 ----a-w- c:\windows\system32\nlsbres.dll
2015-12-08 22:30 . 2015-11-05 19:05 17408 ----a-w- c:\windows\system32\wshrm.dll
2015-12-08 22:30 . 2015-11-05 19:02 14848 ----a-w- c:\windows\SysWow64\wshrm.dll
2015-12-08 22:30 . 2015-11-05 09:53 146944 ----a-w- c:\windows\system32\drivers\rmcast.sys
2015-12-08 22:28 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2015-12-08 22:28 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
2015-12-08 22:24 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AA8FBDA6-5014-405C-B56D-5D8317BDF9BF}\mpengine.dll
2015-12-06 23:04 . 2015-12-11 03:26 65536 ----a-w- c:\windows\system32\spu_storage.bin
2015-12-06 23:01 . 2014-02-16 04:23 60640 ----a-r- c:\windows\system32\drivers\usbfilter.sys
2015-12-06 22:57 . 2015-05-05 11:52 235008 ----a-w- c:\windows\system32\clinfo.exe
2015-12-06 22:57 . 2015-05-05 11:51 34340352 ----a-w- c:\windows\SysWow64\amdocl.dll
2015-12-06 22:57 . 2015-05-05 11:50 65024 ----a-w- c:\windows\system32\OpenCL.dll
2015-12-06 22:57 . 2015-05-05 11:50 59392 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-12-06 22:57 . 2015-05-05 11:49 27494912 ----a-w- c:\windows\system32\amdocl12cl64.dll
2015-12-06 22:57 . 2015-05-05 11:15 865792 ----a-w- c:\windows\system32\coinst_15.20.dll
2015-12-06 22:57 . 2015-05-05 11:49 22289408 ----a-w- c:\windows\SysWow64\amdocl12cl.dll
2015-12-06 22:57 . 2015-05-05 11:52 40794624 ----a-w- c:\windows\system32\amdocl64.dll
2015-12-02 23:22 . 2015-12-09 01:26 -------- d-----w- c:\users\Max\.jssc
2015-12-02 23:22 . 2015-12-09 01:26 -------- d-----w- c:\users\Max\AppData\Local\Arduino15
2015-12-02 23:22 . 2015-12-09 01:26 -------- d-----w- c:\users\Max\.oracle_jre_usage
2015-11-21 23:59 . 2015-12-09 01:51 -------- d-----w- c:\program files\Dassault Systemes
2015-11-21 23:43 . 2015-12-09 01:27 -------- d-----w- c:\users\Max\AppData\Roaming\DassaultSystemes
2015-11-21 23:43 . 2015-12-09 01:27 -------- d-----w- c:\users\Max\AppData\Local\DassaultSystemes
2015-11-21 23:43 . 2015-12-09 01:26 -------- d-----w- c:\programdata\DassaultSystemes
2015-11-12 00:29 . 2015-12-09 01:51 -------- d-----w- C:\LGMobileUpgrade
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-09 02:03 . 2010-12-30 00:32 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-11-16 20:53 . 2012-08-28 18:42 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-16 20:53 . 2012-08-28 18:42 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-29 17:50 . 2015-11-10 19:36 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-10-29 17:50 . 2015-11-10 19:36 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-10-29 17:50 . 2015-11-10 19:36 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-10 19:36 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-10 19:36 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-10 19:36 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-10-29 17:50 . 2015-11-10 19:36 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50 . 2015-11-10 19:36 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-10-29 17:50 . 2015-11-10 19:36 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-10-29 17:49 . 2015-11-10 19:36 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-10-29 17:49 . 2015-11-10 19:36 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-10 19:36 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-10 19:36 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-10 19:36 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:49 . 2015-11-10 19:36 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-10-29 17:39 . 2015-11-10 19:36 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 01:12 . 2015-11-10 19:36 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 01:12 . 2015-11-10 19:36 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-10-20 01:12 . 2015-11-10 19:36 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 01:09 . 2015-11-10 19:36 1730496 ----a-w- c:\windows\system32\ntdll.dll
2015-10-20 01:06 . 2015-11-10 19:36 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-20 01:06 . 2015-11-10 19:36 243712 ----a-w- c:\windows\system32\wow64.dll
2015-10-20 01:06 . 2015-11-10 19:36 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-10-20 01:06 . 2015-11-10 19:36 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-10-20 01:05 . 2015-11-10 19:36 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-10-20 01:05 . 2015-11-10 19:36 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-10-20 01:05 . 2015-11-10 19:36 503808 ----a-w- c:\windows\system32\srcore.dll
2015-10-20 01:05 . 2015-11-10 19:36 50176 ----a-w- c:\windows\system32\srclient.dll
2015-10-20 01:05 . 2015-11-10 19:36 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-10-20 01:05 . 2015-11-10 19:36 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-10-20 01:05 . 2015-11-10 19:36 28160 ----a-w- c:\windows\system32\secur32.dll
2015-10-20 01:05 . 2015-11-10 19:36 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 01:05 . 2015-11-10 19:36 1216512 ----a-w- c:\windows\system32\rpcrt4.dll
2015-10-20 01:05 . 2015-11-10 19:36 312320 ----a-w- c:\windows\system32\ncrypt.dll
2015-10-20 01:05 . 2015-11-10 19:36 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-10-20 01:05 . 2015-11-10 19:36 315392 ----a-w- c:\windows\system32\msv1_0.dll
2015-10-20 01:05 . 2015-11-10 19:36 729600 ----a-w- c:\windows\system32\kerberos.dll
2015-10-20 01:05 . 2015-11-10 19:36 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-10-20 01:05 . 2015-11-10 19:36 1164800 ----a-w- c:\windows\system32\kernel32.dll
2015-10-20 01:05 . 2015-11-10 19:36 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-10-20 01:05 . 2015-11-10 19:36 44032 ----a-w- c:\windows\system32\cryptbase.dll
2015-10-20 01:05 . 2015-11-10 19:36 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-10-20 01:05 . 2015-11-10 19:36 22016 ----a-w- c:\windows\system32\credssp.dll
2015-10-20 01:05 . 2015-11-10 19:36 112640 ----a-w- c:\windows\system32\smss.exe
2015-10-20 01:05 . 2015-11-10 19:36 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-10-20 01:04 . 2015-11-10 19:36 31232 ----a-w- c:\windows\system32\lsass.exe
2015-10-20 01:04 . 2015-11-10 19:36 338432 ----a-w- c:\windows\system32\conhost.exe
2015-10-20 01:04 . 2015-11-10 19:36 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-10-20 01:00 . 2015-11-10 19:36 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-10-20 00:59 . 2015-11-10 19:36 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-10-20 00:53 . 2015-11-10 19:36 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-10-20 00:53 . 2015-11-10 19:36 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-20 00:53 . 2015-11-10 19:36 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-20 00:52 . 2015-11-10 19:36 3991488 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52 . 2015-11-10 19:36 3935680 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48 . 2015-11-10 19:36 1311768 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-10-20 00:45 . 2015-11-10 19:36 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-10-20 00:45 . 2015-11-10 19:36 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-10-20 00:45 . 2015-11-10 19:36 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-10-20 00:45 . 2015-11-10 19:36 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-10 19:36 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-10-20 00:45 . 2015-11-10 19:36 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-10-20 00:45 . 2015-11-10 19:36 223232 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-10-20 00:45 . 2015-11-10 19:36 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-10-20 00:45 . 2015-11-10 19:36 552960 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-10-20 00:45 . 2015-11-10 19:36 36864 ----a-w- c:\windows\SysWow64\cryptbase.dll
2015-10-20 00:45 . 2015-11-10 19:36 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-10-20 00:45 . 2015-11-10 19:36 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-10-20 00:45 . 2015-11-10 19:36 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-10-20 00:44 . 2015-11-10 19:36 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
2014-03-07 09:03 3109520 --sha-r- c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03 98960 --sha-r- c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03 550032 --sha-r- c:\windows\SysWOW64\avformat-lav-55.dll
2009-09-27 07:39 415744 --sh--w- c:\windows\SysWOW64\avisynth.dll
2014-03-07 09:03 59536 --sha-r- c:\windows\SysWOW64\avresample-lav-1.dll
2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
2014-03-07 09:03 181392 --sha-r- c:\windows\SysWOW64\avutil-lav-52.dll
2004-02-22 08:11 764416 --sh--w- c:\windows\SysWOW64\devil.dll
2014-03-07 09:03 122512 --sha-r- c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03 203408 --sha-r- c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03 313520 --sha-r- c:\windows\SysWOW64\HLvideo.dll
2014-03-07 09:03 166544 --sha-r- c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03 109712 --sha-r- c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26 112128 --sha-r- c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03 118416 --sha-r- c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54 188416 --sha-r- c:\windows\SysWOW64\winDCE32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\program files (x86)\Steam\steam.exe" [2015-11-10 3011152]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-07-28 53655680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-14 307200]
"VirtualCloneDrive"="d:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"LogMeIn Hamachi Ui"="d:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-05-06 3037296]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"QuickTime Task"="d:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2015-07-24 975248]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-07-28 53655680]
.
c:\users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
how_recover+tsq.html [2015-12-9 9620]
how_recover+tsq.txt [2015-12-9 2787]
.
c:\users\Der andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
how_recover+tsq.html [2015-12-9 9620]
how_recover+tsq.txt [2015-12-9 2787]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
how_recover+tsq.html [2015-12-9 9620]
how_recover+tsq.txt [2015-12-9 2787]
Rainmeter.lnk - d:\program files\Rainmeter\Rainmeter.exe [2011-2-6 100352]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-10-14 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R1 acedrv06;acedrv06;c:\windows\system32\drivers\acedrv06.sys;c:\windows\SYSNATIVE\drivers\acedrv06.sys [x]
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 Ray;Ray;c:\program files\Dassault Systemes\PhotoStudioSatellite\B19\rayserver.exe;c:\program files\Dassault Systemes\PhotoStudioSatellite\B19\rayserver.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandmodem64.sys [x]
R3 AndNetDiag;LG AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 AndNetGps;LG AndroidNet USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandnetgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetgps64.sys [x]
R3 ANDNetModem;LG AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LG AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys;c:\windows\SYSNATIVE\Drivers\lgandadb.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dump_wmimmc;dump_wmimmc;d:\gpotato.eu\Dragonica\Release\GameGuard\dump_wmimmc.sys;d:\gpotato.eu\Dragonica\Release\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
R3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;d:\program files\Rainmeter\Plugins\OHM\OpenHardwareMonitor\OpenHardwareMonitor.sys;d:\program files\Rainmeter\Plugins\OHM\OpenHardwareMonitor\OpenHardwareMonitor.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R3 X6va003;X6va003;c:\users\Max\AppData\Local\Temp\0031BAB.tmp;c:\users\Max\AppData\Local\Temp\0031BAB.tmp [x]
R3 X6va005;X6va005;c:\users\Max\AppData\Local\Temp\00513D1.tmp;c:\users\Max\AppData\Local\Temp\00513D1.tmp [x]
R3 X6va006;X6va006;c:\users\Max\AppData\Local\Temp\0061F5.tmp;c:\users\Max\AppData\Local\Temp\0061F5.tmp [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S0 FSProFilter2;FSPro File Filter 2;c:\windows\System32\Drivers\FSPFltd2.sys;c:\windows\SYSNATIVE\Drivers\FSPFltd2.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 epp;epp;c:\program files\EMSISOFT ANTI-MALWARE\epp.sys;c:\program files\EMSISOFT ANTI-MALWARE\epp.sys [x]
S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys;c:\windows\SYSNATIVE\drivers\LUMDriver.sys [x]
S2 a2AntiMalware;Emsisoft Protection Service;c:\program files\Emsisoft Anti-Malware\a2service.exe;c:\program files\Emsisoft Anti-Malware\a2service.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x]
S2 amdacpusrsvc;ACP User Service;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Apache2.4;Apache2.4;c:\xampp\apache\bin\httpd.exe;c:\xampp\apache\bin\httpd.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe;c:\asus.sys\config\DVMExportService.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-12 22:16 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-12-08 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2526639427-3945621885-3107009088-1001Core.job
- c:\users\Max\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-29 08:35]
.
2015-12-11 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2526639427-3945621885-3107009088-1001UA.job
- c:\users\Max\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-29 08:35]
.
2015-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-28 01:04]
.
2015-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-28 01:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-10-14 12697368]
"emsisoft anti-malware"="c:\program files\emsisoft anti-malware\a2guard.exe" [2015-11-21 9135984]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Der andere\AppData\Roaming\Mozilla\Firefox\Profiles\rqtg5b5v.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
ShellIconOverlayIdentifiers-{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
ShellIconOverlayIdentifiers-{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
ShellIconOverlayIdentifiers-{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
ShellIconOverlayIdentifiers-{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-LEGO Racers - c:\windows\IsUn0407.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
AddRemove-WTTLIA - c:\windows\IsUn0407.exe
AddRemove-UnityWebPlayer - c:\users\Der andere\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\Max\AppData\Local\Temp\0031BAB.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Max\AppData\Local\Temp\00513D1.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\Max\AppData\Local\Temp\0061F5.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va013]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Drive\shellex\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}]
@Denied: (C D 2 3 6) (CreatorAuthority-4)
@Denied: (C D 2 3 6) (Everyone)
@SACL=(02 0001)
@Ace=(0x11) (1 3) (S-1-16-12288)
"DriveMask"=dword:ffffffff
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-12-11 04:52:28
ComboFix-quarantined-files.txt 2015-12-11 03:52
.
Vor Suchlauf: 1.177.616.384 Bytes frei
Nach Suchlauf: 1.354.137.600 Bytes frei
.
- - End Of File - - 8538702A82F5CD672DAE69CA47FC7F83
A36C5E4F47E84449FF07ED3517B43A31
Geändert von Halcon (11.12.2015 um 05:05 Uhr) |
|
11.12.2015, 09:39
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Neuer TeslaCrypt typ unter Win 7 Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.12.2015, 23:20
| #21 |
| | Neuer TeslaCrypt typ unter Win 7 So hatte endlich die Möglichkeit die Programme durchlaufen zu lassen, hier sind die Logs: Adware Code:
ATTFilter # AdwCleaner v5.024 - Bericht erstellt am 11/12/2015 um 22:46:32
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Der andere - MAX-PC
# Gestartet von : C:\Users\Der andere\Desktop\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files\Babylon
[-] Ordner Gelöscht : C:\Program Files (x86)\FreeRIP3
[-] Ordner Gelöscht : C:\ProgramData\FreeRIP
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRIP3
[-] Ordner Gelöscht : C:\Users\Max\AppData\Local\Ilivid Player
[-] Ordner Gelöscht : C:\Users\Max\AppData\Local\28050
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\MGShareware
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2469 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Der andere (Administrator) on 11.12.2015 at 22:55:53,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.12.2015 at 23:04:34,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
12.12.2015, 00:17
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Neuer TeslaCrypt typ unter Win 7 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.12.2015, 00:23
| #23 |
| | Neuer TeslaCrypt typ unter Win 7 War leider unmöglich da das File zu groß frür einen Post ist (140000+ Zeichen). |
|
12.12.2015, 00:23
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Neuer TeslaCrypt typ unter Win 7 Vllt liest du einfach mal den Lesestoff richtig 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.12.2015, 00:44
| #25 |
| | Neuer TeslaCrypt typ unter Win 7 Hier ist der Addition Log: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-12-2015
durchgeführt von Der andere (2015-12-12 00:41:06)
Gestartet von F:\Malewarekram
Windows 7 Home Premium Service Pack 1 (X64) (2010-12-27 20:42:01)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2526639427-3945621885-3107009088-500 - Administrator - Disabled)
Der andere (S-1-5-21-2526639427-3945621885-3107009088-1003 - Administrator - Enabled) => C:\Users\Der andere
Gast (S-1-5-21-2526639427-3945621885-3107009088-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2526639427-3945621885-3107009088-1015 - Limited - Enabled)
Max (S-1-5-21-2526639427-3945621885-3107009088-1001 - Administrator - Enabled) => C:\Users\Max
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Emsisoft Anti-Malware (Enabled - Out of date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AS: Emsisoft Anti-Malware (Enabled - Out of date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2.15.20.0015 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{41501415-D0BC-4692-88C6-D401DDFEAA0E}) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{8F62BC70-DBB4-802D-1E1E-13630D9BA4D2}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
American McGee's Alice(tm) (HKLM-x32\...\{77B5AD60-8F14-11D4-9BC9-0050041A1090}) (Version: - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (x32 Version: 2.0.4331.36041 - Ihr Firmenname) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.6 - Arduino LLC)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassins Creed Revelations (HKLM-x32\...\Assassins Creed: Revelations Rip_is1) (Version: 1.0.0 - )
ASUS PC Link (HKLM-x32\...\{52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1) (Version: 2.2.29.727 - ASUSTEK)
ATI Catalyst Registration (x32 Version: 2.01.0000 - ATI Technologies Inc.) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1462 - DsNET Corp)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
BulletStorm (x32 Version: 1.0.0001.130 - EA) Hidden
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{1CDC8E7D-CDFC-4C2B-A080-23D943354625}) (Version: 1.1.0.0 - Electronic Arts)
C9 (HKLM-x32\...\Steam App 212390) (Version: - Cloud 9 Studio)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{6FB99D3F-4018-46B9-86C3-8D508FAAEF21}) (Version: 4.1.04011 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.04011 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.1.04011 - Cisco Systems, Inc.) Hidden
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - )
Cloudbuilt (HKLM-x32\...\Cloudbuilt_is1) (Version: - )
Combined Community Codec Pack 2011-07-30 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.07.30.0 - CCCP Project)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Darkstar One (HKLM-x32\...\Darkstar One_is1) (Version: - )
Dassault Systemes Software B19 (HKLM\...\Dassault Systemes B19_0) (Version: - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.941.0 - Electronic Arts)
Defense Grid: The Awakening (HKLM-x32\...\{0D5FAD7E-C1A2-4753-8A28-346A5CD42813}) (Version: 1.0.0 - Hidden Path Entertainment)
Deponia (HKLM-x32\...\Deponia) (Version: 1.0 - Daedalic Entertainment)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dont Starve Reign of Giants (HKLM-x32\...\Dont Starve Reign of Giants_is1) (Version: - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Edna Bricht Aus - Sammler Edition (HKLM-x32\...\EdnaSE) (Version: 1.0 - Daedalic Entertainment)
Eldritch (HKLM-x32\...\Steam App 252630) (Version: - Minor Key Games)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
Enemy Territory - QUAKE Wars(TM) (HKLM-x32\...\InstallShield_{B7A585C8-CE4E-4150-84C6-A13C3CB1379F}) (Version: 1.0 - Activision)
Enemy Territory - QUAKE Wars(TM) (x32 Version: 1.0 - Activision) Hidden
Epic Games Launcher (HKLM\...\{03027486-9D54-4DE3-BF0F-9DEDB622D7CE}) (Version: 1.1.36.0 - Epic Games, Inc.)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Evil Player v1.31 (HKLM-x32\...\Evil Player) (Version: - )
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FlatOut2 (HKLM-x32\...\{7E641E46-81DB-4D1D-906A-48342523051C}) (Version: 1.00.0000 - Ihr Firmenname)
FM Screen Capture Codec (Remove Only) (HKLM-x32\...\FMCODEC) (Version: - )
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
FreeRIP v3.61 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 3.61 - MGShareware)
GLtron version 0.70 (HKLM-x32\...\GLtron_is1) (Version: - )
God Mode (HKLM-x32\...\Steam App 227480) (Version: - Old School Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guacamelee (Remove Only) (HKLM-x32\...\Guacamelee) (Version: - )
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games)
Hard Reset (HKLM-x32\...\Hard Reset_is1) (Version: - )
Harveys Neue Augen Demo (HKLM-x32\...\Harvey) (Version: 1.0 - Daedalic Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version: - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Heroes of the Storm Public Test (HKLM-x32\...\Heroes of the Storm Public Test) (Version: - Blizzard Entertainment)
Homeworld Collection (HKLM-x32\...\{08BEE6B4-DC3A-478D-877E-532D2E4D4C28}_is1) (Version: 1.0 - Sierra)
Hotline Miami (HKLM-x32\...\1207659118_is1) (Version: 2.2.0.8 - GOG.com)
HydraIRC (HKLM-x32\...\HydraIRC) (Version: 0.3.165 - Hydra Productions)
Icecream Ebook Reader Version 1.59 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 1.59 - Icecream Apps)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.28 - Irfan Skiljan)
IZArc 3.81 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 3.81 Build 1550 - Ivan Zahariev)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
JDownloader (HKLM-x32\...\JDownloader) (Version: - AppWork UG (haftungsbeschränkt))
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version: - Crystal Dynamics)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Racers (HKLM-x32\...\LEGO Racers) (Version: - )
LG SP USB Driver (HKLM-x32\...\{E2AE8456-CCFE-46C0-8629-71CC507660FC}) (Version: 1.0 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
LG USB WML Modem Driver (HKLM-x32\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.124 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.124 - LogMeIn, Inc.) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Magrunner - Dark Pulse (HKLM-x32\...\1207659236_is1) (Version: 2.1.0.9 - GOG.com)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-9fda310a-1c8c-4b2d-81e8-525917ad4ed7) (Version: - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-e4c77dd1-adb2-43ca-b540-e1029c149332) (Version: - Epic Games, Inc.)
