WindowsDUC-Virus

s3pii · 18.04.2016, 21:28

Guten Morgen/Abend/Mittag!

Folgendes:

Virusherkunft:

Ich habe mir vor einer Weile aus Langweile auf der Seite "hxxp://gamejolt.com/" ein paar Spiele gedownloaded, um diese anzuspielen.

Dummerweise hab ich erst im Nachhinein gemerkt, dass da jeder zweite Trottel hochladen kann, was er möchte, da der Inhalt anscheinend nicht geprueft wird.

Damit hab ich bei einem dieser Spiele vor ca 1 Monat einen Virus mit dem Namen "WindowsDUC.exe" bekommen.

Beschreibung des Virus:

Der Ursprung der Datei befindet sich in AppData/Roaming/WindowsDUC und besteht aus einer Anwendung mit dem Namen "WindowsDUC.exe".

Sobald ich nun meinen PC hochfahre, wird duch die Datenausführungsverhinderung nacheinander alle meine Programme geschlossen.

So ging ich bisher dagegen vor:

Deshalb muss ich bei jedem PC-Start den Prozess von WindowsDUC killen, damit ich meinen PC überhaupt benutzen kann.

Ich hab schon unendliche Virenscans gemacht (mit Malwarebytes) und die Datei auch schon an sich überprüft, wird jedoch nicht als Virus oder gar auffallend erkannt.

Den Ordner des Spiel hab ich, naiv wie ich war, gelöscht, als ich das erste Mal den Virus entdeckte ... in der Hoffnung, dass ich den damit loswerde.
Somit weiß ich nicht, was da noch alles drin war oder gar den Namen des Spiel und und und..

Zudem steh ich in aller Hoffnung, dass er "NUR" die Prozesse von mir beendet und nicht Schlimmeres.

_____________

So ... ich wüsste nicht, was ich weiteres schreiben könnte darüber.
Ich gehe jetzt zu Bett.
Wollte das auf jedenfall in Hoffnung noch hier posten, bevor ich es vergesse.

burningice · 19.04.2016, 00:52

Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!

Los geht's

na dann schauen wir doch mal.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