My Lockbox 3.2.1 (HKLM\...\My Lockbox_is1) (Version: 3.2.1 - )
MySQL Connector/ODBC 5.1 (HKLM-x32\...\{29042B1C-0713-4575-B7CA-5C8E7B0899D4}) (Version: 5.1.5 - MySQL AB)
Neodrome Version 1.1 (HKLM-x32\...\{41144EC9-C6C0-4007-AF7A-D72655C66692}_is1) (Version: 1.1 - Happy Hole Studios)
Nobilis (HKLM-x32\...\{74B82D0B-296F-42E0-9FB4-6F3D783F0C70}_is1) (Version: - Nobilis)
Nordschlacht Launcher 1.1 (HKLM-x32\...\{46B34A3B-DC6E-43DC-9746-1D2C93C242EC}}_is1) (Version: - Nordschlacht.org)
Nordschlacht Launcher 1.1 (HKLM-x32\...\{56D18860-C802-4158-A7BC-C8C1CDB84484}}_is1) (Version: - Nordschlacht.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{911f56e8-ffb7-499b-94bf-6dbcd5c408fc}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Painkiller (HKLM-x32\...\Painkiller) (Version: - )
ParaWorld (HKLM-x32\...\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}) (Version: 1.00 - Sunflowers)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Prey (HKLM-x32\...\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}) (Version: 1.0 - Human Head Studios)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: - )
Rayman 3 (HKLM-x32\...\Rayman 3_is1) (Version: - GOG.com)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
Recettear: An Item Shop's Tale - Demo (HKLM-x32\...\Steam App 70410) (Version: - EasyGameStation)
Red Eclipse 1.4 (HKLM-x32\...\Red Eclipse) (Version: - )
Retro/Grade (HKLM-x32\...\Steam App 222660) (Version: - 24 Caret Games)
S4 League_EU (HKLM-x32\...\{887E390F-1283-418D-99A5-64F6FF884408}) (Version: 1.00.0000 - )
Scarygirl (HKLM-x32\...\Scarygirl_is1) (Version: - )
Secunia PSI (2.0.0.4003) (HKLM-x32\...\Secunia PSI) (Version: 2.0.0.4003 - Secunia)
Serious Sam The First Encounter (HKLM-x32\...\GOGPACKSERIOUSSAM1_is1) (Version: 2.0.0.10 - GOG.com)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House)
Space Hack (HKLM-x32\...\Steam App 315260) (Version: - Rebelmind)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version: - Lag Studios)
Star Realms version 1.04 (HKLM-x32\...\{F4DEB22F-AC61-4111-89B2-CF434A2BABFB}_is1) (Version: 1.04 - White Wizard Games)
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{0D994CC5-819F-4657-84DD-397B8FE1EA80}) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Starseed Pilgrim (HKLM-x32\...\Steam App 230980) (Version: - Droqen)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
STRIDER (HKLM-x32\...\U1RSSURFUg==_is1) (Version: 1 - )
SUPER © v2014.build.62+Recorder (2014/09/21) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8649-4DE7-5C06C90719A4}_is1) (Version: v2014.build.62+Recorder - eRightSoft)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version: - Gas Powered Games)
Tales from Space: Mutant Blobs Attack (HKLM-x32\...\Steam App 206370) (Version: - DrinkBox Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects)
TERA (HKLM-x32\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
TimeLeft (HKLM-x32\...\TIMELEFT3_is1) (Version: 3.54 - NesterSoft Inc.)
Tormentum - Dark Sorrow Demo (HKLM-x32\...\Steam App 347680) (Version: - OhNoo Studio)
Tower of Guns (HKLM-x32\...\1207660863_is1) (Version: 2.2.0.12 - GOG.com)
TuxGuitar 1.2 (HKLM-x32\...\TuxGuitar_0) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
UnLock Root Pro 3.36 (HKLM-x32\...\UnLock Root Pro) (Version: 3.36 - Unlcokroot)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-41790409-9a42-44be-a771-830d45592c10) (Version: - Epic Games, Inc.)
Unreal Gold (HKLM-x32\...\Unreal Gold_is1) (Version: - GOG.com)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Basic 5.0 (HKLM-x32\...\ST5UNST #1) (Version: - )
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Wettlauf ins All (HKLM-x32\...\WTTLIA) (Version: - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version: - Noble Empire Corp.)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
YGOPro DevPro Version 1.9.9 r0 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.9 r0 - YGOPro DevPro Online)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-12-11 04:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {37FC4F22-B605-4A50-9298-BE54CE2927C5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2526639427-3945621885-3107009088-1001Core => C:\Users\Max\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-29] (Dropbox, Inc.)
Task: {3B92D2DB-1E53-4835-84BD-26D89CFDD023} - System32\Tasks\Open Hardware Monitor\Startup => D:\Program Files\Rainmeter\Plugins\OHM\OpenHardwareMonitor\OpenHardwareMonitor.exe [2014-12-30] ()
Task: {4F74508C-AD19-4602-B997-141ECBFF346D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5DD02F36-D31B-47AC-AB04-20D44BD57334} - System32\Tasks\elbyExecuteWithUAC => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2008-06-27] ()
Task: {76ED90C3-4776-4F66-931F-6E08F880EB01} - System32\Tasks\{F001298C-9DAD-4B8B-BE72-701E21B1AB48} => pcalua.exe -a C:\Users\Max\AppData\Local\Temp\instructions.exe -d C:\Users\Max\Desktop -c C:\Users\Max\AppData\Local\Temp/instructions.exe /PID=2205 /SUBPID=0 /DISTID=11119 /VM=2 /NETWORDK=1 /CID=0 /PRODUCT_ID=10560 /RETURNING_USER_DAYS=2 /SERVER_URL=hxxp://installer.ppdownload.com
Task: {89C76FF4-D31A-4481-8CC4-B98A74DC0CB9} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [2009-10-01] (Microsoft Corporation)
Task: {97C4A2D1-0785-4325-8EF4-1ACA24D6A626} - System32\Tasks\{7A32B782-4B47-4752-9EA5-2C7C947D91CD} => pcalua.exe -a H:\Setup.EXE -d H:\
Task: {9B9E315C-7383-423C-BFB2-FC31CA856A66} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {A4591829-E5A7-4471-A0A0-4B6414A3F7D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A907074A-CB98-4A57-8C4C-B96AAD3EE0DA} - System32\Tasks\{192AD879-573A-4416-971B-422490B292BE} => pcalua.exe -a H:\setup.exe -d H:\
Task: {CE56B867-B136-4D45-8C5B-6A9FD8E27777} - System32\Tasks\{979DF516-545E-42A6-B27F-6616C2384867} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-07-28] (Skype Technologies S.A.)
Task: {D947101A-0202-44A5-8B3A-0636DAEEC206} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2526639427-3945621885-3107009088-1001UA => C:\Users\Max\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-29] (Dropbox, Inc.)
Task: {E1FAD99E-E378-4082-BBF1-66B6EBA41E47} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {F0C0865C-1187-459E-ABCA-43DE4B57C120} - System32\Tasks\{342E7A17-D48D-461C-BECE-43F1932DCC51} => pcalua.exe -a "D:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/216690
Task: {F9461692-BD27-4357-AEE7-FC82288D4D8C} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2526639427-3945621885-3107009088-1001Core.job => C:\Users\Max\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2526639427-3945621885-3107009088-1001UA.job => C:\Users\Max\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-03 23:25 - 2015-08-03 23:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2011-02-06 21:06 - 2011-02-06 21:06 - 00100352 _____ () D:\Program Files\Rainmeter\Rainmeter.exe
2011-02-06 21:06 - 2011-02-06 21:06 - 00727552 _____ () D:\Program Files\Rainmeter\Rainmeter.dll
2011-02-06 21:09 - 2011-02-06 21:09 - 00205824 _____ () D:\Program Files\Rainmeter\Plugins\WebParser.dll
2011-02-05 19:31 - 2011-02-05 19:31 - 00026112 _____ () D:\Program Files\Rainmeter\Plugins\InputText.dll
2011-02-06 21:08 - 2011-02-06 21:08 - 00037888 _____ () D:\Program Files\Rainmeter\Plugins\RecycleManager.dll
2011-08-26 00:09 - 2011-05-06 13:12 - 00078448 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2011-08-26 00:09 - 2011-05-06 13:12 - 00386160 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2011-08-26 00:09 - 2011-05-06 13:12 - 00621168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2011-01-01 15:11 - 2014-09-24 20:43 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2002-10-11 12:30 - 2002-10-11 12:30 - 00069632 _____ () C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B19\rayserver.exe
2015-07-24 13:34 - 2015-07-24 13:34 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-01-03 18:16 - 2014-07-17 12:18 - 00219648 _____ () C:\xampp\apache\bin\pcre.dll
2015-01-03 18:18 - 2014-11-13 02:41 - 00127488 _____ () C:\xampp\php\libpq.dll
2015-01-03 18:16 - 2014-11-13 02:41 - 00117760 _____ () C:\xampp\apache\bin\libssh2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2526639427-3945621885-3107009088-1003\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2526639427-3945621885-3107009088-1003\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2526639427-3945621885-3107009088-1003\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2526639427-3945621885-3107009088-1003\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2526639427-3945621885-3107009088-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Der andere\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{CE6285FE-BEE0-45C1-B40F-E2A115783B30}] => (Allow) LPort=3724
FirewallRules: [{0DCE6E96-B57A-49DF-A339-E030E0D8F17E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D602DD7B-42FA-4F8C-9CF7-58E7949497A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{94EA0655-3967-4BC2-8AB5-A792ED372292}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DF6D9DD5-4B98-42E3-A27B-C015EC914057}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{BE2808E1-A871-44B7-AE66-4CAA7853BAFA}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{36258B52-235C-42BE-B33F-3AEC7CB04813}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{A8D5451D-F4E1-42E0-A94E-E46342F67321}] => (Block) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{476A9E31-4F36-4A4B-951C-2AF2E246B4CB}] => (Block) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{9BC160FF-4C58-4A5F-8509-A61F52193A67}] => (Allow) LPort=8396
FirewallRules: [{F6025FFE-CFA9-4E62-8F47-152405F549C1}] => (Allow) LPort=8396
FirewallRules: [{0977A85F-E7C0-4EDD-BA74-C82B2BF61D73}] => (Allow) LPort=6975
FirewallRules: [{39939715-8BB8-4FAF-A047-7CE749033C16}] => (Allow) LPort=6975
FirewallRules: [{46123140-AF3A-40C9-B24F-9994380B4FF0}] => (Allow) LPort=6957
FirewallRules: [{D861D27A-9ABE-4C36-A00A-16A9DBC2CE26}] => (Allow) LPort=6957
FirewallRules: [TCP Query User{1EFEBB66-4E33-4721-BBD1-1C89061A5788}D:\program files (x86)\atube catcher\yct.exe] => (Allow) D:\program files (x86)\atube catcher\yct.exe
FirewallRules: [UDP Query User{B4E52AC5-CEF1-4139-8B24-95CD82A3380E}D:\program files (x86)\atube catcher\yct.exe] => (Allow) D:\program files (x86)\atube catcher\yct.exe
FirewallRules: [TCP Query User{E33D1EA5-38F8-49DA-9AB3-C1C4B519D1B4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{381A45E3-DC84-4982-8EDE-C897BB9D28DB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{1E867950-C907-4C8A-8241-DA2CAB876DA0}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{75864303-D9E8-47BF-8E57-AA5C7274EEB6}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{D4F0E11F-3C46-46D3-8B17-66863F0BD2E8}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [UDP Query User{FC778E60-48A4-4EA0-ACE9-ABA80318953E}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [TCP Query User{EE7E9E96-DF49-41AB-85FE-6E38609033D0}D:\program files (x86)\ea games\american mcgee's alice\alice.exe] => (Allow) D:\program files (x86)\ea games\american mcgee's alice\alice.exe
FirewallRules: [UDP Query User{017215F1-8E34-4D2C-B033-7CC6F58B2CB1}D:\program files (x86)\ea games\american mcgee's alice\alice.exe] => (Allow) D:\program files (x86)\ea games\american mcgee's alice\alice.exe
FirewallRules: [TCP Query User{15F22487-D212-4B28-85E3-0B268ED346C7}D:\program files (x86)\steam\steamapps\halcon1337\team fortress 2\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\halcon1337\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{C4B96C9A-896F-4C3B-90D8-397ABC81D68E}D:\program files (x86)\steam\steamapps\halcon1337\team fortress 2\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\halcon1337\team fortress 2\hl2.exe
FirewallRules: [{802D1E80-3437-43D5-8E12-4CF98E19577F}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [{391156DD-F7E6-4CEE-AB94-2BD4B6009FB2}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
FirewallRules: [TCP Query User{50DA63BF-A865-40AA-B142-E5292254B2D7}D:\programme (x86)\terraria\terrariaserver.exe] => (Allow) D:\programme (x86)\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{540225CC-5E37-43FB-859E-527E27D06EEB}D:\programme (x86)\terraria\terrariaserver.exe] => (Allow) D:\programme (x86)\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{E1C124BD-1767-4886-AB9B-4C2C5F3907B3}D:\programme (x86)\terraria\terraria.exe] => (Allow) D:\programme (x86)\terraria\terraria.exe
FirewallRules: [UDP Query User{9622C04C-A6BF-40FE-8EB6-9B2451B10678}D:\programme (x86)\terraria\terraria.exe] => (Allow) D:\programme (x86)\terraria\terraria.exe
FirewallRules: [{B65FD38E-7CEF-4525-BBB4-639B03859686}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CB39EDC8-F1BF-4F38-9CA9-30098001F2CD}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C76A2C59-65DA-4868-899A-862251F41401}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{90BA1D02-CF77-4057-99BA-BC9FB225D3FD}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{970F5E1E-D74A-4CB6-909B-AFB2BAF78D47}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{FE249014-95A5-473A-A11F-458A0B9F1240}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{DBA68677-609E-4412-854B-D0B942D74AC2}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{8FD73DC4-5BA1-40DE-B126-F7272983A599}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{8E65745C-0B0C-4DF9-BAB1-9B3031198AB6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\recettear - demo\recettear.exe
FirewallRules: [{D1BB3CC4-BE82-4207-9E81-D16BA3BE25D4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\recettear - demo\recettear.exe
FirewallRules: [{042ACB2B-2B4A-433B-A875-4A6485674127}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\recettear - demo\custom.exe
FirewallRules: [{89757725-1BAC-4EF1-9E72-C5681A3E9CF4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\recettear - demo\custom.exe
FirewallRules: [{AA693526-0983-44BA-A9D6-CA036DF9D46E}] => (Allow) C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F1D71DCE-6614-4FD6-842A-AFC45DD1B6F6}] => (Allow) C:\Users\Max\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{09BD9821-B5B3-4B0C-B961-6890B228F879}] => (Allow) D:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{5E50E201-8C16-40EA-86DA-5BCBDF83E853}] => (Allow) D:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{0A32AD52-6A9A-4732-B2DE-AFC162C412E8}] => (Allow) D:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{7ABB32CE-B967-4096-BA1E-898F29CA40BD}] => (Allow) D:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{604843A9-D0DC-493A-ACB8-F153A5B1E10F}] => (Allow) D:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{5ED42186-9E34-4F48-B848-070D57F9A078}] => (Allow) D:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{AE44825F-DCE5-49DC-AE5C-AD3C7A2B1478}] => (Allow) D:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{A4AA989D-7653-4EAE-AB1A-ED6AF057F40B}] => (Allow) D:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{F6E5B166-9628-48B8-BE22-4C559E6CCA79}] => (Allow) C:\Users\Max\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75CDA20D-BB77-4E12-8953-E304AB0661F5}] => (Allow) C:\Users\Max\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3071D2DF-F8CB-4DD1-94C4-EDBC18B98B46}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4925E332-0785-4EB9-ABC0-F0F7462B9933}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{B629F476-1B4F-4CAB-B250-ADF0D07AF8E2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{8604A0FF-B0BF-43E4-AD51-490A4C9402AB}] => (Allow) C:\Users\Max\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EEE982B6-1302-484B-85D4-FE3AE6F4C3F5}] => (Allow) C:\Users\Max\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7B7C7D65-2EB3-474C-8CB1-2A7A262E9982}] => (Allow) D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{FCFC537D-FC08-4F2E-8556-30160BE7794D}] => (Allow) D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{D061418A-5BA5-4B4A-B904-D32B0CF1DB33}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{2EA4AEE9-3EFD-449A-BAB7-1E2D4B9D7D0D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{6216A791-BC11-49F3-8D74-1116BFD8F62C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{8A44BF14-D540-4E90-B707-68E205BA0123}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\RetroGrade\RetroGrade.exe
FirewallRules: [{4FF0CBB8-E2B5-4505-8659-E6E2A2C4CC8B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\RetroGrade\RetroGrade.exe
FirewallRules: [{BB3242CE-AA6F-4C0D-BE6E-4E6D7F054140}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{12DB88CD-FED0-4B33-946E-D026EB4B9671}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{58694D16-11C5-41E9-91D5-A3B464EAE25B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{600513CF-4745-4D6A-982B-A13F82A4E0D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{09A2103E-8294-4BC6-B09D-6BA3BF53A993}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6965122D-B6EC-4E9B-AA05-CA6C3896B5DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9FEDA6F1-80EF-43AE-B35A-A550DBCBF9AB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C2F790C5-8EEA-4C6C-8F88-BEBA216AEFF9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{669C95DD-3611-4A40-A3A2-229FEC0BC026}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{8F5A5AF0-AA79-4659-BD11-59F10EAF7ABA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{E29956CB-7D48-4348-9101-AE0F780BC2E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C68ECAA6-709B-44CE-939D-0BEB4D91B089}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7A53A0F4-C76C-4F1D-8049-39953F88761C}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{A0906599-3456-472E-AA08-0E9C16BDDB64}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{11565244-0F08-41E9-B754-8AFEF035EBB7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EDA9FF3E-C784-48BD-A2A7-E29F58EFBA64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C1CAEDAC-F07E-4238-8F70-F94E8FBA663B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3C682C85-781F-443B-BBE5-125001650FB6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ED131568-1EB5-49FD-BB7B-8EED4BCB5CDD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tormentum Demo\TormentumDemo.exe
FirewallRules: [{3D0B77C3-4C38-4EAE-9A62-10EAE4E349FA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tormentum Demo\TormentumDemo.exe
FirewallRules: [{810B9A27-F3CF-4393-9351-EC1FFF59CE5A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{14B434C0-8845-4CE3-81FC-E5F82694A276}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Lara Croft and the Guardian of Light\lcgol.exe
FirewallRules: [{018A55C2-6BD1-4314-B92E-1949FE0606ED}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Supreme Commander 2\bin\SupremeCommander2.exe
FirewallRules: [{7938B756-880F-4BCD-88F9-AAA4A35358AB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Supreme Commander 2\bin\SupremeCommander2.exe
FirewallRules: [{471A3D96-3732-49C3-B647-DE7FA8CB67D8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{F79DE6D5-E0E3-49D7-979A-2EF371B2CFA2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{5F422EEC-E949-42CC-ADDF-DFFE5625AD9F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{576D39E0-B8E5-4A02-B0F1-033B67FCA05A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{F89BB6EE-901F-4EB2-A571-41BB766B535A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{FD06CA39-C803-4FA5-8984-28482A3C66ED}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{853051AE-C6C7-49CA-80B1-65EE54B3D56D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TeleglitchDME\Teleglitch.exe
FirewallRules: [{F4A3403D-3905-4043-AB6C-C391017CA365}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TeleglitchDME\Teleglitch.exe
FirewallRules: [{58D7D53A-598E-480E-954B-7F614EA3B3D8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Space Hack\main.exe
FirewallRules: [{6C1CDC30-93DC-40F0-97A4-A43C49830792}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Space Hack\main.exe
FirewallRules: [{609BB7CE-EF61-4268-B7C5-897B37D7AD40}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{F8A86EF9-D323-4F68-972C-1ADF8A55BEE5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe
FirewallRules: [{34A49FFC-7F00-4F56-898A-E0C2886377E7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Blood of the Werewolf\bin\Blood of the Werewolf.exe
FirewallRules: [{A108B143-1242-4CE4-9F49-987A8DBC1783}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Blood of the Werewolf\bin\Blood of the Werewolf.exe
FirewallRules: [{4A9186DE-8070-4826-A761-977627D42D34}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{EDC66754-CF6B-49E7-A887-F4FCDEAB9E4A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{F4C72534-E09E-4306-A54F-88EAB67DF9AC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{13E6BAE9-7928-4FD2-A4B2-F9F34200F793}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{1FCFAC9E-F6A6-4D19-B482-09F456514BE3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{BC7A3D2E-C65D-4515-8818-0C5691617D71}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Total War Attila\launcher\launcher.exe
FirewallRules: [{B44ADE41-0437-494E-A681-48985BD3FD97}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tales from Space Mutant Blobs Attack\Game.exe
FirewallRules: [{BF243FE8-F412-4A87-ACFC-011C6F4422DE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tales from Space Mutant Blobs Attack\Game.exe
FirewallRules: [{C1600BBD-9096-4195-8428-F2EECE0CC0CA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Starseed Pilgrim\Starseed Pilgrim.exe
FirewallRules: [{04A76FE9-AF81-4BFE-BD5D-D36C6B8EA3EC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Starseed Pilgrim\Starseed Pilgrim.exe
FirewallRules: [{95576463-5E7C-4E84-B459-E0440FCA47A7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{0441DE79-C6F5-451D-8975-9ACC56FCCAD3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{AB07EDD6-6F8C-4282-9C8F-1C9FD93C0864}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{5671EF3E-FEF8-44F1-B650-5733D3093826}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{54DC0A6B-E12A-4070-A2DE-65A8FA7DD309}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{402BCFE7-C211-460B-BDFB-59E2C75E3D43}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{D7E7F1C2-F24A-4951-A2BE-9D5E0E799146}] => (Allow) C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe
FirewallRules: [{B09CCEB0-AFB1-4D32-AE05-6A838830F50C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4AEAAAB8-A77B-400D-AE78-C0072EB0329F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4F9BEA6A-4743-480D-8724-7A9E2ABEBA3A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{37E33099-EB0C-4B71-86BD-4C32E19BD2B8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7B9BFDCA-EE01-4F53-8955-1AF0065E5F33}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{11584DC9-30EC-494A-BEF4-7E45EB6E1093}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{49B3FEB0-5137-4BBA-8B96-C97D7F331DC0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Eldritch\Eldritch.exe
FirewallRules: [{B0873BC4-A0E7-4281-98B4-F360F2E7B1AB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Eldritch\Eldritch.exe
FirewallRules: [{157782BC-3264-4EC3-959F-11A3C3A458BD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\C9\C9MappingAccount.exe
FirewallRules: [{F9ED61A2-F67C-439E-86B6-C2593112568C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\C9\C9MappingAccount.exe
FirewallRules: [{87FAD72D-A8F1-4534-B149-D542C5AC5909}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A59EB3DB-3A2B-40D8-A522-AE60984B28FC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F06F9F1-9929-401B-8446-32D33B1149DA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3602038F-C045-48FB-A522-4A0F551651C0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\WOG\disasm.exe
FirewallRules: [{9477C98F-5E9B-4D47-ABD7-18BCE6E81891}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\WOG\disasm.exe
FirewallRules: [{15FD6456-7C7F-4098-B558-02143748784B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{5ED25A86-3FD9-4518-92D5-1F280F10055C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{31683FF5-ED05-4701-9F03-83406F7E7634}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{823C50FB-AADE-406B-A5A7-6A8EAB1420B2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
StandardProfile\AuthorizedApplications: [D:\Program Files (x86)\xchat\xchat.exe] => Enabled:XChat IRC Client
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/12/2015 12:32:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 452: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (12/12/2015 12:32:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (12/12/2015 12:32:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 452: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (12/12/2015 12:32:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (12/12/2015 12:32:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 452: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (12/12/2015 12:32:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (12/12/2015 12:32:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 452: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (12/12/2015 12:32:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (12/12/2015 12:32:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 452: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (12/12/2015 12:32:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Systemfehler:
=============
Error: (12/12/2015 12:38:20 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/12/2015 12:38:19 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/12/2015 12:38:19 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/12/2015 12:38:18 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/12/2015 12:38:18 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/12/2015 12:38:14 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/12/2015 12:38:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06
Error: (12/12/2015 12:37:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/12/2015 12:37:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.
Error: (12/12/2015 12:37:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
CodeIntegrity:
===================================
Date: 2015-12-12 00:37:14.337
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 00:37:14.291
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 00:37:13.464
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 00:37:13.401
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 00:36:36.632
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 00:36:36.569
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 00:34:48.352
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 00:34:48.305
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 00:34:47.447
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-12-12 00:34:47.385
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) II X4 965 Processor
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 14335.11 MB
Verfügbarer physikalischer RAM: 11850.43 MB
Summe virtueller Speicher: 28668.43 MB
Verfügbarer virtueller Speicher: 26015.31 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:65.58 GB) (Free:1.39 GB) NTFS
Drive d: () (Fixed) (Total:400.09 GB) (Free:15.45 GB) NTFS
Drive f: () (Removable) (Total:7.83 GB) (Free:1.1 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 670911B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=65.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=400.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.8 GB) (Disk ID: DA89BB50)
Partition 1: (Active) - (Size=7.8 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
12.12.2015, 01:27
| #26 |
| | Neuer TeslaCrypt typ unter Win 7 Hier ist Teil 1 vom FRST Log: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
durchgeführt von Der andere (Administrator) auf MAX-PC (12-12-2015 00:38:11)
Gestartet von F:\Malewarekram
Geladene Profile: Der andere (Verfügbare Profile: Max & Der andere)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DeviceVM) C:\ASUS.SYS\config\DVMExportService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() D:\Program Files\Rainmeter\Rainmeter.exe
(Elaborate Bytes AG) D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B19\rayserver.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Sony DADC Austria AG.) C:\Windows\SysWOW64\UAService7.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9135984 2015-11-21] (Emsisoft Ltd)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [307200 2009-06-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [1955208 2011-08-15] (LogMeIn Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3037296 2011-05-06] (VIA)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [QuickTime Task] => D:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-07-24] (Cisco Systems, Inc.)
HKU\S-1-5-21-2526639427-3945621885-3107009088-1003\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2526639427-3945621885-3107009088-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Der andere\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+tsq.html [2015-12-09] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+tsq.txt [2015-12-09] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2011-02-07]
ShortcutTarget: Rainmeter.lnk -> D:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-02-17]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Der andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+tsq.html [2015-12-09] ()
Startup: C:\Users\Der andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+tsq.txt [2015-12-09] ()
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+tsq.html [2015-12-09] ()
Startup: C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+tsq.txt [2015-12-09] ()
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-10-29] ()
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Der andere\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei)
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+tsq.html [2015-12-09] ()
Startup: C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+tsq.txt [2015-12-09] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F9C74DAF-20A0-418E-9E1B-5E13634CD829}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2526639427-3945621885-3107009088-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2526639427-3945621885-3107009088-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-26] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-26] (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF ProfilePath: C:\Users\Der andere\AppData\Roaming\Mozilla\Firefox\Profiles\rqtg5b5v.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-16] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-09-26] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-16] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-09-23] (Sun Microsystems, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-06-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-06-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-06-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-06-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-06-26] (Apple Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-11-03] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09]
CHR Extension: (Google Docs) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Google Drive) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09]
CHR Extension: (YouTube) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (Google-Suche) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (Google Tabellen) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09]
CHR Extension: (Avira Browserschutz) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-12-09]
CHR Extension: (Google Wallet) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-09]
CHR Extension: (Google Mail) - C:\Users\Der andere\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10768560 2015-11-21] (Emsisoft Ltd)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-05-05] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2014-07-17] (Apache Software Foundation) [Datei ist nicht signiert]
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-20] ()
R2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [294912 2009-04-10] (DeviceVM) [Datei ist nicht signiert]
S4 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2329480 2011-08-15] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3979632 2010-12-07] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-24] ()
R2 Ray; C:\Program Files\Dassault Systemes\PhotoStudioSatellite\B19\rayserver.exe [69632 2002-10-11] () [Datei ist nicht signiert]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-10-14] (Secunia)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [837312 2015-06-04] (Valve Corporation) [Datei ist nicht signiert]
R2 UserAccess7; C:\Windows\SysWOW64\UAService7.exe [143360 2011-05-27] (Sony DADC Austria AG.) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-03-29] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S1 acedrv06; C:\Windows\system32\drivers\acedrv06.sys [147456 2013-10-24] () [Datei ist nicht signiert]
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [297160 2015-05-05] (Advanced Micro Devices)
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-02] (Google Inc)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [211456 2011-01-01] () [Datei ist nicht signiert]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [123992 2015-10-23] (Emsisoft Ltd)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2011-01-01] () [Datei ist nicht signiert]
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-03] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-02-28] (Duplex Secure Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-07-24] (Cisco Systems, Inc.)
S3 WinRing0_1_2_0; D:\Program Files\Rainmeter\Plugins\OHM\OpenHardwareMonitor\OpenHardwareMonitor.sys [14544 2015-12-11] (OpenLibSys.org)
U3 a0ty9svx; C:\Windows\System32\Drivers\a0ty9svx.sys [0 ] (Elaborate Bytes AG) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 AndNetGps; system32\DRIVERS\lgandnetgps64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dump_wmimmc; \??\D:\gPotato.eu\Dragonica\Release\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 X6va003; \??\C:\Users\Max\AppData\Local\Temp\0031BAB.tmp [X]
S3 X6va005; \??\C:\Users\Max\AppData\Local\Temp\00513D1.tmp [X]
S3 X6va006; \??\C:\Users\Max\AppData\Local\Temp\0061F5.tmp [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-11 23:04 - 2015-12-11 23:04 - 00000559 _____ C:\Users\Der andere\Desktop\JRT.txt
2015-12-11 22:53 - 2015-12-11 22:36 - 01599336 _____ (Malwarebytes) C:\Users\Der andere\Desktop\JRT.exe
2015-12-11 22:44 - 2015-12-11 22:46 - 00000000 ____D C:\AdwCleaner
2015-12-11 22:39 - 2015-12-11 22:36 - 01738240 _____ C:\Users\Der andere\Desktop\AdwCleaner_5.024.exe
2015-12-11 04:52 - 2015-12-11 04:52 - 00044386 _____ C:\ComboFix.txt
2015-12-11 04:32 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-12-11 04:32 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-12-11 04:32 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-12-11 04:32 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-12-11 04:32 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-12-11 04:32 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-12-11 04:32 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-12-11 04:32 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-12-11 04:31 - 2015-12-11 04:52 - 00000000 ____D C:\Qoobox
2015-12-11 04:31 - 2015-12-11 04:51 - 00000000 ____D C:\Windows\erdnt
2015-12-11 04:28 - 2015-12-11 03:57 - 05640425 ____R (Swearware) C:\Users\Der andere\Desktop\ComboFix.exe
2015-12-11 04:08 - 2015-12-11 04:08 - 00000000 ____D C:\Users\Der andere\AppData\Local\Secunia PSI
2015-12-11 01:52 - 2015-12-11 04:22 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-11 01:50 - 2015-12-11 03:36 - 00000000 ____D C:\Users\Der andere\Desktop\mbar
2015-12-11 01:49 - 2015-12-11 01:49 - 00000000 ____D C:\OETemp
2015-12-10 03:20 - 2015-12-10 03:20 - 00000000 ____D C:\Users\Der andere\AppData\LocalLow\Adobe
2015-12-10 03:20 - 2015-12-10 03:20 - 00000000 ____D C:\Users\Der andere\AppData\Local\Adobe
2015-12-10 01:18 - 2015-12-10 01:18 - 00000000 ____D C:\ProgramData\Emsisoft
2015-12-10 01:08 - 2015-12-10 01:08 - 00000896 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-12-10 01:08 - 2015-12-10 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-12-10 01:07 - 2015-12-12 00:39 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2015-12-10 00:42 - 2015-12-11 03:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-10 00:41 - 2015-12-11 03:11 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-10 00:41 - 2015-12-10 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-10 00:41 - 2015-12-10 00:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-10 00:41 - 2015-12-10 00:41 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-12-10 00:41 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-10 00:41 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-10 00:32 - 2015-12-10 00:32 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-10 00:18 - 2015-12-12 00:38 - 00000000 ____D C:\FRST
2015-12-09 03:04 - 2015-12-10 01:01 - 00000000 ____D C:\Windows\system32\MpEngineStore
2015-12-09 03:02 - 2015-12-09 03:02 - 00000000 ____D C:\Users\Der andere\AppData\Roaming\Notepad++
2015-12-09 03:01 - 2015-12-09 03:01 - 00000000 ____D C:\Users\Der andere\AppData\Roaming\OpenOffice
2015-12-09 02:52 - 2015-12-09 02:52 - 00009620 _____ C:\ProgramData\how_recover+vge.html
2015-12-09 02:52 - 2015-12-09 02:52 - 00009620 _____ C:\Program Files\how_recover+vge.html
2015-12-09 02:52 - 2015-12-09 02:52 - 00002787 _____ C:\ProgramData\how_recover+vge.txt
2015-12-09 02:52 - 2015-12-09 02:52 - 00002787 _____ C:\Program Files\how_recover+vge.txt
2015-12-09 02:51 - 2015-12-09 02:51 - 00009620 _____ C:\Users\how_recover+vge.html
2015-12-09 02:51 - 2015-12-09 02:51 - 00009620 _____ C:\Program Files\Common Files\how_recover+vge.html
2015-12-09 02:51 - 2015-12-09 02:51 - 00002787 _____ C:\Users\how_recover+vge.txt
2015-12-09 02:51 - 2015-12-09 02:51 - 00002787 _____ C:\Program Files\Common Files\how_recover+vge.txt
2015-12-09 02:51 - 2015-12-09 02:51 - 00000254 _____ C:\Users\Max\Documents\recover_file_mdwdcnold.txt
2015-12-09 02:27 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max\how_recover+tsq.html
2015-12-09 02:27 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max\Downloads\how_recover+tsq.html
2015-12-09 02:27 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max\Documents\how_recover+tsq.html
2015-12-09 02:27 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.html
2015-12-09 02:27 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.html
2015-12-09 02:27 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max\AppData\LocalLow\how_recover+tsq.html
2015-12-09 02:27 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max\AppData\how_recover+tsq.html
2015-12-09 02:27 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max PC\AppData\Local\Apps\how_recover+tsq.html
2015-12-09 02:27 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max\how_recover+tsq.txt
2015-12-09 02:27 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max\Downloads\how_recover+tsq.txt
2015-12-09 02:27 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max\Documents\how_recover+tsq.txt
2015-12-09 02:27 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.txt
2015-12-09 02:27 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.txt
2015-12-09 02:27 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max\AppData\LocalLow\how_recover+tsq.txt
2015-12-09 02:27 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max\AppData\how_recover+tsq.txt
2015-12-09 02:27 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max PC\AppData\Local\Apps\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max\AppData\Roaming\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:27 - 00009620 _____ C:\Users\Max\AppData\Local\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max\AppData\Roaming\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:27 - 00002787 _____ C:\Users\Max\AppData\Local\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Public\Documents\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Max\AppData\Local\Apps\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Georg\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Georg\Downloads\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Georg\Documents\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Georg\AppData\Roaming\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Georg\AppData\LocalLow\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Georg\AppData\Local\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Georg\AppData\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Der andere\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Der andere\Downloads\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Der andere\Documents\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Der andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Der andere\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Der andere\AppData\Roaming\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Der andere\AppData\LocalLow\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Der andere\AppData\Local\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Der andere\AppData\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default\Downloads\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default\Documents\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default\AppData\Roaming\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default\AppData\Local\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default\AppData\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default User\Downloads\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default User\Documents\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default User\AppData\Roaming\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default User\AppData\Local\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\Users\Default User\AppData\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00009620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Public\Documents\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Max\AppData\Local\Apps\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Georg\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Georg\Downloads\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Georg\Documents\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Georg\AppData\Roaming\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Georg\AppData\LocalLow\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Georg\AppData\Local\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Georg\AppData\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Der andere\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Der andere\Downloads\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Der andere\Documents\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Der andere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Der andere\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Der andere\AppData\Roaming\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Der andere\AppData\LocalLow\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Der andere\AppData\Local\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Der andere\AppData\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default\Downloads\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default\Documents\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default\AppData\Roaming\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default\AppData\Local\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default\AppData\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default User\Downloads\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default User\Documents\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default User\AppData\Roaming\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default User\AppData\Local\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\Users\Default User\AppData\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 00002787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\how_recover+tsq.txt
2015-12-09 02:25 - 2015-12-09 02:26 - 00009620 _____ C:\ProgramData\how_recover+tsq.html
2015-12-09 02:25 - 2015-12-09 02:26 - 00002787 _____ C:\ProgramData\how_recover+tsq.txt
2015-12-09 02:25 - 2015-12-09 02:25 - 00009620 _____ C:\Program Files\how_recover+tsq.html
2015-12-09 02:25 - 2015-12-09 02:25 - 00002787 _____ C:\Program Files\how_recover+tsq.txt
2015-12-09 02:24 - 2015-12-09 02:24 - 00009620 _____ C:\Users\how_recover+tsq.html
2015-12-09 02:24 - 2015-12-09 02:24 - 00009620 _____ C:\Program Files\Common Files\how_recover+tsq.html
2015-12-09 02:24 - 2015-12-09 02:24 - 00002787 _____ C:\Users\how_recover+tsq.txt
2015-12-09 02:24 - 2015-12-09 02:24 - 00002787 _____ C:\Program Files\Common Files\how_recover+tsq.txt
2015-12-09 02:24 - 2015-12-09 02:24 - 00000254 _____ C:\Users\Max\Documents\recover_file_pcewndofu.txt
2015-12-09 02:23 - 2015-12-09 02:23 - 00009620 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bcu.html
2015-12-09 02:23 - 2015-12-09 02:23 - 00009620 _____ C:\Users\Max\AppData\Local\how_recover+bcu.html
2015-12-09 02:23 - 2015-12-09 02:23 - 00002787 _____ C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\how_recover+bcu.txt
2015-12-09 02:23 - 2015-12-09 02:23 - 00002787 _____ C:\Users\Max\AppData\Local\how_recover+bcu.txt
2015-12-09 02:22 - 2015-12-09 02:22 - 00009620 _____ C:\Users\Max\Downloads\how_recover+bcu.html
2015-12-09 02:22 - 2015-12-09 02:22 - 00002787 _____ C:\Users\Max\Downloads\how_recover+bcu.txt
2015-12-09 02:17 - 2015-12-09 02:22 - 00009620 _____ C:\Users\Max\Documents\how_recover+bcu.html
2015-12-09 02:17 - 2015-12-09 02:22 - 00002787 _____ C:\Users\Max\Documents\how_recover+bcu.txt
2015-12-09 02:12 - 2015-12-09 02:12 - 00009620 _____ C:\Users\Max\AppData\Roaming\how_recover+bcu.html
2015-12-09 02:12 - 2015-12-09 02:12 - 00009620 _____ C:\Users\Max\AppData\how_recover+bcu.html
2015-12-09 02:12 - 2015-12-09 02:12 - 00002787 _____ C:\Users\Max\AppData\Roaming\how_recover+bcu.txt
2015-12-09 02:12 - 2015-12-09 02:12 - 00002787 _____ C:\Users\Max\AppData\how_recover+bcu.txt
2015-12-09 02:01 - 2015-12-09 02:03 - 00009620 _____ C:\ProgramData\how_recover+bcu.html
2015-12-09 02:01 - 2015-12-09 02:03 - 00002787 _____ C:\ProgramData\how_recover+bcu.txt
2015-12-09 02:01 - 2015-12-09 02:01 - 00009620 _____ C:\Program Files\how_recover+bcu.html
2015-12-09 02:01 - 2015-12-09 02:01 - 00002787 _____ C:\Program Files\how_recover+bcu.txt
2015-12-09 01:58 - 2015-12-09 01:58 - 00009620 _____ C:\Users\how_recover+bcu.html
2015-12-09 01:58 - 2015-12-09 01:58 - 00009620 _____ C:\Program Files\Common Files\how_recover+bcu.html
2015-12-09 01:58 - 2015-12-09 01:58 - 00002787 _____ C:\Users\how_recover+bcu.txt
2015-12-09 01:58 - 2015-12-09 01:58 - 00002787 _____ C:\Program Files\Common Files\how_recover+bcu.txt
2015-12-09 01:57 - 2015-12-11 02:26 - 00000000 ____D C:\Users\Max\AppData\Local\Owics
2015-12-09 01:57 - 2015-12-09 02:51 - 00000000 _____ C:\Windows\SysWOW64\EHrb635TM05257cWW7
2015-12-09 01:57 - 2015-12-09 01:57 - 00000254 _____ C:\Users\Max\Documents\recover_file_fktodlmpw.txt
2015-12-08 23:33 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-08 23:33 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-08 23:32 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-08 23:32 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-08 23:32 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-08 23:32 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-08 23:32 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-08 23:32 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-08 23:32 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-08 23:32 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-08 23:32 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-08 23:32 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-08 23:32 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-08 23:32 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 23:32 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 23:32 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 23:32 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 23:32 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 23:32 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-08 23:32 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 23:31 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-08 23:31 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-08 23:31 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-08 23:31 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-08 23:31 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-08 23:31 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-08 23:31 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-08 23:31 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-08 23:31 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-08 23:31 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-08 23:31 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-08 23:31 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-08 23:31 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-08 23:31 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-08 23:31 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-08 23:31 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-08 23:30 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-08 23:30 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 23:30 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-08 23:29 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-08 23:29 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 23:29 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-08 23:29 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-08 23:29 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 23:29 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 23:29 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-08 23:29 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 23:29 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 23:29 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 23:29 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 23:29 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-08 23:29 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 23:29 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 23:29 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 23:29 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 23:29 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 23:29 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 23:29 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 23:29 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 23:29 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 23:29 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 23:29 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 23:29 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 23:29 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 23:29 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 23:29 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 23:29 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 23:29 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 23:29 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 23:29 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 23:29 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 23:29 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 23:29 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 23:29 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 23:29 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 23:29 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 23:29 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-08 23:29 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-08 23:29 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-08 23:29 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-08 23:29 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-08 23:29 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-08 23:29 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-08 23:29 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-08 23:29 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-08 23:29 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-08 23:29 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-08 23:29 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-08 23:29 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-08 23:29 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-08 23:29 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-08 23:29 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-08 23:29 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-08 23:29 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-08 23:29 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-08 23:29 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-08 23:29 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-08 23:29 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-08 23:29 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-08 23:29 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-08 23:29 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-08 23:29 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-08 23:29 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-08 23:29 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-08 23:29 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-08 23:29 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-08 23:29 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-08 23:28 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-08 23:28 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-07 00:04 - 2015-12-12 00:35 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-12-07 00:01 - 2014-02-16 05:23 - 00060640 ____R (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2015-12-06 23:57 - 2015-05-05 12:52 - 40794624 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-12-06 23:57 - 2015-05-05 12:52 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-12-06 23:57 - 2015-05-05 12:51 - 34340352 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-12-06 23:57 - 2015-05-05 12:50 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-12-06 23:57 - 2015-05-05 12:50 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-12-06 23:57 - 2015-05-05 12:49 - 27494912 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-12-06 23:57 - 2015-05-05 12:49 - 22289408 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-12-06 23:57 - 2015-05-05 12:23 - 00654528 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-12-06 23:57 - 2015-05-05 12:23 - 00654528 _____ C:\Windows\system32\atiapfxx.blb
2015-12-06 23:57 - 2015-05-05 12:15 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-12-06 23:57 - 2015-05-01 06:22 - 00043088 _____ C:\Windows\system32\kapp_si.sbin
2015-12-06 23:57 - 2015-04-30 05:42 - 00047152 _____ C:\Windows\system32\kapp_ci.sbin
2015-12-06 23:57 - 2015-04-28 12:16 - 00169088 _____ C:\Windows\system32\ativce03.dat
2015-12-06 23:57 - 2015-04-28 12:12 - 00167392 _____ C:\Windows\system32\amde31a.dat
2015-12-06 23:57 - 2015-04-27 10:10 - 00255168 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2015-12-06 23:57 - 2015-04-27 10:04 - 00251012 _____ C:\Windows\system32\ativvaxy_FJ.dat
2015-12-06 23:57 - 2015-04-27 10:02 - 00249216 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2015-12-06 23:57 - 2015-04-16 12:05 - 00100800 _____ C:\Windows\system32\ativce02.dat
2015-12-06 23:57 - 2015-04-13 08:10 - 00234420 _____ C:\Windows\system32\ativvaxy_cik.dat
2015-12-06 23:57 - 2015-04-13 08:08 - 00232752 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2015-12-06 23:57 - 2014-11-04 07:23 - 00321200 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2015-12-06 23:57 - 2014-11-04 07:20 - 00322868 _____ C:\Windows\system32\ativvaxy_vi.dat
2015-12-06 23:57 - 2014-06-18 06:28 - 00140240 _____ C:\Windows\system32\samu_krnl_ci.sbin
2015-12-06 23:57 - 2013-12-12 02:53 - 00138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2015-12-04 01:33 - 2015-12-09 02:27 - 00000000 ____D C:\Users\Max\AppData\LocalLow\uTorrent
2015-12-03 00:22 - 2015-12-09 02:27 - 00000000 ____D C:\Users\Max\Documents\Arduino
2015-12-03 00:22 - 2015-12-09 02:26 - 00000000 ____D C:\Users\Max\AppData\Local\Arduino15
2015-12-03 00:22 - 2015-12-09 02:26 - 00000000 ____D C:\Users\Max\.oracle_jre_usage
2015-12-03 00:22 - 2015-12-09 02:26 - 00000000 ____D C:\Users\Max\.jssc
2015-12-03 00:14 - 2015-12-03 00:14 - 00000700 _____ C:\Users\Public\Desktop\Arduino.lnk
2015-12-03 00:14 - 2015-12-03 00:14 - 00000700 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk
2015-11-26 01:57 - 2015-12-09 02:18 - 00370430 _____ C:\Users\Max\Downloads\ASM_01_Locher.pdf.vvv
2015-11-22 01:52 - 2015-12-09 02:27 - 00000000 ____D C:\Users\Max\Documents\Catia
2015-11-22 00:59 - 2015-12-09 02:51 - 00000000 ____D C:\Program Files\Dassault Systemes
2015-11-22 00:54 - 2015-12-09 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CATIA P3
2015-11-22 00:54 - 2015-11-22 00:54 - 00001314 _____ C:\Users\Public\Desktop\CATIA P3 V5R19.lnk
2015-11-22 00:45 - 2015-11-22 00:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-22 00:43 - 2015-12-09 02:27 - 00000000 ____D C:\Users\Max\AppData\Roaming\DassaultSystemes
2015-11-22 00:43 - 2015-12-09 02:27 - 00000000 ____D C:\Users\Max\AppData\Local\DassaultSystemes
2015-11-22 00:43 - 2015-12-09 02:26 - 00000000 ____D C:\ProgramData\DassaultSystemes
2015-11-18 23:12 - 2015-12-09 02:27 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Noble Empire
2015-11-12 10:21 - 2015-12-09 02:27 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-12 01:29 - 2015-12-09 02:51 - 00000000 ____D C:\LGMobileUpgrade
|
|
12.12.2015, 01:28
| #27 |
| | Neuer TeslaCrypt typ unter Win 7 und Teil 2: Code:
ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-12 00:40 - 2015-06-25 22:32 - 00000000 ____D C:\Users\Der andere\AppData\Local\LogMeIn Hamachi
2015-12-12 00:38 - 2015-06-25 22:32 - 00000000 ____D C:\Users\Der andere\AppData\Roaming\Skype
2015-12-12 00:36 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-12 00:35 - 2009-11-27 15:09 - 00000880 ____H C:\dvmexp.idx
2015-12-12 00:35 - 2009-07-14 05:45 - 00023008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-12 00:35 - 2009-07-14 05:45 - 00023008 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-12 00:25 - 2013-08-28 16:45 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-11 23:46 - 2015-05-29 09:35 - 00001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2526639427-3945621885-3107009088-1001UA.job
2015-12-11 23:46 - 2015-05-29 09:35 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2526639427-3945621885-3107009088-1001Core.job
2015-12-11 22:40 - 2009-07-14 18:58 - 06523320 _____ C:\Windows\system32\perfh007.dat
2015-12-11 22:40 - 2009-07-14 18:58 - 01962048 _____ C:\Windows\system32\perfc007.dat
2015-12-11 22:40 - 2009-07-14 06:13 - 00006240 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-11 21:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-11 04:50 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-12-11 04:22 - 2010-12-27 21:51 - 00000000 ____D C:\ASUS.000
2015-12-11 03:11 - 2015-07-22 21:53 - 00000000 ____D C:\Users\Max\AppData\Local\LogMeIn Hamachi
2015-12-11 03:09 - 2014-10-29 21:55 - 00000000 ____D C:\Users\Max\AppData\Local\Deployment
2015-12-11 03:08 - 2015-03-15 19:09 - 00000000 ____D C:\Users\Max\AppData\Local\Akamai
2015-12-11 02:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2015-12-11 02:26 - 2009-11-29 14:56 - 00000000 ____D C:\Users\Max\Desktop\Krempel
2015-12-11 01:49 - 2013-10-07 15:53 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-11 01:45 - 2013-07-25 16:37 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-11 01:44 - 2015-09-23 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-11 01:44 - 2013-07-25 16:37 - 00000000 ____D C:\ProgramData\Avira
2015-12-10 03:20 - 2015-06-25 22:31 - 00000000 ____D C:\Users\Der andere\AppData\Roaming\Adobe
2015-12-10 01:02 - 2011-12-26 22:52 - 00000000 ____D C:\Windows\UbiSoft
2015-12-09 23:52 - 2009-07-14 05:45 - 00310944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 03:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-09 03:03 - 2013-08-08 01:43 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 03:03 - 2010-12-30 01:32 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 02:52 - 2015-08-19 20:28 - 00000000 ____D C:\ProgramData\ATI
2015-12-09 02:52 - 2014-12-08 02:12 - 00000000 ____D C:\ProgramData\BioWare
2015-12-09 02:52 - 2014-06-26 17:02 - 00000000 ____D C:\ProgramData\Apple Computer
2015-12-09 02:52 - 2013-07-19 23:06 - 00000000 ____D C:\ProgramData\Battle.net
2015-12-09 02:52 - 2012-05-02 14:10 - 00000000 ____D C:\ProgramData\ASign
2015-12-09 02:52 - 2011-05-14 21:31 - 00000000 ____D C:\ProgramData\AMD
2015-12-09 02:52 - 2011-04-17 18:51 - 00000000 ____D C:\ProgramData\Apple
2015-12-09 02:52 - 2011-02-16 22:26 - 00000000 ____D C:\ProgramData\Adobe
2015-12-09 02:52 - 2010-12-27 22:38 - 00000000 ____D C:\ProgramData\Blizzard
2015-12-09 02:52 - 2009-11-27 15:07 - 00000000 ____D C:\temp
2015-12-09 02:52 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-12-09 02:51 - 2015-09-10 16:55 - 00000000 ____D C:\$Windows.~BT
2015-12-09 02:51 - 2015-02-13 18:07 - 00000000 ____D C:\Program Files\Bonjour
2015-12-09 02:51 - 2015-02-13 18:06 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-12-09 02:51 - 2014-11-30 15:08 - 00000000 ____D C:\Program Files\CCleaner
2015-12-09 02:51 - 2014-10-03 15:11 - 00000000 ____D C:\Program Files\AviSynth 2.5
2015-12-09 02:51 - 2014-05-28 16:04 - 00000000 ____D C:\Program Files\My Lockbox
2015-12-09 02:51 - 2013-12-24 00:17 - 00000000 ____D C:\Crash
2015-12-09 02:51 - 2013-10-31 14:29 - 00000000 ____D C:\Program Files\Oracle
2015-12-09 02:51 - 2012-03-20 10:16 - 00000000 ____D C:\Program Files\AMD
2015-12-09 02:51 - 2012-01-18 19:53 - 00000000 ____D C:\found.003
2015-12-09 02:51 - 2012-01-13 00:39 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-12-09 02:51 - 2011-12-23 11:32 - 00000000 ____D C:\found.002
2015-12-09 02:51 - 2011-08-09 21:22 - 00000000 ____D C:\Nordschlacht
2015-12-09 02:51 - 2011-06-14 15:39 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2015-12-09 02:51 - 2011-05-14 11:40 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-12-09 02:51 - 2011-05-03 20:40 - 00000000 ____D C:\Program Files\Java
2015-12-09 02:51 - 2011-04-29 15:46 - 00000000 ____D C:\found.001
2015-12-09 02:51 - 2011-04-11 13:33 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2015-12-09 02:51 - 2011-03-11 22:56 - 00000000 ____D C:\Program Files\DivX
2015-12-09 02:51 - 2010-12-27 21:52 - 00000000 ____D C:\Program Files\ATI
2015-12-09 02:51 - 2010-12-27 21:49 - 00000000 ____D C:\Program Files\ATI Technologies
2015-12-09 02:51 - 2010-12-25 22:27 - 00000000 ____D C:\CFLog
2015-12-09 02:51 - 2010-12-24 21:52 - 00000000 ____D C:\LGP500
2015-12-09 02:51 - 2010-09-08 14:17 - 00000000 ____D C:\CIMTEMP
2015-12-09 02:51 - 2010-03-03 14:02 - 00000000 ____D C:\dvmexp.BAK
2015-12-09 02:51 - 2009-11-27 15:07 - 00000000 ___HD C:\dvmexp
2015-12-09 02:51 - 2009-11-27 15:06 - 00000000 ____D C:\ASUS.SYS
2015-12-09 02:51 - 2009-11-27 14:53 - 00000000 ____D C:\AMD
2015-12-09 02:51 - 2009-11-24 13:02 - 00000000 ____D C:\ATI
2015-12-09 02:51 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-09 02:51 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-12-09 02:51 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-09 02:51 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-09 02:51 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-09 02:51 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\MSBuild
2015-12-09 02:51 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-12-09 02:51 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-09 02:51 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT
2015-12-09 02:51 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-09 02:51 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-12-09 02:51 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Services
2015-12-09 02:51 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-12-09 02:51 - 2009-07-14 04:20 - 00000000 ____D C:\PerfLogs
2015-12-09 02:36 - 2015-06-25 22:33 - 00070984 _____ C:\Users\Der andere\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-09 02:27 - 2015-11-11 00:11 - 00000000 ____D C:\Users\Max\AppData\Local\Vivox
2015-12-09 02:27 - 2015-11-10 23:46 - 00000000 ____D C:\Users\Max\Documents\Overwatch
2015-12-09 02:27 - 2015-10-08 02:52 - 00000000 ____D C:\Users\Max\Downloads\cube_the_game
2015-12-09 02:27 - 2015-10-07 21:55 - 00000000 ____D C:\Users\Max\Documents\C9
2015-12-09 02:27 - 2015-09-24 18:16 - 00000000 ____D C:\Users\Max\AppData\Local\Cisco
2015-12-09 02:27 - 2015-09-21 01:01 - 00000000 ____D C:\Users\Max\AppData\Local\CrashReportClient
2015-12-09 02:27 - 2015-09-20 01:53 - 00000000 ____D C:\Users\Max\Documents\UnrealTournament
2015-12-09 02:27 - 2015-09-20 01:53 - 00000000 ____D C:\Users\Max\AppData\Local\UnrealTournament
2015-12-09 02:27 - 2015-09-20 01:08 - 00000000 ____D C:\Users\Max\AppData\Local\UnrealEngineLauncher
2015-12-09 02:27 - 2015-09-20 01:08 - 00000000 ____D C:\Users\Max\AppData\Local\UnrealEngine
2015-12-09 02:27 - 2015-09-20 01:08 - 00000000 ____D C:\Users\Max\AppData\Local\EpicGamesLauncher
2015-12-09 02:27 - 2015-09-14 21:53 - 00000000 ____D C:\Users\Max\Documents\FH Krempel
2015-12-09 02:27 - 2015-08-23 21:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\SpaceEngineers
2015-12-09 02:27 - 2015-08-19 22:45 - 00000000 ____D C:\Users\Max\AppData\Local\Google
2015-12-09 02:27 - 2015-08-16 21:22 - 00000000 ____D C:\Users\Max\Tracing
2015-12-09 02:27 - 2015-08-13 23:11 - 00000000 ____D C:\Users\Max\AppData\Local\PC Link
2015-12-09 02:27 - 2015-08-11 23:10 - 00000000 ____D C:\Users\Max\Documents\HeroesOfSoulcraft
2015-12-09 02:27 - 2015-08-10 20:38 - 00000000 ____D C:\Users\Max\AppData\Local\Skype
2015-12-09 02:27 - 2015-07-22 21:46 - 00000000 ____D C:\Users\Max\AppData\Roaming\Raptr
2015-12-09 02:27 - 2015-07-22 20:18 - 00000000 ____D C:\Users\Max\AppData\Local\CEF
2015-12-09 02:27 - 2015-07-19 13:46 - 00000000 ____D C:\Users\Max\AppData\Roaming\com.playsaurus.heroclicker
2015-12-09 02:27 - 2015-07-18 22:12 - 00000000 ____D C:\Users\Max\AppData\Roaming\StarseedPilgrim
2015-12-09 02:27 - 2015-07-18 18:37 - 00000000 ____D C:\Users\Max\Documents\Mutant Blobs Attack
2015-12-09 02:27 - 2015-06-27 00:35 - 00000000 ____D C:\Users\Max\AppData\Roaming\The Creative Assembly
2015-12-09 02:27 - 2015-06-09 20:21 - 00000000 ____D C:\Users\Max\AppData\Roaming\Warsow 1.0
2015-12-09 02:27 - 2015-06-09 20:18 - 00000000 ____D C:\Users\Max\AppData\Roaming\Warsow 1.02
2015-12-09 02:27 - 2015-06-02 11:12 - 00000000 ____D C:\Users\Max\AppData\Local\GWX
2015-12-09 02:27 - 2015-05-29 09:35 - 00000000 ____D C:\Users\Max\AppData\Local\Dropbox
2015-12-09 02:27 - 2015-05-09 23:52 - 00000000 ____D C:\Users\Max\AppData\Roaming\Riot Games
2015-12-09 02:27 - 2015-04-18 01:27 - 00000000 ____D C:\Users\Max\AppData\Local\spacegame
2015-12-09 02:27 - 2015-03-28 15:08 - 00000000 ____D C:\Users\Max\Documents\Heroes of the Storm
2015-12-09 02:27 - 2015-03-22 18:19 - 00000000 __SHD C:\Users\Max\AppData\Local\EmieBrowserModeList
2015-12-09 02:27 - 2015-03-12 16:35 - 00000000 ____D C:\Users\Max\Documents\Arge
2015-12-09 02:27 - 2015-03-08 23:46 - 00000000 ____D C:\Users\Max\Documents\Spiele
2015-12-09 02:27 - 2015-03-08 23:46 - 00000000 ____D C:\Users\Max\AppData\Local\Gas Powered Games
2015-12-09 02:27 - 2015-03-06 15:17 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HEUREKA-Klett
2015-12-09 02:27 - 2015-02-21 02:31 - 00000000 ____D C:\Users\Max\AppData\Roaming\com.ohnoo.TormentumDemo
2015-12-09 02:27 - 2015-02-19 18:44 - 00000000 ____D C:\Users\Max\AppData\Local\Steam
2015-12-09 02:27 - 2015-02-13 18:08 - 00000000 ____D C:\Users\Max\AppData\Local\Logitech
2015-12-09 02:27 - 2015-02-13 18:04 - 00000000 ____D C:\Users\Max\AppData\Roaming\Logitech
2015-12-09 02:27 - 2015-02-13 18:04 - 00000000 ____D C:\Users\Max\AppData\Roaming\Logishrd
2015-12-09 02:27 - 2015-01-26 22:54 - 00000000 ____D C:\Users\Max\AppData\Roaming\OpenOffice
2015-12-09 02:27 - 2015-01-21 23:25 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Ludosity
2015-12-09 02:27 - 2015-01-15 08:59 - 00000000 ____D C:\Users\Max\AppData\Roaming\olliolli
2015-12-09 02:27 - 2015-01-03 18:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\Notepad++
2015-12-09 02:27 - 2015-01-03 18:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-09 02:27 - 2015-01-01 18:04 - 00000000 ____D C:\Users\Max\AppData\Local\Reflections
2015-12-09 02:27 - 2014-12-24 04:04 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Necrophone Games
2015-12-09 02:27 - 2014-12-10 02:03 - 00000000 ____D C:\Users\Max\Documents\Zen Studios
2015-12-09 02:27 - 2014-11-12 00:01 - 00000000 ____D C:\Users\Max\AppData\Local\ROR_GMS_controller
2015-12-09 02:27 - 2014-11-11 22:19 - 00000000 ____D C:\Users\Max\Downloads\RoRv1.2.2NoDRM_win
2015-12-09 02:27 - 2014-11-11 22:19 - 00000000 ____D C:\Users\Max\Downloads\Folding
2015-12-09 02:27 - 2014-10-29 21:56 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-12-09 02:27 - 2014-10-29 21:56 - 00000000 ____D C:\Users\Max\AppData\Roaming\Curse Advertising
2015-12-09 02:27 - 2014-10-26 22:28 - 00000000 ____D C:\Users\Max\AppData\Local\Warframe
2015-12-09 02:27 - 2014-10-12 23:18 - 00000000 ____D C:\Users\Max\AppData\Roaming\Awesomium
2015-12-09 02:27 - 2014-10-03 20:33 - 00000000 ____D C:\Users\Max\AppData\Roaming\AMD
2015-12-09 02:27 - 2014-10-03 15:18 - 00000000 ____D C:\Users\Max\Documents\eRightSoft
2015-12-09 02:27 - 2014-09-24 23:18 - 00000000 ____D C:\Users\Max\Documents\Giana Sisters - Twisted Dreams
2015-12-09 02:27 - 2014-09-24 20:59 - 00000000 ____D C:\Users\Max\AppData\Local\Chromium
2015-12-09 02:27 - 2014-08-30 02:50 - 00000000 ____D C:\Users\Max\AppData\Roaming\Teeworlds
2015-12-09 02:27 - 2014-08-24 13:53 - 00000000 ____D C:\Users\Max\Documents\ZootFly
2015-12-09 02:27 - 2014-08-18 01:52 - 00000000 ____D C:\Users\Max\Downloads\testdisk-7.0-WIP
2015-12-09 02:27 - 2014-08-07 18:51 - 00000000 ____D C:\Users\Max\Documents\Witcher 2
2015-12-09 02:27 - 2014-08-07 18:51 - 00000000 ____D C:\Users\Max\AppData\Local\The Witcher 2
2015-12-09 02:27 - 2014-07-16 22:44 - 00000000 ____D C:\Users\Max\AppData\Roaming\3909
2015-12-09 02:27 - 2014-07-16 03:13 - 00000000 ____D C:\Users\Max\Documents\streumon
2015-12-09 02:27 - 2014-06-30 17:05 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Recoil Games
2015-12-09 02:27 - 2014-06-29 18:07 - 00000000 ____D C:\Users\Max\Documents\Larian Studios
2015-12-09 02:27 - 2014-06-24 20:49 - 00000000 ____D C:\Users\Max\Documents\NBGI
2015-12-09 02:27 - 2014-06-24 20:49 - 00000000 ____D C:\Users\Max\AppData\Local\NBGI
2015-12-09 02:27 - 2014-06-15 18:07 - 00000000 ____D C:\Users\Max\Documents\Shadow Warrior
2015-12-09 02:27 - 2014-06-09 21:34 - 00000000 ____D C:\Users\Max\AppData\Roaming\.LUFTRAUSERS
2015-12-09 02:27 - 2014-06-07 19:54 - 00000000 ____D C:\Users\Max\Documents\PCSX2
2015-12-09 02:27 - 2014-05-29 19:24 - 00000000 ____D C:\Users\Max\Documents\StarCraft II
2015-12-09 02:27 - 2014-05-28 16:04 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Lockbox
2015-12-09 02:27 - 2014-05-28 15:39 - 00000000 __SHD C:\Users\Max\AppData\Local\EmieUserList
2015-12-09 02:27 - 2014-05-28 15:39 - 00000000 __SHD C:\Users\Max\AppData\Local\EmieSiteList
2015-12-09 02:27 - 2014-05-14 22:20 - 00000000 ____D C:\Users\Max\Documents\Dawngate
2015-12-09 02:27 - 2014-05-14 21:41 - 00000000 ____D C:\Users\Max\AppData\Local\CrashRpt
2015-12-09 02:27 - 2014-05-12 00:28 - 00000000 ____D C:\Users\Max\Documents\Alarmstufe Rot 3 Der Aufstand
2015-12-09 02:27 - 2014-05-10 03:12 - 00000000 ____D C:\Users\Max\AppData\Roaming\Alarmstufe Rot 3 Der Aufstand
2015-12-09 02:27 - 2014-05-06 22:45 - 00000000 ____D C:\Users\Max\AppData\Roaming\library_dir
2015-12-09 02:27 - 2014-05-03 18:57 - 00000000 ____D C:\Users\Max\Documents\Klei
2015-12-09 02:27 - 2014-04-18 23:34 - 00000000 ____D C:\Users\Max\Documents\MGR
2015-12-09 02:27 - 2014-04-06 14:55 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpellForce
2015-12-09 02:27 - 2014-03-18 21:13 - 00000000 ____D C:\Users\Max\Documents\Diablo III
2015-12-09 02:27 - 2014-03-04 17:27 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Threaks
2015-12-09 02:27 - 2014-03-02 14:21 - 00000000 ____D C:\Users\Max\Documents\Guacamelee
2015-12-09 02:27 - 2014-03-02 14:19 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DrinkBox Studios
2015-12-09 02:27 - 2014-03-01 01:33 - 00000000 ____D C:\Users\Max\AppData\Roaming\Humble Hearts LLC
2015-12-09 02:27 - 2014-02-28 21:35 - 00000000 ____D C:\Users\Max\AppData\Roaming\Command & Conquer 3 Kane's Wrath
2015-12-09 02:27 - 2014-02-14 17:44 - 00000000 ____D C:\Users\Max\AppData\Local\EdgeOfReality
2015-12-09 02:27 - 2014-01-23 13:43 - 00000000 ____D C:\Users\Max\AppData\Roaming\Fractron 9000
2015-12-09 02:27 - 2014-01-22 20:04 - 00000000 ____D C:\Users\Max\Documents\DayZ Other Profiles
2015-12-09 02:27 - 2014-01-22 20:04 - 00000000 ____D C:\Users\Max\Documents\DayZ
2015-12-09 02:27 - 2014-01-22 20:04 - 00000000 ____D C:\Users\Max\AppData\Local\DayZ
2015-12-09 02:27 - 2014-01-07 18:47 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1C Company
2015-12-09 02:27 - 2014-01-03 23:28 - 00000000 ____D C:\Users\Max\AppData\Roaming\KravenManor
2015-12-09 02:27 - 2014-01-03 22:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kraven Manor
2015-12-09 02:27 - 2013-12-18 01:44 - 00000000 ____D C:\Users\Max\AppData\Local\Blizzard
2015-12-09 02:27 - 2013-12-17 23:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Battle.net
2015-12-09 02:27 - 2013-12-17 23:40 - 00000000 ____D C:\Users\Max\AppData\Local\Blizzard Entertainment
2015-12-09 02:27 - 2013-12-17 23:40 - 00000000 ____D C:\Users\Max\AppData\Local\Battle.net
2015-12-09 02:27 - 2013-10-30 23:47 - 00000000 ____D C:\Users\Max\Downloads\MOABD_PrinceOfArcade
2015-12-09 02:27 - 2013-10-24 23:03 - 00000000 ____D C:\Users\Max\Documents\Ascaron Entertainment
2015-12-09 02:27 - 2013-10-24 23:02 - 00000000 ____D C:\Users\Max\Documents\Darkstar One
2015-12-09 02:27 - 2013-10-22 15:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tivola
2015-12-09 02:27 - 2013-10-20 20:44 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cloud
2015-12-09 02:27 - 2013-10-19 01:56 - 00000000 ____D C:\Users\Max\Documents\Firefall
2015-12-09 02:27 - 2013-10-14 00:16 - 00000000 ____D C:\Users\Max\Downloads\zsnesw151
2015-12-09 02:27 - 2013-09-28 12:10 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
2015-12-09 02:27 - 2013-09-20 17:49 - 00000000 ____D C:\Users\Max\AppData\Local\Criterion Games
2015-12-09 02:27 - 2013-09-04 22:29 - 00000000 ____D C:\Users\Max\AppData\Roaming\FEZ
2015-12-09 02:27 - 2013-09-01 20:32 - 00000000 ____D C:\Users\Max\AppData\Local\ESN
2015-12-09 02:27 - 2013-08-28 17:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\Origin
2015-12-09 02:27 - 2013-08-10 15:13 - 00000000 ____D C:\Users\Max\AppData\Local\dxhr
2015-12-09 02:27 - 2013-07-11 16:48 - 00000000 ____D C:\Users\Max\AppData\Roaming\bizarre creations
2015-12-09 02:27 - 2013-04-05 02:17 - 00000000 ____D C:\Users\Max\AppData\Roaming\com.shirogames.evoland
2015-12-09 02:27 - 2013-02-27 00:00 - 00000000 ____D C:\Users\Max\Documents\Schule
2015-12-09 02:27 - 2013-02-19 15:28 - 00000000 ____D C:\Users\Max\AppData\Roaming\Bioshock
2015-12-09 02:27 - 2013-02-17 22:30 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antichamber
2015-12-09 02:27 - 2013-02-06 18:57 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DmC - Devil May Cry
2015-12-09 02:27 - 2013-01-22 21:42 - 00000000 ____D C:\Users\Max\AppData\Local\Sony Online Entertainment
2015-12-09 02:27 - 2012-12-28 19:22 - 00000000 ____D C:\Users\Max\AppData\Local\Transcripted
2015-12-09 02:27 - 2012-12-28 16:08 - 00000000 ____D C:\Users\Max\AppData\Roaming\DragonicaECB
2015-12-09 02:27 - 2012-12-24 01:38 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Sony Online Entertainment
2015-12-09 02:27 - 2012-12-24 01:38 - 00000000 ____D C:\Users\Max\AppData\Local\SCE
2015-12-09 02:27 - 2012-12-12 22:39 - 00000000 ____D C:\Users\Max\AppData\Roaming\Sudeki
2015-12-09 02:27 - 2012-10-12 18:05 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Planets Under Attack
2015-12-09 02:27 - 2012-10-12 02:39 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hell Yeah! Wrath of the Dead Rabbit
2015-12-09 02:27 - 2012-10-11 01:11 - 00000000 ____D C:\Users\Max\Documents\SavedGames
2015-12-09 02:27 - 2012-10-08 21:02 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2015-12-09 02:27 - 2012-10-08 16:33 - 00000000 ____D C:\Users\Max\Documents\Hard Reset Extended
2015-12-09 02:27 - 2012-10-07 17:59 - 00000000 ____D C:\Users\Max\Documents\Cornelsen
2015-12-09 02:27 - 2012-10-07 17:59 - 00000000 ____D C:\Users\Max\AppData\Local\RadonLabs
2015-12-09 02:27 - 2012-09-23 19:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\gtk-2.0
2015-12-09 02:27 - 2012-09-23 17:42 - 00000000 ____D C:\Users\Max\Downloads\CryptLoad_1.1.8
2015-12-09 02:27 - 2012-09-18 14:15 - 00000000 ____D C:\Users\Max\Documents\Bewerbungen
2015-12-09 02:27 - 2012-08-15 02:29 - 00000000 ____D C:\Users\Max\AppData\Local\Darksiders2
2015-12-09 02:27 - 2012-08-10 17:19 - 00000000 ____D C:\Users\Max\AppData\Roaming\Blender Foundation
2015-12-09 02:27 - 2012-08-06 20:05 - 00000000 ____D C:\Users\Max\Documents\Activision
2015-12-09 02:27 - 2012-07-25 20:57 - 00000000 ____D C:\Users\Max\Documents\WB Games
2015-12-09 02:27 - 2012-07-24 15:39 - 00000000 ____D C:\Users\Max\Documents\out
2015-12-09 02:27 - 2012-07-20 16:08 - 00000000 ____D C:\Users\Max\AppData\Local\gegl-0.2
2015-12-09 02:27 - 2012-07-20 16:08 - 00000000 ____D C:\Users\Max\AppData\Local\fontconfig
2015-12-09 02:27 - 2012-06-13 09:37 - 00000000 ____D C:\Users\Max\AppData\Local\Macromedia
2015-12-09 02:27 - 2012-05-15 15:35 - 00000000 ____D C:\Users\Max\AppData\Local\Red 5 Studios
2015-12-09 02:27 - 2012-05-15 15:32 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Red 5 Studios
2015-12-09 02:27 - 2012-05-02 14:10 - 00000000 ____D C:\Users\Max\Documents\SETTEC
2015-12-09 02:27 - 2012-05-02 14:09 - 00000000 ____D C:\Users\Max\Documents\ARC SYSTEM WORKS
2015-12-09 02:27 - 2012-04-22 17:19 - 00000000 ____D C:\Users\Max\AppData\Local\BladesOfTime
2015-12-09 02:27 - 2012-04-21 01:24 - 00000000 ____D C:\Users\Max\AppData\Roaming\WB Games
2015-12-09 02:27 - 2012-04-21 00:13 - 00000000 ____D C:\Users\Max\riotsGamesLogs
2015-12-09 02:27 - 2012-04-19 23:43 - 00000000 ____D C:\Users\Max\Dropbox
2015-12-09 02:27 - 2012-04-19 23:40 - 00000000 ____D C:\Users\Max\AppData\Roaming\Dropbox
2015-12-09 02:27 - 2012-04-07 23:39 - 00000000 ____D C:\Users\Max\Documents\Battlefield Heroes
2015-12-09 02:27 - 2012-04-07 03:29 - 00000000 ____D C:\Users\Max\dwhelper
2015-12-09 02:27 - 2012-04-02 21:14 - 00000000 ____D C:\Users\Max\AppData\Local\DOSBox
2015-12-09 02:27 - 2012-04-01 18:35 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Empire Interactive
2015-12-09 02:27 - 2012-03-25 16:15 - 00000000 ____D C:\Users\Max\VirtualBox VMs
2015-12-09 02:27 - 2012-03-14 14:42 - 00000000 ____D C:\Users\Max\AppData\Roaming\LOVE
2015-12-09 02:27 - 2012-02-22 15:34 - 00000000 ____D C:\Users\Max\AppData\Local\BigHugeEngine
2015-12-09 02:27 - 2012-02-17 02:33 - 00000000 ____D C:\Users\Max\AppData\Local\Secunia PSI
2015-12-09 02:27 - 2012-02-17 00:45 - 00000000 ____D C:\Users\Max\AppData\Roaming\wargaming.net
2015-12-09 02:27 - 2012-02-15 00:01 - 00000000 ____D C:\Users\Max\AppData\Roaming\DarknessII
2015-12-09 02:27 - 2012-02-14 16:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\DarknessIIDemo
2015-12-09 02:27 - 2012-02-14 15:50 - 00000000 ____D C:\Users\Max\AppData\Roaming\RenPy
2015-12-09 02:27 - 2012-02-01 18:53 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grandy Games
2015-12-09 02:27 - 2012-01-23 16:17 - 00000000 ____D C:\Users\Max\Documents\NFSTR
2015-12-09 02:27 - 2012-01-02 22:43 - 00000000 ____D C:\Users\Max\AppData\Roaming\Ubisoft
2015-12-09 02:27 - 2012-01-01 03:08 - 00000000 ____D C:\Users\Max\Daedalic
2015-12-09 02:27 - 2011-12-31 19:59 - 00000000 ____D C:\Users\Max\AppData\Local\Daedalic Entertainment
2015-12-09 02:27 - 2011-12-06 22:35 - 00000000 ____D C:\Users\Max\AppData\Local\Skyrim
2015-12-09 02:27 - 2011-11-28 23:56 - 00000000 ____D C:\Users\Max\Documents\Assassin's Creed Revelations
2015-12-09 02:27 - 2011-11-28 23:56 - 00000000 ____D C:\Users\Max\AppData\Local\Ubisoft Game Launcher
2015-12-09 02:27 - 2011-11-20 01:17 - 00000000 ____D C:\Users\Max\Documents\Orcs Must Die
2015-12-09 02:27 - 2011-11-01 19:44 - 00000000 ____D C:\Users\Max\AppData\Roaming\Trine2
2015-12-09 02:27 - 2011-10-31 18:56 - 00000000 ____D C:\Users\Max\Documents\ALI213
2015-12-09 02:27 - 2011-10-30 16:26 - 00000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2015-12-09 02:27 - 2011-10-23 20:59 - 00000000 ____D C:\Users\Max\Documents\Amnesia
2015-12-09 02:27 - 2011-09-26 21:38 - 00000000 ____D C:\Users\Max\AppData\Roaming\Audacity
2015-12-09 02:27 - 2011-09-23 19:19 - 00000000 ____D C:\Users\Max\AppData\Local\Two Tribes
2015-12-09 02:27 - 2011-09-15 18:07 - 00000000 ____D C:\Users\Max\Documents\Hard Reset
2015-12-09 02:27 - 2011-09-04 01:17 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evil Player
2015-12-09 02:27 - 2011-08-31 20:38 - 00000000 ____D C:\Users\Max\AppData\Local\Darksiders
2015-12-09 02:27 - 2011-08-23 22:06 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bastion
2015-12-09 02:27 - 2011-08-23 16:00 - 00000000 ____D C:\Users\Max\AppData\Roaming\Apple Computer
2015-12-09 02:27 - 2011-08-17 23:01 - 00000000 ____D C:\Users\Max\AppData\Roaming\NesterSoft
2015-12-09 02:27 - 2011-08-16 00:36 - 00000000 ____D C:\Users\Max\Documents\Venetica
2015-12-09 02:27 - 2011-08-13 18:01 - 00000000 ____D C:\Users\Max\AppData\Roaming\Dev-Cpp
2015-12-09 02:27 - 2011-08-03 02:53 - 00000000 ____D C:\Users\Max\Documents\id Software
2015-12-09 02:27 - 2011-08-03 02:52 - 00000000 ____D C:\Users\Max\AppData\Local\id Software
2015-12-09 02:27 - 2011-07-07 12:59 - 00000000 ____D C:\Users\Max\Documents\Sega
2015-12-09 02:27 - 2011-06-14 15:41 - 00000000 ____D C:\Users\Max\AppData\Roaming\Leadertech
2015-12-09 02:27 - 2011-06-14 15:39 - 00000000 ____D C:\Users\Max\AppData\Local\Downloaded Installations
2015-12-09 02:27 - 2011-06-05 14:35 - 00000000 ____D C:\Users\Max\AppData\Roaming\Opera
2015-12-09 02:27 - 2011-05-15 16:43 - 00000000 ____D C:\Users\Max\AppData\Roaming\DisneyInteractiveStudios
2015-12-09 02:27 - 2011-05-13 14:24 - 00000000 ____D C:\Users\Max\AppData\Local\splash damage
2015-12-09 02:27 - 2011-05-09 23:17 - 00000000 ____D C:\Users\Max\AppData\Local\reakktor
2015-12-09 02:27 - 2011-05-09 23:15 - 00000000 ____D C:\Users\Max\Documents\Reakktor Media
2015-12-09 02:27 - 2011-05-08 23:50 - 00000000 ____D C:\Users\Max\AppData\Local\Geckofx
2015-12-09 02:27 - 2011-05-08 23:47 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-12-09 02:27 - 2011-04-19 12:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-09 02:27 - 2011-04-17 18:50 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Apple Computer
2015-12-09 02:27 - 2011-04-11 13:38 - 00000000 ____D C:\Users\Max\Documents\Dragonica
2015-12-09 02:27 - 2011-04-11 13:24 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gPotato.eu
2015-12-09 02:27 - 2011-03-28 11:38 - 00000000 ____D C:\Users\Max\Documents\EA Games
2015-12-09 02:27 - 2011-03-23 00:51 - 00000000 ____D C:\Users\Max\AppData\Local\CAPCOM
2015-12-09 02:27 - 2011-03-15 22:33 - 00000000 ____D C:\Users\Max\AppData\Roaming\Braid
2015-12-09 02:27 - 2011-03-11 22:56 - 00000000 ____D C:\Users\Max\AppData\Roaming\DivX
2015-12-09 02:27 - 2011-03-11 22:53 - 00000000 ____D C:\Users\Max\AppData\Roaming\dvdcss
2015-12-09 02:27 - 2011-02-16 23:48 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Adobe
2015-12-09 02:27 - 2011-02-16 22:26 - 00000000 ____D C:\Users\Max\AppData\Roaming\Unity
2015-12-09 02:27 - 2011-02-16 14:04 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Unity
2015-12-09 02:27 - 2011-02-16 14:04 - 00000000 ____D C:\Users\Max\AppData\Local\Unity
2015-12-09 02:27 - 2011-02-14 12:04 - 00000000 ____D C:\Users\Max\AppData\Roaming\LolClient
2015-12-09 02:27 - 2011-01-25 21:28 - 00000000 ____D C:\Users\Max\AppData\Roaming\.minecraft
2015-12-09 02:27 - 2011-01-24 00:21 - 00000000 ____D C:\Users\Max\AppData\Local\QuickStores
2015-12-09 02:27 - 2011-01-22 12:06 - 00000000 ____D C:\Users\Max\AppData\Local\Xenocode
2015-12-09 02:27 - 2011-01-18 16:45 - 00000000 ____D C:\Users\Max\AppData\Roaming\OpenOffice.org
2015-12-09 02:27 - 2011-01-18 10:49 - 00000000 ____D C:\Users\Max\AppData\Local\Microsoft Games
2015-12-09 02:27 - 2011-01-16 14:04 - 00000000 ____D C:\Users\Max\Documents\4A Games
2015-12-09 02:27 - 2011-01-14 23:42 - 00000000 ____D C:\Users\Max\Documents\SpellForce2
2015-12-09 02:27 - 2011-01-14 16:54 - 00000000 ____D C:\Users\Max\Documents\Codemasters
2015-12-09 02:27 - 2011-01-14 16:49 - 00000000 ____D C:\Users\Max\AppData\Roaming\Codemasters
2015-12-09 02:27 - 2011-01-14 16:30 - 00000000 ____D C:\Users\Max\AppData\Roaming\InstallShield
2015-12-09 02:27 - 2011-01-13 14:27 - 00000000 ____D C:\Users\Max\AppData\Roaming\foobar2000
2015-12-09 02:27 - 2011-01-11 22:24 - 00000000 ____D C:\Users\Max\AppData\Local\IceChat
2015-12-09 02:27 - 2011-01-11 22:22 - 00000000 ____D C:\Users\Max\AppData\Roaming\X-Chat 2
2015-12-09 02:27 - 2011-01-03 22:51 - 00000000 ____D C:\Users\Max\Documents\Tunngle
2015-12-09 02:27 - 2011-01-03 22:51 - 00000000 ____D C:\Users\Max\AppData\Roaming\Tunngle
2015-12-09 02:27 - 2011-01-03 19:54 - 00000000 ____D C:\Users\Max\AppData\Local\SKIDROW
2015-12-09 02:27 - 2011-01-03 12:01 - 00000000 ____D C:\Users\Max\AppData\Local\Electronic Arts
2015-12-09 02:27 - 2011-01-03 11:52 - 00000000 ____D C:\Users\Max\Documents\Electronic Arts
2015-12-09 02:27 - 2011-01-03 01:24 - 00000000 ____D C:\Users\Max\AppData\Roaming\vlc
2015-12-09 02:27 - 2011-01-02 14:21 - 00000000 ____D C:\Users\Max\Documents\Singularity
2015-12-09 02:27 - 2011-01-01 20:37 - 00000000 ____D C:\Users\Max\AppData\Roaming\Downloaded Installations
2015-12-09 02:27 - 2011-01-01 18:52 - 00000000 ____D C:\Users\Max\AppData\Roaming\WinRAR
2015-12-09 02:27 - 2011-01-01 15:11 - 00000000 ____D C:\Users\Max\AppData\Local\PunkBuster
2015-12-09 02:27 - 2011-01-01 15:02 - 00000000 __RHD C:\Users\Max\AppData\Roaming\SecuROM
2015-12-09 02:27 - 2011-01-01 14:24 - 00000000 ____D C:\Users\Max\AppData\Roaming\SpieleEntwicklungsKombinat
2015-12-09 02:27 - 2010-12-29 20:02 - 00000000 ____D C:\Users\Max\AppData\Roaming\Media Player Classic
2015-12-09 02:27 - 2010-12-28 14:46 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-12-09 02:27 - 2010-12-28 01:01 - 00000000 ____D C:\Users\Max\AppData\Roaming\Rainmeter
2015-12-09 02:27 - 2010-12-28 00:31 - 00000000 ____D C:\Users\Max\AppData\LocalLow\Sun
2015-12-09 02:27 - 2010-12-28 00:11 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-12-09 02:27 - 2010-12-27 22:37 - 00000000 ____D C:\Users\Max\AppData\Roaming\skypePM
2015-12-09 02:27 - 2010-12-27 22:34 - 00000000 ____D C:\Users\Max\AppData\Roaming\Skype
2015-12-09 02:27 - 2010-12-27 22:32 - 00000000 ____D C:\Users\Max\AppData\Roaming\uTorrent
2015-12-09 02:27 - 2010-12-27 22:25 - 00000000 ____D C:\Users\Max\AppData\Roaming\Macromedia
2015-12-09 02:27 - 2010-12-27 22:25 - 00000000 ____D C:\Users\Max\AppData\Roaming\Adobe
2015-12-09 02:27 - 2010-12-27 22:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\ATI
2015-12-09 02:27 - 2010-12-27 22:01 - 00000000 ____D C:\Users\Max\AppData\Local\ElevatedDiagnostics
2015-12-09 02:27 - 2010-12-27 21:46 - 00000000 ____D C:\Users\Max\AppData\Roaming\Mozilla
2015-12-09 02:27 - 2010-12-27 21:46 - 00000000 ____D C:\Users\Max\AppData\Local\Mozilla
2015-12-09 02:27 - 2010-12-27 21:42 - 00000000 ____D C:\Users\Max\AppData\Roaming\Media Center Programs
2015-12-09 02:27 - 2010-12-27 21:42 - 00000000 ____D C:\Users\Max\AppData\Local\VirtualStore
2015-12-09 02:27 - 2010-12-27 21:42 - 00000000 ____D C:\Users\Max
2015-12-09 02:27 - 2010-12-25 22:27 - 00000000 ____D C:\Users\Max\Documents\Cross Fire
2015-12-09 02:27 - 2010-10-22 11:20 - 00000000 ____D C:\Users\Max\Documents\ArcSoft MediaConverter
2015-12-09 02:27 - 2010-10-22 11:20 - 00000000 ____D C:\Users\Max PC\AppData\Local\ArcSoft
2015-12-09 02:27 - 2010-10-18 18:46 - 00000000 ____D C:\Users\Max\Documents\gegl-0.0
2015-12-09 02:27 - 2010-10-16 19:40 - 00000000 ____D C:\Users\Max\Documents\Rainmeter
2015-12-09 02:27 - 2010-10-12 21:21 - 00000000 ____D C:\Users\Max\Podcasts
2015-12-09 02:27 - 2010-10-12 21:21 - 00000000 ____D C:\Users\Max\Documents\Media Go
2015-12-09 02:27 - 2010-09-30 14:28 - 00000000 ____D C:\Users\Max\Documents\RPGXP
2015-12-09 02:27 - 2010-08-28 19:27 - 00000000 ____D C:\Users\Max\Documents\atari
2015-12-09 02:27 - 2010-07-28 14:49 - 00000000 ____D C:\Users\Max PC\AppData\Local\CAPCOM
2015-12-09 02:27 - 2010-07-25 20:43 - 00000000 ____D C:\Users\Max\Documents\Bioshock2
2015-12-09 02:27 - 2010-07-10 17:53 - 00000000 ____D C:\Users\Max\Documents\CAPCOM
2015-12-09 02:27 - 2010-07-06 17:24 - 00000000 ____D C:\Users\Max\Documents\Disney Interactive Studios
2015-12-09 02:27 - 2010-07-05 00:14 - 00000000 ____D C:\Users\Max\Documents\Bioshock
2015-12-09 02:27 - 2010-06-28 20:48 - 00000000 ____D C:\Users\Max\Documents\Armies of Exigo
2015-12-09 02:27 - 2010-04-06 09:47 - 00000000 ____D C:\Users\Max\Documents\BFBC2
2015-12-09 02:27 - 2010-03-30 11:42 - 00000000 ____D C:\Users\Max\fontconfig
2015-12-09 02:27 - 2010-03-15 22:05 - 00000000 ____D C:\Users\Max\Documents\Ankh - Battle of the Gods
2015-12-09 02:27 - 2010-03-06 14:34 - 00000000 ____D C:\Users\Max\Documents\BioWare
2015-12-09 02:27 - 2010-02-20 21:27 - 00000000 ____D C:\Users\Max PC\AppData\Local\Divinity 2
2015-12-09 02:27 - 2010-01-30 13:34 - 00000000 ____D C:\Users\Max\Documents\Command & Conquer 3 Tiberium Wars
2015-12-09 02:27 - 2010-01-27 18:28 - 00000000 ____D C:\Users\Max PC\AppData\Local\Adobe
2015-12-09 02:27 - 2010-01-19 19:48 - 00000000 ____D C:\Users\Max PC\AppData\Local\Apps\2.0
2015-12-09 02:27 - 2009-12-28 18:17 - 00000000 ____D C:\Users\Max\Documents\NFS Most Wanted
2015-12-09 02:27 - 2009-12-16 13:56 - 00000000 ____D C:\Users\Max\Documents\Battlefield 2
2015-12-09 02:27 - 2009-12-14 15:56 - 00000000 ____D C:\Users\Max\Documents\BattleForge
2015-12-09 02:27 - 2009-12-11 22:55 - 00000000 ____D C:\Users\Max\Documents\Aspyr
2015-12-09 02:27 - 2009-12-06 17:08 - 00000000 ____D C:\Users\Max\Documents\Prince of Persia
2015-12-09 02:27 - 2009-12-05 21:41 - 00000000 ____D C:\Users\Max PC\AppData\Local\Criterion Games
2015-12-09 02:27 - 2009-12-03 20:16 - 00000000 ____D C:\Users\Max\Documents\Games for Windows - LIVE Demos
2015-12-09 02:27 - 2009-12-03 14:39 - 00000000 ____D C:\Users\Max\Documents\Eidos
2015-12-09 02:27 - 2009-12-03 14:36 - 00000000 ____D C:\Users\Max PC\AppData\Local\Downloaded Installations
2015-12-09 02:27 - 2009-11-28 22:44 - 00000000 ____D C:\Users\Max\JDownloader
2015-12-09 02:27 - 2009-11-28 19:15 - 00000000 ____D C:\Users\Max PC\AppData\Local\Fallout3
2015-12-09 02:27 - 2009-11-27 17:15 - 00000000 ____D C:\Users\Max\Documents\My Games
2015-12-09 02:27 - 2009-11-27 16:14 - 00000000 ____D C:\Users\Max\Documents\Prototype
2015-12-09 02:27 - 2009-11-27 15:26 - 00000000 ____D C:\Users\Max PC\AppData\Local\ElevatedDiagnostics
2015-12-09 02:27 - 2009-11-27 14:17 - 00000000 ____D C:\Users\Max PC\AppData\Local\ATI
2015-12-09 02:26 - 2015-10-26 10:35 - 00000000 ____D C:\Users\Der andere\Documents\my games
2015-12-09 02:26 - 2015-10-26 10:34 - 00000000 ____D C:\Users\Der andere\AppData\Local\CEF
2015-12-09 02:26 - 2015-10-26 10:33 - 00000000 ____D C:\Users\Der andere\.cisco
2015-12-09 02:26 - 2015-09-24 18:17 - 00000000 ____D C:\Users\Max\.cisco
2015-12-09 02:26 - 2015-09-24 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-12-09 02:26 - 2015-09-24 18:16 - 00000000 ____D C:\ProgramData\Cisco
2015-12-09 02:26 - 2015-09-20 01:07 - 00000000 ____D C:\ProgramData\Epic
2015-12-09 02:26 - 2015-08-19 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-09 02:26 - 2015-08-13 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-12-09 02:26 - 2015-07-28 01:59 - 00000000 ____D C:\Users\Max\AppData\Local\Apple Computer
2015-12-09 02:26 - 2015-07-08 08:11 - 00000000 ____D C:\Users\Der andere\AppData\Roaming\Mozilla
2015-12-09 02:26 - 2015-07-08 08:11 - 00000000 ____D C:\Users\Der andere\AppData\Local\Mozilla
2015-12-09 02:26 - 2015-07-08 08:05 - 00000000 ____D C:\Users\Der andere\Documents\NBGI
2015-12-09 02:26 - 2015-07-08 08:05 - 00000000 ____D C:\Users\Der andere\AppData\Local\AMD
2015-12-09 02:26 - 2015-06-25 22:34 - 00000000 ____D C:\Users\Der andere\AppData\Local\Steam
2015-12-09 02:26 - 2015-06-25 22:33 - 00000000 ____D C:\Users\Der andere\AppData\Roaming\ATI
2015-12-09 02:26 - 2015-06-25 22:33 - 00000000 ____D C:\Users\Der andere\AppData\Local\Skype
2015-12-09 02:26 - 2015-06-25 22:33 - 00000000 ____D C:\Users\Der andere\AppData\Local\ATI
2015-12-09 02:26 - 2015-06-25 22:32 - 00000000 ____D C:\Users\Der andere\Documents\Rainmeter
2015-12-09 02:26 - 2015-06-25 22:32 - 00000000 ____D C:\Users\Der andere\AppData\Roaming\Rainmeter
2015-12-09 02:26 - 2015-06-25 22:32 - 00000000 ____D C:\Users\Der andere\AppData\Local\Logitech
2015-12-09 02:26 - 2015-06-25 22:32 - 00000000 ____D C:\Users\Der andere\AppData\Local\GWX
2015-12-09 02:26 - 2015-06-25 22:31 - 00000000 ____D C:\Users\Der andere\AppData\Local\Google
2015-12-09 02:26 - 2015-06-24 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm Public Test
2015-12-09 02:26 - 2015-06-21 01:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Media
2015-12-09 02:26 - 2015-05-29 09:35 - 00000000 ____D C:\ProgramData\Dropbox
2015-12-09 02:26 - 2015-05-10 23:45 - 00000000 ____D C:\Users\Max\.ebookreader
2015-12-09 02:26 - 2015-05-10 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Ebook Reader
2015-12-09 02:26 - 2015-05-09 23:54 - 00000000 ____D C:\ProgramData\Riot Games
2015-12-09 02:26 - 2015-05-09 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-12-09 02:26 - 2015-04-16 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-09 02:26 - 2015-04-15 18:55 - 00000000 ____D C:\Users\Max\AppData\Local\238010
2015-12-09 02:26 - 2015-04-15 18:55 - 00000000 ____D C:\ProgramData\Intel
2015-12-09 02:26 - 2015-03-28 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-12-09 02:26 - 2015-03-20 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-12-09 02:26 - 2015-01-26 22:10 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-12-09 02:26 - 2015-01-03 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-12-09 02:26 - 2015-01-03 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-09 02:26 - 2014-12-12 03:07 - 00000000 ____D C:\ProgramData\NortonInstaller
2015-12-09 02:26 - 2014-11-30 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-09 02:26 - 2014-10-31 00:25 - 00000000 ____D C:\Users\Max\AppData\Local\Adobe
2015-12-09 02:26 - 2014-10-29 21:55 - 00000000 ____D C:\Users\Max\AppData\Local\Apps\2.0
2015-12-09 02:26 - 2014-10-12 23:17 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-12-09 02:26 - 2014-10-03 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2015-12-09 02:26 - 2014-08-17 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Realms
2015-12-09 02:26 - 2014-06-26 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-12-09 02:26 - 2014-06-08 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DevPro
2015-12-09 02:26 - 2014-06-08 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2015-12-09 02:26 - 2014-06-01 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-12-09 02:26 - 2014-05-10 00:17 - 00000000 ____D C:\ProgramData\PopCap Games
2015-12-09 02:26 - 2014-05-03 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dont Starve Reign of Giants
2015-12-09 02:26 - 2014-03-27 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cloudbuilt
2015-12-09 02:26 - 2014-03-18 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-12-09 02:26 - 2014-02-28 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
2015-12-09 02:26 - 2014-02-22 18:44 - 00000000 ____D C:\ProgramData\Steam
2015-12-09 02:26 - 2014-01-17 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2015-12-09 02:26 - 2014-01-13 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flying Wild Hog
2015-12-09 02:26 - 2013-12-17 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-12-09 02:26 - 2013-12-17 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-12-09 02:26 - 2013-10-24 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darkstar One
2015-12-09 02:26 - 2013-10-22 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tivola
2015-12-09 02:26 - 2013-10-21 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terzio
2015-12-09 02:26 - 2013-10-20 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cloud
2015-12-09 02:26 - 2013-09-28 12:11 - 00000000 ____D C:\Users\Max\.android
2015-12-09 02:26 - 2013-09-27 16:10 - 00000000 ____D C:\ProgramData\Solid State Networks
2015-12-09 02:26 - 2013-09-01 20:18 - 00000000 ____D C:\ProgramData\EA Logs
2015-12-09 02:26 - 2013-08-28 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-09 02:26 - 2013-07-19 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-12-09 02:26 - 2013-05-15 18:56 - 00000000 ____D C:\ProgramData\XBlades
2015-12-09 02:26 - 2013-05-06 03:59 - 00000000 ____D C:\ProgramData\Orbit
2015-12-09 02:26 - 2013-02-24 20:52 - 00000000 ____D C:\ProgramData\TERA
2015-12-09 02:26 - 2013-02-24 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
2015-12-09 02:26 - 2012-12-28 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonica
2015-12-09 02:26 - 2012-10-08 16:33 - 00000000 ____D C:\ProgramData\RELOADED
2015-12-09 02:26 - 2012-09-21 21:43 - 00000000 ____D C:\Users\Max\4.0
2015-12-09 02:26 - 2012-09-21 21:43 - 00000000 ____D C:\Users\Max\.tfo4
2015-12-09 02:26 - 2012-09-03 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CBR Reader
2015-12-09 02:26 - 2012-08-10 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
2015-12-09 02:26 - 2012-05-28 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamCatcher
2015-12-09 02:26 - 2012-05-15 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2015-12-09 02:26 - 2012-04-26 15:06 - 00000000 ____D C:\ProgramData\Mozilla
2015-12-09 02:26 - 2012-04-22 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2015-12-09 02:26 - 2012-04-02 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-12-09 02:26 - 2012-04-02 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2015-12-09 02:26 - 2012-03-25 16:14 - 00000000 ____D C:\Users\Max\.VirtualBox
2015-12-09 02:26 - 2012-03-14 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GLtron
2015-12-09 02:26 - 2012-02-22 15:22 - 00000000 ____D C:\ProgramData\Origin
2015-12-09 02:26 - 2012-02-19 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr
2015-12-09 02:26 - 2012-02-01 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grandy Games
2015-12-09 02:26 - 2012-01-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-12-09 02:26 - 2011-12-31 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2015-12-09 02:26 - 2011-11-28 23:56 - 00000000 ____D C:\ProgramData\Ubisoft
2015-12-09 02:26 - 2011-11-28 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hulumuluch
2015-12-09 02:26 - 2011-11-15 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trine
2015-12-09 02:26 - 2011-10-30 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-12-09 02:26 - 2011-10-11 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
2015-12-09 02:26 - 2011-09-24 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-09 02:26 - 2011-08-24 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-12-09 02:26 - 2011-08-22 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-12-09 02:26 - 2011-08-20 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuxGuitar 1.2
2015-12-09 02:26 - 2011-08-17 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeLeft 3
2015-12-09 02:26 - 2011-08-13 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2015-12-09 02:26 - 2011-08-13 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prey
2015-12-09 02:26 - 2011-08-09 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nordschlacht Privatserver
2015-12-09 02:26 - 2011-08-03 02:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\id Software
2015-12-09 02:26 - 2011-07-26 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-12-09 02:26 - 2011-07-09 15:40 - 00000000 ____D C:\Users\Max\AppData\Local\AaaaaRecklessDisregard
2015-12-09 02:26 - 2011-07-07 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neodrome
2015-12-09 02:26 - 2011-06-24 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-12-09 02:26 - 2011-06-14 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-09 02:26 - 2011-06-14 15:38 - 00000000 ____D C:\ProgramData\LogiShrd
2015-12-09 02:26 - 2011-05-27 18:10 - 00000000 __SHD C:\ProgramData\SecuROM
2015-12-09 02:26 - 2011-05-22 20:22 - 00000000 ____D C:\Users\Max\.jnlp-applet
2015-12-09 02:26 - 2011-05-14 21:57 - 00000000 ____D C:\Users\Max\AppData\Local\AMD
2015-12-09 02:26 - 2011-05-13 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VU Games
2015-12-09 02:26 - 2011-05-13 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dynamix
2015-12-09 02:26 - 2011-05-08 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2015-12-09 02:26 - 2011-05-06 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-12-09 02:26 - 2011-04-11 15:32 - 00000000 ____D C:\ProgramData\Nexon
2015-12-09 02:26 - 2011-04-01 19:55 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-12-09 02:26 - 2011-04-01 19:55 - 00000000 ____D C:\ProgramData\EA Core
2015-12-09 02:26 - 2011-04-01 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RedEclipse
2015-12-09 02:26 - 2011-03-11 22:55 - 00000000 ____D C:\ProgramData\DivX
2015-12-09 02:26 - 2011-02-07 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter
2015-12-09 02:26 - 2011-01-22 12:06 - 00000000 ____D C:\ProgramData\SanDisk
2015-12-09 02:26 - 2011-01-19 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
2015-12-09 02:26 - 2011-01-19 14:38 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-12-09 02:26 - 2011-01-16 00:26 - 00000000 ____D C:\Users\Max\AppData\Local\4A Games
2015-12-09 02:26 - 2011-01-14 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpellForce
2015-12-09 02:26 - 2011-01-14 16:30 - 00000000 ____D C:\ProgramData\Media Center Programs
2015-12-09 02:26 - 2011-01-14 16:30 - 00000000 ____D C:\ProgramData\InstallShield
2015-12-09 02:26 - 2011-01-03 22:51 - 00000000 ____D C:\ProgramData\Tunngle
2015-12-09 02:26 - 2011-01-03 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Singularity(TM)
2015-12-09 02:26 - 2011-01-01 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2015-12-09 02:26 - 2011-01-01 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sunflowers
2015-12-09 02:26 - 2011-01-01 14:24 - 00000000 ____D C:\ProgramData\SpieleEntwicklungsKombinat
2015-12-09 02:26 - 2011-01-01 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004
2015-12-09 02:26 - 2010-12-31 23:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2015-12-09 02:26 - 2010-12-28 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
2015-12-09 02:26 - 2010-12-28 01:13 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2015-12-09 02:26 - 2010-12-28 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-12-09 02:26 - 2010-12-28 00:32 - 00000000 ____D C:\ProgramData\Sun
2015-12-09 02:26 - 2010-12-28 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-12-09 02:26 - 2010-12-27 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evil Player
2015-12-09 02:26 - 2010-12-27 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Extractor
2015-12-09 02:26 - 2010-12-27 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-09 02:26 - 2010-12-27 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © Version 2009.bld.36 (June 10, 2009)
2015-12-09 02:26 - 2010-12-27 22:41 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-12-09 02:26 - 2010-12-27 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
2015-12-09 02:26 - 2010-12-27 22:34 - 00000000 ____D C:\ProgramData\Skype
2015-12-09 02:26 - 2010-12-27 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IZArc
2015-12-09 02:26 - 2010-12-27 22:13 - 00000000 ____D C:\Users\Max\AppData\Local\ATI
2015-12-09 02:26 - 2010-12-27 21:55 - 00000000 ____D C:\Users\Der andere\AppData\Roaming\Media Center Programs
2015-12-09 02:26 - 2010-12-27 21:55 - 00000000 ____D C:\Users\Der andere\AppData\Local\VirtualStore
2015-12-09 02:26 - 2010-12-27 21:55 - 00000000 ____D C:\Users\Der andere
2015-12-09 02:26 - 2010-12-27 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Gate
2015-12-09 02:26 - 2010-12-27 19:28 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Macromedia
2015-12-09 02:26 - 2010-12-27 19:28 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Adobe
2015-12-09 02:26 - 2010-12-27 19:26 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Skype
2015-12-09 02:26 - 2010-12-27 19:25 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Mozilla
2015-12-09 02:26 - 2010-12-27 19:25 - 00000000 ____D C:\Users\Georg\AppData\Local\Mozilla
2015-12-09 02:26 - 2010-12-27 18:53 - 00000000 ____D C:\Users\Georg\Documents\Rainmeter
2015-12-09 02:26 - 2010-12-27 18:53 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Rainmeter
2015-12-09 02:26 - 2010-10-20 23:35 - 00000000 ____D C:\Users\Max\.jajuk
2015-12-09 02:26 - 2010-10-18 18:48 - 00000000 ____D C:\Users\Max\.thumbnails
2015-12-09 02:26 - 2010-04-01 15:28 - 00000000 ____D C:\Users\Max\.dvdcss
2015-12-09 02:26 - 2010-03-30 11:42 - 00000000 ____D C:\Users\Max\.smplayer
2015-12-09 02:26 - 2010-02-01 14:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-09 02:26 - 2010-02-01 14:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-09 02:26 - 2010-01-29 20:34 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Media Center Programs
2015-12-09 02:26 - 2010-01-29 20:34 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Malwarebytes
2015-12-09 02:26 - 2010-01-29 20:34 - 00000000 ____D C:\Users\Georg\AppData\Roaming\ATI
2015-12-09 02:26 - 2010-01-29 20:34 - 00000000 ____D C:\Users\Georg\AppData\Local\ATI
2015-12-09 02:26 - 2010-01-29 20:34 - 00000000 ____D C:\Users\Georg
2015-12-09 02:26 - 2009-07-14 19:18 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-12-09 02:26 - 2009-07-14 19:18 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-12-09 02:26 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-09 02:23 - 2015-10-13 14:04 - 00013742 _____ C:\Users\Max\TANs.pdf.vvv
2015-12-09 02:23 - 2010-12-25 22:09 - 00000446 _____ C:\Users\Max\readme.txt.vvv
2015-12-09 02:22 - 2015-09-01 00:50 - 00293646 _____ C:\Users\Max\Downloads\semester_fhkoeln_wi_2015.pdf.vvv
2015-12-09 02:22 - 2015-06-18 12:08 - 00106014 _____ C:\Users\Max\Downloads\SAM_Bescheinigung.pdf.vvv
2015-12-09 02:22 - 2015-03-13 22:46 - 00901566 _____ C:\Users\Max\Downloads\todesritter.png.vvv
2015-12-09 02:22 - 2015-03-06 15:33 - 00463326 _____ C:\Users\Max\Downloads\SDL2-2.0.3-win32-x64.zip.vvv
2015-12-09 02:22 - 2015-01-03 17:47 - 03915502 _____ C:\Users\Max\Downloads\rcsetup151.zip.vvv
2015-12-09 02:22 - 2014-08-30 02:48 - 08099198 _____ C:\Users\Max\Downloads\teeworlds-0.6.2-win64.zip.vvv
2015-12-09 02:22 - 2014-08-18 01:51 - 03463358 _____ C:\Users\Max\Downloads\testdisk-7.0-WIP.win.zip.vvv
2015-12-09 02:22 - 2014-01-10 02:25 - 23043374 _____ C:\Users\Max\Downloads\Sapphically Inclined.zip.vvv
2015-12-09 02:22 - 2013-10-14 00:13 - 00888190 _____ C:\Users\Max\Downloads\zsnesw151.zip.vvv
2015-12-09 02:22 - 2013-10-14 00:09 - 01575886 _____ C:\Users\Max\Downloads\Super Metroid.zip.vvv
2015-12-09 02:22 - 2013-09-28 11:53 - 45850158 _____ C:\Users\Max\Downloads\URP_3.36.rar.vvv
2015-12-09 02:22 - 2013-06-04 19:02 - 32263006 _____ C:\Users\Max\Downloads\superpandaDEMO.zip.vvv
2015-12-09 02:22 - 2013-05-27 14:54 - 53197518 _____ C:\Users\Max\Downloads\zineth_0_24.zip.vvv
2015-12-09 02:22 - 2013-03-21 20:58 - 00329454 _____ C:\Users\Max\Downloads\wien fotoprofil.pdf.vvv
2015-12-09 02:22 - 2013-02-14 23:14 - 04090350 _____ C:\Users\Max\Downloads\TOB_7329.jpg.vvv
2015-12-09 02:22 - 2012-10-26 00:09 - 36194590 _____ C:\Users\Max\Downloads\Vvvvvv.rar.vvv
2015-12-09 02:22 - 2012-10-20 18:02 - 45559806 _____ C:\Users\Max\Downloads\[Pixiv] -Artist- Tat.zip.vvv
2015-12-09 02:22 - 2012-02-17 01:49 - 00000590 _____ C:\Users\Max\Downloads\wot_pref.zip.vvv
2015-12-09 02:22 - 2012-02-14 15:26 - 98773854 _____ C:\Users\Max\Downloads\Valentines Day.zip.vvv
2015-12-09 02:22 - 2011-08-26 02:20 - 00745582 _____ C:\Users\Max\Downloads\torero.jpg.vvv
2015-12-09 02:22 - 2011-08-24 16:33 - 06210558 _____ C:\Users\Max\Downloads\Terraria_1.0.4.rar.vvv
2015-12-09 02:22 - 2011-08-24 16:20 - 13053742 _____ C:\Users\Max\Downloads\Terraria.rar.vvv
2015-12-09 02:22 - 2011-05-23 23:32 - 11046078 _____ C:\Users\Max\Downloads\safis19.rar.vvv
2015-12-09 02:22 - 2011-05-21 18:37 - 11721294 _____ C:\Users\Max\Downloads\SuperHottiess.avi.vvv
2015-12-09 02:22 - 2011-05-21 18:35 - 11459422 _____ C:\Users\Max\Downloads\TE.rar.vvv
2015-12-09 02:22 - 2011-04-18 18:10 - 07524126 _____ C:\Users\Max\Downloads\Ultimate_Touhou_v2.1.rar.vvv
2015-12-09 02:22 - 2011-02-04 15:06 - 00319118 _____ C:\Users\Max\Downloads\zzz.jpg.vvv
2015-12-09 02:22 - 2011-02-04 15:05 - 01766398 _____ C:\Users\Max\Downloads\zz_4.jpg.vvv
2015-12-09 02:22 - 2011-02-04 15:05 - 01346094 _____ C:\Users\Max\Downloads\zz_3.jpg.vvv
2015-12-09 02:22 - 2010-12-24 14:21 - 69578702 _____ C:\Users\Max\Downloads\Random Cute Girl Wallpaper Pack 5.rar.vvv
2015-12-09 02:22 - 2010-12-17 21:33 - 66392846 _____ C:\Users\Max\Downloads\v8700a_20100923.zip.vvv
2015-12-09 02:22 - 2010-10-16 19:07 - 00840350 _____ C:\Users\Max\Downloads\Win_Squared_7_Blend__V2_0_by_Taichou_Henk.rar.vvv
2015-12-09 02:22 - 2010-07-29 21:20 - 16407550 _____ C:\Users\Max\Downloads\[flash]Takotsubo.zip.vvv
2015-12-09 02:22 - 2010-01-23 19:35 - 16258734 _____ C:\Users\Max\Downloads\Tekkaman - In Flames - Clayman.mp4.vvv
2015-12-09 02:22 - 2010-01-23 19:18 - 00505854 _____ C:\Users\Max\Downloads\xvi32.zip.vvv
2015-12-09 02:22 - 2010-01-23 13:37 - 11082942 _____ C:\Users\Max\Downloads\Rip Slyme - Super Shooter.mp4.vvv
2015-12-09 02:22 - 2009-12-05 17:01 - 00174222 _____ C:\Users\Max\Downloads\Super_Nova_-_Space_Art.jpg.vvv
2015-12-09 02:22 - 2009-12-05 16:38 - 00146670 _____ C:\Users\Max\Downloads\royo-4.jpg.vvv
2015-12-09 02:22 - 2009-07-14 03:34 - 00000414 _____ C:\Windows\win.ini
2015-12-09 02:21 - 2015-10-23 17:55 - 00015902 _____ C:\Users\Max\Downloads\Dokument1.docx.vvv
2015-12-09 02:21 - 2015-09-16 00:11 - 23468126 _____ C:\Users\Max\Downloads\MOBDprototypeWINv2.zip.vvv
2015-12-09 02:21 - 2015-09-13 13:43 - 00000462 _____ C:\Users\Max\Downloads\ocremix.mp3.m3u.vvv
2015-12-09 02:21 - 2015-08-21 19:31 - 00426190 _____ C:\Users\Max\Downloads\LeagueOfLegends_62_1920x1080.png.vvv
2015-12-09 02:21 - 2015-07-21 23:38 - 00161022 _____ C:\Users\Max\Downloads\Invalid.jpg.vvv
2015-12-09 02:21 - 2015-07-02 09:37 - 00039806 _____ C:\Users\Max\Downloads\FHKMerkblattEinschreibung.pdf.vvv
2015-12-09 02:21 - 2015-06-30 13:50 - 00126686 _____ C:\Users\Max\Downloads\IGBCE-Kuendigungsschreiben-PDF.pdf.vvv
2015-12-09 02:21 - 2015-06-30 13:49 - 00015582 _____ C:\Users\Max\Downloads\IGBCE-Kuendigungsschreiben-Word.docx.vvv
2015-12-09 02:21 - 2015-06-30 08:59 - 00134958 _____ C:\Users\Max\Downloads\FHKZulassungsbescheid.pdf.vvv
2015-12-09 02:21 - 2015-04-26 21:45 - 00122574 _____ C:\Users\Max\Downloads\MWr84hp.png.vvv
2015-12-09 02:21 - 2015-03-15 00:25 - 00512190 _____ C:\Users\Max\Downloads\openhardwaremonitor-v0.7.1-beta.zip.vvv
2015-12-09 02:21 - 2015-03-10 14:47 - 00905966 _____ C:\Users\Max\Downloads\document.pdf.vvv
2015-12-09 02:21 - 2015-03-06 15:21 - 62024542 _____ C:\Users\Max\Downloads\Physikus.part2.rar.vvv
2015-12-09 02:21 - 2015-02-12 15:52 - 00879262 _____ C:\Users\Max\Downloads\onkyo_a-35_sm.pdf.vvv
2015-12-09 02:21 - 2015-01-28 00:15 - 02046910 _____ C:\Users\Max\Downloads\nethack-343-win.zip.vvv
2015-12-09 02:21 - 2014-10-29 21:53 - 01956014 _____ C:\Users\Max\Downloads\DBM-Core-6.0.4.zip.vvv
2015-12-09 02:21 - 2014-09-09 19:39 - 00712078 _____ C:\Users\Max\Downloads\pbsetup(1).zip.vvv
2015-12-09 02:21 - 2014-05-10 14:26 - 03021246 _____ C:\Users\Max\Downloads\IMG_4435.JPG.vvv
2015-12-09 02:21 - 2014-01-23 13:42 - 44770046 _____ C:\Users\Max\Downloads\fractron9000src-0.4.beta.zip.vvv
2015-12-09 02:21 - 2013-11-06 22:59 - 00714622 _____ C:\Users\Max\Downloads\pbsetup.zip.vvv
2015-12-09 02:21 - 2013-10-30 23:43 - 36001230 _____ C:\Users\Max\Downloads\MOABD_PrinceOfArcade.zip.vvv
2015-12-09 02:21 - 2013-09-04 19:46 - 46694446 _____ C:\Users\Max\Downloads\fzm9g-thir.part2.rar.vvv
2015-12-09 02:21 - 2012-10-28 01:26 - 25959982 _____ C:\Users\Max\Downloads\heyeup1andlrld.part3.rar.vvv
2015-12-09 02:21 - 2012-10-08 20:54 - 22764750 _____ C:\Users\Max\Downloads\Paper Mario.zip.vvv
2015-12-09 02:21 - 2012-09-23 17:40 - 10861726 _____ C:\Users\Max\Downloads\CryptLoad_1.1.8.rar.vvv
2015-12-09 02:21 - 2012-07-02 23:57 - 00000590 _____ C:\Users\Max\Downloads\njbj_savedata.sav.vvv
2015-12-09 02:21 - 2012-06-30 01:17 - 03179966 _____ C:\Users\Max\Downloads\mylockbox_setup.zip.vvv
2015-12-09 02:21 - 2012-06-23 23:31 - 16249422 _____ C:\Users\Max\Downloads\cube_the_game.zip.vvv
2015-12-09 02:21 - 2012-06-23 23:09 - 02893038 _____ C:\Users\Max\Downloads\FateOfMankindFix.zip.vvv
2015-12-09 02:21 - 2012-06-16 15:34 - 00439294 _____ C:\Users\Max\Downloads\Metal-vs-Hip-Hop BIG.jpg.vvv
2015-12-09 02:21 - 2012-05-30 15:15 - 00027566 _____ C:\Users\Max\Downloads\Max.doc.vvv
2015-12-09 02:21 - 2012-03-14 14:40 - 05229054 _____ C:\Users\Max\Downloads\mari0-win.zip.vvv
2015-12-09 02:21 - 2012-02-13 16:16 - 02214830 _____ C:\Users\Max\Downloads\DoboeChet,TheBasicsOfHandDevelopment(Druckversion).doc.vvv
2015-12-09 02:21 - 2012-01-22 21:07 - 12821774 _____ C:\Users\Max\Downloads\Der halbe Prinz - Kapitel 18 [Manga-Scouts].rar.vvv
2015-12-09 02:21 - 2011-12-16 16:56 - 04445470 _____ C:\Users\Max\Downloads\Project64k_v0.33.rar.vvv
2015-12-09 02:21 - 2011-11-08 01:07 - 07046574 _____ C:\Users\Max\Downloads\Modell der europäischen Stadt.ppt.vvv
2015-12-09 02:21 - 2011-11-04 01:47 - 08139998 _____ C:\Users\Max\Downloads\r01novba3muwiorinrzr.rar.vvv
2015-12-09 02:21 - 2011-10-24 00:05 - 00021134 _____ C:\Users\Max\Downloads\game.of.thrones.(2011).ger.1cd.(4255690).zip.vvv
2015-12-09 02:21 - 2011-09-20 12:18 - 00832734 _____ C:\Users\Max\Downloads\r07deisgesufoup1gw.rar.vvv
2015-12-09 02:21 - 2011-08-22 01:12 - 01830302 _____ C:\Users\Max\Downloads\ProcessExplorer.zip.vvv
2015-12-09 02:21 - 2011-06-26 20:20 - 19077678 _____ C:\Users\Max\Downloads\GEN_Issue_01.pdf.vvv
2015-12-09 02:21 - 2011-06-05 23:00 - 34945358 _____ C:\Users\Max\Downloads\holly_deepthroat.mp4.vvv
2015-12-09 02:21 - 2011-05-21 19:54 - 266377390 _____ C:\Users\Max\Downloads\Cute_teenies.rar.vvv
2015-12-09 02:21 - 2011-05-21 19:38 - 41247118 _____ C:\Users\Max\Downloads\OlgaMaklakova-3316.rar.vvv
2015-12-09 02:21 - 2011-05-21 19:32 - 56561742 _____ C:\Users\Max\Downloads\nenita_18yr.rar.vvv
2015-12-09 02:21 - 2011-05-09 21:28 - 56605262 _____ C:\Users\Max\Downloads\fade - Kings of Dawn.rar.vvv
2015-12-09 02:21 - 2011-02-16 21:07 - 00021726 _____ C:\Users\Max\Downloads\Mail0008.PDF.vvv
2015-12-09 02:21 - 2010-12-13 23:03 - 16153950 _____ C:\Users\Max\Downloads\PsyS__Hidan_no_Aria_05_al.zip.vvv
2015-12-09 02:21 - 2010-11-20 00:03 - 00877038 _____ C:\Users\Max\Downloads\MMCE_Win32.zip.vvv
2015-12-09 02:21 - 2010-11-19 14:57 - 03040318 _____ C:\Users\Max\Downloads\Kimi_ni_Todoke_v_10.rar.vvv
2015-12-09 02:21 - 2010-11-10 15:26 - 01130238 _____ C:\Users\Max\Downloads\Foto(2).JPG.vvv
2015-12-09 02:21 - 2010-11-10 15:26 - 01017886 _____ C:\Users\Max\Downloads\Foto.JPG.vvv
2015-12-09 02:21 - 2010-09-25 18:03 - 136025230 _____ C:\Users\Max\Downloads\Legend of Queen Opala - Golden Edition.rar.vvv
2015-12-09 02:21 - 2010-07-31 20:37 - 00342494 _____ C:\Users\Max\Downloads\Music_for_my_eyes_by_ei_en.jpg.vvv
2015-12-09 02:21 - 2010-07-29 13:28 - 00018382 ___SH C:\Users\Max\Downloads\Folder.jpg.vvv
2015-12-09 02:21 - 2010-07-06 19:13 - 00032238 _____ C:\Users\Max\Downloads\Gewinnspiel_Geschichten.txt.vvv
2015-12-09 02:21 - 2010-05-19 15:29 - 27730782 _____ C:\Users\Max\Downloads\ichmagpudding.rar.vvv
2015-12-09 02:21 - 2010-05-16 20:23 - 00438654 _____ C:\Users\Max\Downloads\original1.jpg.vvv
2015-12-09 02:21 - 2010-05-16 20:23 - 00366158 _____ C:\Users\Max\Downloads\original.jpg.vvv
2015-12-09 02:21 - 2010-03-31 18:40 - 15094862 _____ C:\Users\Max\Downloads\Frei.Wild - Der Tod er holt uns alle.mp4.vvv
2015-12-09 02:21 - 2010-03-31 18:38 - 61864462 _____ C:\Users\Max\Downloads\Frei.Wild - Das Land der Vollidioten 2009 (Offizielles Video).mp4.vvv
2015-12-09 02:21 - 2010-03-17 22:26 - 11097086 _____ C:\Users\Max\Downloads\Ensiferum Lady in Black.mp4.vvv
2015-12-09 02:21 - 2010-02-17 13:41 - 13574350 _____ C:\Users\Max\Downloads\In Extremo - Villeman og Magnhild.mp4.vvv
2015-12-09 02:21 - 2010-02-17 13:39 - 68251054 _____ C:\Users\Max\Downloads\MILK_PLANT_Battle_Girl_2.rar.vvv
2015-12-09 02:21 - 2010-01-27 15:27 - 05236750 _____ C:\Users\Max\Downloads\Kleiner bass test _).mp4.vvv
2015-12-09 02:21 - 2010-01-25 16:46 - 17793038 _____ C:\Users\Max\Downloads\In Flames - Free Fall.mp4.vvv
2015-12-09 02:21 - 2010-01-24 21:56 - 19743982 _____ C:\Users\Max\Downloads\Hiratsura Masaru-Tsuki Sekai Ryokou(Combat MonMon).rar.vvv
2015-12-09 02:21 - 2010-01-23 19:28 - 18425790 _____ C:\Users\Max\Downloads\In Flames - Biosphere.mp4.vvv
2015-12-09 02:21 - 2010-01-23 19:24 - 13095598 _____ C:\Users\Max\Downloads\IN FLAMES - Cloud Connected.mp4.vvv
2015-12-09 02:21 - 2010-01-23 19:11 - 09928062 _____ C:\Users\Max\Downloads\IN FLAMES - The Quiet Place.mp4.vvv
2015-12-09 02:21 - 2010-01-23 19:06 - 14963934 _____ C:\Users\Max\Downloads\In Flames - Behind Space.mp4.vvv
2015-12-09 02:21 - 2010-01-23 19:01 - 21981454 _____ C:\Users\Max\Downloads\In Flames - Colony.mp4.vvv
2015-12-09 02:21 - 2010-01-23 18:53 - 10096254 _____ C:\Users\Max\Downloads\In Flames - Moonshield.mp4.vvv
2015-12-09 02:21 - 2010-01-23 14:15 - 11445966 _____ C:\Users\Max\Downloads\In Flames - Pinball Map.mp4.vvv
2015-12-09 02:21 - 2010-01-23 14:04 - 16120958 _____ C:\Users\Max\Downloads\In Flames - Bullet Ride..mp4.vvv
2015-12-09 02:21 - 2010-01-23 13:56 - 13626062 _____ C:\Users\Max\Downloads\In Flames - My Sweet Shadow.mp4.vvv
2015-12-09 02:21 - 2010-01-23 13:47 - 12264318 _____ C:\Users\Max\Downloads\IN FLAMES - Take This Life.mp4.vvv
2015-12-09 02:21 - 2010-01-23 13:44 - 12128670 _____ C:\Users\Max\Downloads\PAIN - Shut your mouth.mp4.vvv
2015-12-09 02:21 - 2010-01-23 13:41 - 10304542 _____ C:\Users\Max\Downloads\IN FLAMES - The Mirrors Truth.mp4.vvv
2015-12-09 02:21 - 2010-01-21 15:30 - 00600334 _____ C:\Users\Max\Downloads\LLWin-patch307.zip.vvv
2015-12-09 02:21 - 2010-01-14 21:59 - 07252030 _____ C:\Users\Max\Downloads\In Flames The Jester Race.mp4.vvv
2015-12-09 02:21 - 2009-12-18 22:26 - 00462302 _____ C:\Users\Max\Downloads\moe 72600 sample.jpg.vvv
2015-12-09 02:21 - 2009-12-05 17:05 - 00206670 _____ C:\Users\Max\Downloads\Nerves_-_Mod.jpg.vvv
2015-12-09 02:21 - 2009-12-05 17:04 - 00185774 _____ C:\Users\Max\Downloads\Outside.jpg.vvv
2015-12-09 02:21 - 2009-12-05 17:03 - 00102766 _____ C:\Users\Max\Downloads\lights_Cubes.jpg.vvv
2015-12-09 02:21 - 2009-12-05 17:02 - 00079374 _____ C:\Users\Max\Downloads\Organic_Way.jpg.vvv
2015-12-09 02:21 - 2009-12-05 16:56 - 00172110 _____ C:\Users\Max\Downloads\Deadly_Deep.jpg.vvv
2015-12-09 02:18 - 2015-10-13 14:01 - 00006862 _____ C:\Users\Max\Downloads\AD6242102060158B0B40412D290FBDD9.pdf.vvv
2015-12-09 02:18 - 2015-09-16 21:23 - 00120206 _____ C:\Users\Max\Downloads\3. Tag Erstsemesterprojekt OT, 16.09.15, Bodo Straus.odt.vvv
2015-12-09 02:18 - 2015-06-30 10:38 - 00038686 _____ C:\Users\Max\Downloads\baet-_praktikantenordnung-juli-2013.pdf.vvv
2015-12-09 02:18 - 2015-05-29 16:56 - 00010670 _____ C:\Users\Max\Downloads\Bewerbungen Max.xls.vvv
2015-12-09 02:18 - 2015-05-27 17:06 - 00007502 _____ C:\Users\Max\Downloads\Bewerbungen Max.xlsx.vvv
2015-12-09 02:18 - 2015-05-19 00:54 - 00017102 _____ C:\Users\Max\Downloads\Bewerbungen Max.ods.vvv
2015-12-09 02:18 - 2014-09-28 12:44 - 13459518 _____ C:\Users\Max\Downloads\60fpswallpapers.zip.vvv
2015-12-09 02:18 - 2013-07-15 19:42 - 05314430 _____ C:\Users\Max\Downloads\1678 - Pokemon Feuerrote (G)(Rising Sun).zip.vvv
2015-12-09 02:18 - 2013-07-03 12:32 - 00036142 _____ C:\Users\Max\Downloads\Bewerbungsbogen-Freiwilligendienst.pdf.vvv
2015-12-09 02:18 - 2013-03-09 20:30 - 00000462 _____ C:\Users\Max\Downloads\85743d003d78720dcc746a39e4ae6c94.txt.vvv
2015-12-09 02:18 - 2012-08-17 14:07 - 13443054 _____ C:\Users\Max\Downloads\b17augdasiiiup1ski.rar.vvv
2015-12-09 02:18 - 2012-08-02 22:56 - 17843742 _____ C:\Users\Max\Downloads\b30julupdprocrp2ski.rar.vvv
2015-12-09 02:18 - 2012-07-04 21:11 - 00210574 _____ C:\Users\Max\Downloads\4681109_700b.jpg.vvv
2015-12-09 02:18 - 2012-04-22 14:36 - 36554942 _____ C:\Users\Max\Downloads\Allumage.rar.vvv
2015-12-09 02:18 - 2011-08-16 13:14 - 31126462 _____ C:\Users\Max\Downloads\6305_Vista_Win7_PG537.zip.vvv
2015-12-09 02:18 - 2010-12-18 01:09 - 38285614 _____ C:\Users\Max\Downloads\blaablubDL.zip.vvv
2015-12-09 02:18 - 2010-11-16 22:04 - 29860814 _____ C:\Users\Max\Downloads\bozziowackerman2.mov.vvv
2015-12-09 02:18 - 2010-11-16 22:04 - 29811086 _____ C:\Users\Max\Downloads\bozziowackerman3.mov.vvv
2015-12-09 02:18 - 2010-11-16 22:04 - 16706974 _____ C:\Users\Max\Downloads\bozziowackerman1.mov.vvv
2015-12-09 02:18 - 2010-07-29 13:28 - 00005246 ___SH C:\Users\Max\Downloads\AlbumArtSmall.jpg.vvv
2015-12-09 02:18 - 2010-01-27 15:32 - 12276478 _____ C:\Users\Max\Downloads\Bass Test _ Subwoofer Test 3.flv.vvv
2015-12-09 02:18 - 2009-12-05 17:15 - 00230654 _____ C:\Users\Max\Downloads\Assault.jpg.vvv
2015-12-09 02:18 - 2009-12-05 17:14 - 00192926 _____ C:\Users\Max\Downloads\Bio.jpg.vvv
2015-12-09 02:18 - 2009-12-05 17:00 - 00082046 _____ C:\Users\Max\Downloads\Black_desert.jpg.vvv
2015-12-09 02:17 - 2015-04-02 21:17 - 00058078 _____ C:\Users\Max\Documents\ts3_clientui-win64-1407159763-2015-04-02 22_17_58.089858.dmp.vvv
2015-12-09 02:17 - 2013-12-31 19:30 - 00066526 _____ C:\Users\Max\Documents\ts3_clientui-win64-1382530211-2013-12-31 19_30_39.697480.dmp.vvv
2015-12-09 02:17 - 2012-06-02 19:43 - 00309774 _____ C:\Users\Max\Documents\ts3_clientui-win64-1334913258-2012-06-02 20_43_47.519582.dmp.vvv
2015-12-09 02:17 - 2012-06-02 19:39 - 00298702 _____ C:\Users\Max\Documents\ts3_clientui-win64-1334913258-2012-06-02 20_39_55.927135.dmp.vvv
2015-12-09 02:17 - 2011-12-31 15:39 - 00443390 _____ C:\Users\Max\Downloads\1024-768-76677.jpg.vvv
2015-12-09 02:17 - 2011-03-18 14:59 - 02226126 _____ C:\Users\Max\Downloads\00dfa5467c8f3fac74cbc55a9c0d6d32.jpg.vvv
2015-12-09 02:17 - 2011-01-15 23:51 - 85977470 _____ C:\Users\Max\Downloads\04seome33up2ski.rar.vvv
2015-12-09 02:17 - 2010-11-29 15:39 - 00194046 _____ C:\Users\Max\Documents\Yuva (früh).jpg.vvv
2015-12-09 02:17 - 2010-11-29 15:39 - 00192334 _____ C:\Users\Max\Documents\Septua.jpg.vvv
2015-12-09 02:17 - 2010-11-29 15:39 - 00192158 _____ C:\Users\Max\Documents\Yuva (spät).jpg.vvv
2015-12-09 02:17 - 2010-11-24 22:26 - 00149070 _____ C:\Users\Max\Documents\Unbenannt.wma.vvv
2015-12-09 02:17 - 2010-07-16 14:31 - 00348510 _____ C:\Users\Max\Downloads\1278887015208.jpg.vvv
2015-12-09 02:17 - 2010-07-16 14:31 - 00190318 _____ C:\Users\Max\Downloads\1278855702907.jpg.vvv
2015-12-09 02:17 - 2010-07-16 14:26 - 01623774 _____ C:\Users\Max\Downloads\1278884379012.jpg.vvv
2015-12-09 02:17 - 2010-07-16 14:24 - 00841358 _____ C:\Users\Max\Downloads\1279243522024.jpg.vvv
2015-12-09 02:17 - 2010-07-16 14:11 - 00340238 _____ C:\Users\Max\Downloads\1279170112487.jpg.vvv
2015-12-09 02:17 - 2010-07-16 14:03 - 02881566 _____ C:\Users\Max\Downloads\1279074893122.png.vvv
2015-12-09 02:17 - 2010-07-16 14:03 - 00282174 _____ C:\Users\Max\Downloads\1279068861250.jpg.vvv
2015-12-09 02:17 - 2010-07-16 14:02 - 00469678 _____ C:\Users\Max\Downloads\1279066994291.jpg.vvv
2015-12-09 02:17 - 2010-07-16 14:02 - 00433806 _____ C:\Users\Max\Downloads\1278780025592.jpg.vvv
2015-12-09 02:17 - 2010-03-05 22:25 - 00266510 _____ C:\Users\Max\Downloads\1267011018023.jpg.vvv
2015-12-09 02:17 - 2010-03-05 22:10 - 00820382 _____ C:\Users\Max\Downloads\1267587722691.jpg.vvv
2015-12-09 02:17 - 2010-03-05 20:59 - 01673038 _____ C:\Users\Max\Downloads\1267318228646.jpg.vvv
2015-12-09 02:17 - 2010-01-19 21:46 - 00762334 _____ C:\Users\Max\Downloads\126350535632.jpg.vvv
2015-12-09 02:17 - 2010-01-19 21:45 - 00063774 _____ C:\Users\Max\Downloads\126100107795.jpg.vvv
2015-12-09 02:17 - 2010-01-19 21:44 - 00176862 _____ C:\Users\Max\Downloads\126108192253.jpg.vvv
2015-12-09 02:17 - 2010-01-19 21:43 - 00929630 _____ C:\Users\Max\Downloads\126022671835.jpg.vvv
2015-12-09 02:17 - 2010-01-19 21:43 - 00736958 _____ C:\Users\Max\Downloads\12602271353.jpg.vvv
2015-12-09 02:17 - 2010-01-19 21:41 - 01648382 _____ C:\Users\Max\Downloads\126291425737.jpg.vvv
2015-12-09 02:17 - 2010-01-19 21:39 - 00675646 _____ C:\Users\Max\Downloads\126375521450.jpg.vvv
2015-12-09 02:17 - 2010-01-19 21:37 - 00265998 _____ C:\Users\Max\Downloads\126316275963.jpg.vvv
2015-12-09 02:17 - 2010-01-19 21:37 - 00093694 _____ C:\Users\Max\Downloads\12637140515.jpg.vvv
2015-12-09 02:17 - 2010-01-19 18:34 - 01004414 _____ C:\Users\Max\Downloads\1263699788052.jpg.vvv
2015-12-09 02:17 - 2010-01-19 18:33 - 01299966 _____ C:\Users\Max\Downloads\1263680002003.jpg.vvv
2015-12-09 02:17 - 2010-01-19 18:33 - 00309870 _____ C:\Users\Max\Downloads\1263827364537.jpg.vvv
2015-12-09 02:17 - 2010-01-19 18:25 - 03536206 _____ C:\Users\Max\Downloads\1263865278248.png.vvv
2015-12-09 02:17 - 2010-01-19 18:18 - 00393422 _____ C:\Users\Max\Downloads\1263704570489.jpg.vvv
2015-12-09 02:17 - 2009-12-22 20:54 - 00894238 _____ C:\Users\Max\Downloads\1261494112135.jpg.vvv
2015-12-09 02:17 - 2009-12-22 20:40 - 00920606 _____ C:\Users\Max\Downloads\1261507686694.png.vvv
2015-12-09 02:17 - 2009-12-20 21:17 - 01579982 _____ C:\Users\Max\Downloads\1260910080066.jpg.vvv
2015-12-09 02:17 - 2009-12-20 21:17 - 01010990 _____ C:\Users\Max\Downloads\1260909200565.jpg.vvv
2015-12-09 02:17 - 2009-12-20 21:17 - 00542654 _____ C:\Users\Max\Downloads\1260338012468.jpg.vvv
2015-12-09 02:17 - 2009-12-20 21:17 - 00134894 _____ C:\Users\Max\Downloads\1260908800061.jpg.vvv
2015-12-09 02:17 - 2009-12-20 21:16 - 00812670 _____ C:\Users\Max\Downloads\1261330515417.jpg.vvv
2015-12-09 02:17 - 2009-12-20 21:16 - 00042190 _____ C:\Users\Max\Downloads\1261328240220.jpg.vvv
2015-12-09 02:17 - 2009-12-20 21:12 - 02506158 _____ C:\Users\Max\Downloads\1261295828664.jpg.vvv
2015-12-09 02:17 - 2009-12-18 22:24 - 00652446 _____ C:\Users\Max\Downloads\1260567483028.jpg.vvv
2015-12-09 02:17 - 2009-12-18 22:19 - 01049726 _____ C:\Users\Max\Downloads\1261002762970.jpg.vvv
2015-12-09 02:16 - 2011-04-29 20:23 - 00145118 _____ C:\Users\Max\Documents\S4_20100417_234548.jpg.vvv
2015-12-09 02:15 - 2013-02-27 22:52 - 00192446 _____ C:\Users\Max\Documents\Physik%20Laser.ppt_1.odp.vvv
2015-12-09 02:15 - 2010-12-27 15:51 - 00636958 _____ C:\Users\Max\Documents\Pornowerbung auf Facebook.jpg.vvv
2015-12-09 02:15 - 2010-05-30 15:50 - 00013230 _____ C:\Users\Max\Documents\PraktikumsbewebungDEUTA.doc.vvv
2015-12-09 02:15 - 2010-05-30 12:54 - 00011694 _____ C:\Users\Max\Documents\PraktikumsbewebungDLR.doc.vvv
2015-12-09 02:15 - 2010-05-26 19:26 - 00007598 _____ C:\Users\Max\Documents\Praktikumsbewebung.doc.vvv
2015-12-09 02:13 - 2012-09-19 15:59 - 00018302 _____ C:\Users\Max\Documents\Lebenslauf%20v3.doc_0.odt.vvv
2015-12-09 02:13 - 2012-09-12 00:15 - 00013742 _____ C:\Users\Max\Documents\Lebenslauf v2.doc.vvv
2015-12-09 02:13 - 2012-06-19 18:24 - 00017742 _____ C:\Users\Max\Documents\Lebenslauf.odt.vvv
2015-12-09 02:13 - 2012-02-28 22:37 - 01192558 _____ C:\Users\Max\Documents\Max-Facharbeit.odt.vvv
2015-12-09 02:13 - 2011-01-18 21:39 - 00011454 _____ C:\Users\Max\Documents\Latein Hausarbeit.odt.vvv
2015-12-09 02:13 - 2010-11-29 15:38 - 00188238 _____ C:\Users\Max\Documents\Isame.jpg.vvv
2015-12-09 02:13 - 2010-11-29 15:38 - 00186414 _____ C:\Users\Max\Documents\Klazy.jpg.vvv
2015-12-09 02:13 - 2010-06-19 15:03 - 00010670 _____ C:\Users\Max\Documents\Lebenslauf.doc.vvv
2015-12-09 02:13 - 2010-05-31 20:43 - 00010670 _____ C:\Users\Max\Documents\Jimmy Hendrix.doc.vvv
2015-12-09 02:12 - 2014-09-10 23:19 - 00000638 _____ C:\Users\Max\BullseyeCoverageError.txt.vvv
2015-12-09 02:12 - 2013-12-09 10:51 - 00013486 _____ C:\Users\Max\Documents\Ausbildungsvergütungen.odt.vvv
2015-12-09 02:12 - 2012-02-09 19:19 - 04065758 _____ C:\Users\Max\Documents\firefox.dmp.vvv
2015-12-09 02:12 - 2012-02-06 23:53 - 00012718 _____ C:\Users\Max\Documents\Gliederung.doc.vvv
2015-12-09 02:12 - 2012-02-05 15:42 - 00023470 _____ C:\Users\Max\Documents\Facharbeit.doc.vvv
2015-12-09 02:12 - 2011-05-03 21:41 - 00001934 _____ C:\Users\Max\Desktop\5.38.12.130.txt.vvv
2015-12-09 02:12 - 2011-04-12 01:08 - 00007598 _____ C:\Users\Max\Documents\Deutsch Referat Stichpunkte.doc.vvv
2015-12-09 02:12 - 2011-02-03 17:57 - 03647070 _____ C:\Users\Max\Documents\crysis2wallpaper04.jpg.vvv
2015-12-09 02:12 - 2011-02-03 17:57 - 00569022 _____ C:\Users\Max\Documents\crysis-wallpaper1.jpg.vvv
2015-12-09 02:12 - 2011-02-03 17:57 - 00451582 _____ C:\Users\Max\Documents\crysis-2-wallpapers_18957_1680x1050.jpg.vvv
2015-12-09 02:12 - 2011-02-03 17:57 - 00288990 _____ C:\Users\Max\Documents\Call_of_Duty_Black_Ops.jpg.vvv
2015-12-09 02:12 - 2011-02-03 17:57 - 00173790 _____ C:\Users\Max\Documents\crysis2wallpaper06.jpg.vvv
2015-12-09 02:12 - 2010-12-23 22:38 - 00728590 _____ C:\Users\Max\Documents\009.JPG.vvv
2015-12-09 02:12 - 2010-12-21 20:53 - 00541454 _____ C:\Users\Max\Documents\064.jpg.vvv
2015-12-09 02:12 - 2010-12-21 20:45 - 00672510 _____ C:\Users\Max\Documents\031.jpg.vvv
2015-12-09 02:12 - 2010-07-05 13:27 - 03239790 _____ C:\Users\Max\Documents\free_stonesoup_ecookbook.pdf.vvv
2015-12-09 02:12 - 2010-06-19 14:37 - 00015918 _____ C:\Users\Max\Documents\fragebogen_Praktikum_090916.pdf.vvv
2015-12-09 02:12 - 2010-05-31 20:29 - 00010670 _____ C:\Users\Max\Documents\Einflüsse des Psychedelic Rock.doc.vvv
2015-12-09 02:12 - 2009-12-03 14:38 - 00005822 _____ C:\Users\Max\Documents\GFWLIVESetupLogVerbose.txt.vvv
2015-12-09 02:12 - 2009-12-03 14:38 - 00000494 _____ C:\Users\Max\Documents\GFWLIVESetupLog.txt.vvv
2015-12-09 02:02 - 2015-05-14 13:02 - 00001582 _____ C:\ProgramData\HirezPipeError.txt.vvv
2015-12-09 02:01 - 2014-06-07 20:29 - 02079838 _____ C:\Program Files\mplayerc_20100214.zip.vvv
2015-12-09 01:58 - 2010-01-17 13:31 - 00000574 _____ C:\error.txt.vvv
2015-12-09 01:58 - 2010-01-01 02:03 - 00000878 _____ C:\memory.txt.vvv
2015-12-07 00:02 - 2012-03-20 10:16 - 00000000 ____D C:\Program Files (x86)\AMD
2015-12-06 21:19 - 2013-08-28 16:45 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 21:19 - 2013-08-28 16:45 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-06 21:19 - 2013-08-28 16:45 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-03 23:08 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-22 18:06 - 2010-12-27 22:13 - 00070984 _____ C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-22 00:54 - 2009-07-14 03:34 - 00017708 _____ C:\Windows\system32\Drivers\etc\services
2015-11-16 21:53 - 2012-08-28 19:42 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-16 21:53 - 2012-08-28 19:42 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-12 01:32 - 2010-12-28 01:13 - 00002760 _____ C:\Windows\SysWOW64\lgAxconfig.ini
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-12-09 02:01 - 2015-12-09 02:01 - 0009620 _____ () C:\Program Files\how_recover+bcu.html
2015-12-09 02:01 - 2015-12-09 02:01 - 0002787 _____ () C:\Program Files\how_recover+bcu.txt
2015-12-09 02:25 - 2015-12-09 02:25 - 0009620 _____ () C:\Program Files\how_recover+tsq.html
2015-12-09 02:25 - 2015-12-09 02:25 - 0002787 _____ () C:\Program Files\how_recover+tsq.txt
2015-12-09 02:52 - 2015-12-09 02:52 - 0009620 _____ () C:\Program Files\how_recover+vge.html
2015-12-09 02:52 - 2015-12-09 02:52 - 0002787 _____ () C:\Program Files\how_recover+vge.txt
2014-06-07 20:29 - 2015-12-09 02:01 - 2079838 _____ () C:\Program Files\mplayerc_20100214.zip.vvv
2015-12-09 01:58 - 2015-12-09 01:58 - 0009620 _____ () C:\Program Files\Common Files\how_recover+bcu.html
2015-12-09 01:58 - 2015-12-09 01:58 - 0002787 _____ () C:\Program Files\Common Files\how_recover+bcu.txt
2015-12-09 02:24 - 2015-12-09 02:24 - 0009620 _____ () C:\Program Files\Common Files\how_recover+tsq.html
2015-12-09 02:24 - 2015-12-09 02:24 - 0002787 _____ () C:\Program Files\Common Files\how_recover+tsq.txt
2015-12-09 02:51 - 2015-12-09 02:51 - 0009620 _____ () C:\Program Files\Common Files\how_recover+vge.html
2015-12-09 02:51 - 2015-12-09 02:51 - 0002787 _____ () C:\Program Files\Common Files\how_recover+vge.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 0009620 _____ () C:\Users\Der andere\AppData\Roaming\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 0002787 _____ () C:\Users\Der andere\AppData\Roaming\how_recover+tsq.txt
2015-12-09 02:26 - 2015-12-09 02:26 - 0009620 _____ () C:\Users\Der andere\AppData\Local\how_recover+tsq.html
2015-12-09 02:26 - 2015-12-09 02:26 - 0002787 _____ () C:\Users\Der andere\AppData\Local\how_recover+tsq.txt
2015-05-14 13:02 - 2015-12-09 02:02 - 0001582 _____ () C:\ProgramData\HirezPipeError.txt.vvv
2015-12-09 02:01 - 2015-12-09 02:03 - 0009620 _____ () C:\ProgramData\how_recover+bcu.html
2015-12-09 02:01 - 2015-12-09 02:03 - 0002787 _____ () C:\ProgramData\how_recover+bcu.txt
2015-12-09 02:25 - 2015-12-09 02:26 - 0009620 _____ () C:\ProgramData\how_recover+tsq.html
2015-12-09 02:25 - 2015-12-09 02:26 - 0002787 _____ () C:\ProgramData\how_recover+tsq.txt
2015-12-09 02:52 - 2015-12-09 02:52 - 0009620 _____ () C:\ProgramData\how_recover+vge.html
2015-12-09 02:52 - 2015-12-09 02:52 - 0002787 _____ () C:\ProgramData\how_recover+vge.txt
2011-01-22 12:06 - 2011-01-22 12:06 - 0000097 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2011-03-10 18:46 - 2011-09-27 23:29 - 0001492 _____ () C:\ProgramData\ss.ini
Einige Dateien in TEMP:
====================
C:\Users\Der andere\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-10 02:21
==================== Ende von FRST.txt ============================
|
|
12.12.2015, 01:33
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Neuer TeslaCrypt typ unter Win 7 FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.12.2015, 01:40
| #29 |
| | Neuer TeslaCrypt typ unter Win 7 Hier ist der Log: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-12-2015
durchgeführt von Der andere (2015-12-12 01:35:51) Run:1
Gestartet von F:\Malewarekram
Geladene Profile: Der andere (Verfügbare Profile: Max & Der andere)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
emptytemp:
*****************
EmptyTemp: => 112.2 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 01:36:00 ====
|
|
12.12.2015, 01:44
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Neuer TeslaCrypt typ unter Win 7 Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Neuer TeslaCrypt typ unter Win 7 |
| desktop, internet, nicht genug speicherplatz, recover, registry, sierra, teslacrypt, windows |
Linear-Darstellung