s3pii · 19.04.2016, 14:04

Heyho Rafael und danke, wegen der Antwort

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von sv3nxd (Administrator) auf SV3NXD-PC (19-04-2016 12:30:19)
Gestartet von C:\Users\sv3nxd\Downloads
Geladene Profile: sv3nxd (Verfügbare Profile: sv3nxd)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Realtek Semiconductor Corporation.) C:\Program Files (x86)\Realtek\Realtek Ethernet Diagnostic Utility\8169Diag.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Akamai Technologies, Inc.) C:\Users\sv3nxd\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.EXE
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
() C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\OSD.exe
(Adobe Systems Inc.) C:\Users\sv3nxd\AppData\Roaming\Adobe\AIR\Updater\Background\updater
(Adobe Systems Inc.) C:\Users\sv3nxd\AppData\Local\Temp\AIR9951.tmp\Adobe AIR Installer.exe
(Akamai Technologies, Inc.) C:\Users\sv3nxd\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(NVIDIA Corporation) C:\Users\sv3nxd\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213840 2012-10-26] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [SL-6481 Gaming Keyboard] => C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.exe [1976832 2013-09-30] ()
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-10-24] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\Run: [Akamai NetSession Interface] => C:\Users\sv3nxd\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\Run: [Spotify Web Helper] => C:\Users\sv3nxd\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2355312 2016-01-29] (Spotify Ltd)
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\Run: [WindowsDUC] => C:\Users\sv3nxd\AppData\Roaming\WindowsDUC\WindowsDUC.exe [103424 2016-03-12] ()
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {2a44323d-90c4-11e3-8ac3-806e6f6e6963} - E:\Run.exe
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {807941da-4c64-11e4-a1b1-a9c2c126da63} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {807941eb-4c64-11e4-a1b1-001e101fe5e1} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {807941fd-4c64-11e4-a1b1-001e101f2500} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {e7d67e3c-4ba8-11e4-ad9a-ca119911a7a4} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {e7d67e6d-4ba8-11e4-ad9a-ca119911a7a4} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {e7d67e8a-4ba8-11e4-ad9a-ca119911a7a4} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {e7d67e97-4ba8-11e4-ad9a-ca119911a7a4} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {e7d67ea3-4ba8-11e4-ad9a-ca119911a7a4} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {e7d67eb3-4ba8-11e4-ad9a-ca119911a7a4} - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\MountPoints2: {e7d67ec0-4ba8-11e4-ad9a-ca119911a7a4} - F:\.\Setup.exe AUTORUN=1
Startup: C:\Users\sv3nxd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WindowsDUC.lnk [2016-03-12]
ShortcutTarget: WindowsDUC.lnk -> C:\Users\sv3nxd\AppData\Roaming\WindowsDUC.exe (Keine Datei)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2014-10-15] (Initex)
Winsock: Catalog9 02 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2014-10-15] (Initex)
Winsock: Catalog9 03 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2014-10-15] (Initex)
Winsock: Catalog9 04 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2014-10-15] (Initex)
Winsock: Catalog9 15 C:\Windows\SysWOW64\WTFastDrv.dll [72296 2014-10-15] (Initex)
Winsock: Catalog9-x64 01 C:\Windows\system32\WTFastDrv.dll [79464 2014-10-15] (Initex)
Winsock: Catalog9-x64 02 C:\Windows\system32\WTFastDrv.dll [79464 2014-10-15] (Initex)
Winsock: Catalog9-x64 03 C:\Windows\system32\WTFastDrv.dll [79464 2014-10-15] (Initex)
Winsock: Catalog9-x64 04 C:\Windows\system32\WTFastDrv.dll [79464 2014-10-15] (Initex)
Winsock: Catalog9-x64 15 C:\Windows\system32\WTFastDrv.dll [79464 2014-10-15] (Initex)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4C4D8A3C-F41A-41E4-B3A1-6E9BA309C1F6}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D31EC967-6FF2-4611-8B21-A3ABE3BCE80F}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3907350877-53157355-3790402147-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/de-de/?pc=UP97&ocid=UP97DHP
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-11] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-11] (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-11] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Arc\Plugins\ArcPluginIE.dll [2015-06-11] (Perfect World Entertainment Inc)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-11] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\sv3nxd\AppData\Roaming\Mozilla\Firefox\Profiles\ygth80gj.default-1456836719127
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-09] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-11] (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Arc\Plugins\npArcPluginFF.dll [2015-06-11] (Perfect World Entertainment Inc)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-10-24] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.4 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-06-21] (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3907350877-53157355-3790402147-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\sv3nxd\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-06] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\sv3nxd\AppData\Roaming\Mozilla\Firefox\Profiles\ygth80gj.default-1456836719127\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-03]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-02-08] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/de-de/?pc=__PARAM__&ocid=__PARAM__DHP
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-07-27]
CHR Extension: (Google Präsentationen) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-16]
CHR Extension: (Google Docs) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-16]
CHR Extension: (Google Drive) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (YouTube) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18]
CHR Extension: (Adblock Plus) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-19]
CHR Extension: (Google-Suche) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-31]
CHR Extension: (Google Tabellen) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-16]
CHR Extension: (Google Docs Offline) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-22]
CHR Extension: (Google Mail) - C:\Users\sv3nxd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKU\S-1-5-21-3907350877-53157355-3790402147-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [342984 2011-09-13] ()
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-30] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S4 ArcService; D:\Arc\ArcService.exe [88400 2015-06-11] (Perfect World Entertainment Inc)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S3 jswpsapi; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2011-04-11] (Wireless) [Datei ist nicht signiert]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [61916000 2011-04-24] (Microsoft Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-03-05] (Electronic Arts)
R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
S4 RealtekCU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [Datei ist nicht signiert]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [428384 2011-04-24] (Microsoft Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [814064 2015-12-22] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
S4 WpsSupplicant; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WpsSupplicant.exe [61440 2011-04-11] () [Datei ist nicht signiert]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 AODDriver4.2; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57512 2012-09-24] (Advanced Micro Devices)
S3 ati2mpad; C:\Windows\System32\DRIVERS\ati2mpad.sys [326656 2006-11-02] (ATI Technologies Inc.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2014-10-04] (Huawei Technologies Co., Ltd.)
S3 ewusbnet; C:\Windows\SysWOW64\DRIVERS\ewusbnet.sys [138752 2014-10-04] (Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\SysWOW64\DRIVERS\ew_hwusbdev.sys [117248 2014-10-04] (Huawei Technologies Co., Ltd.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-04-24] ()
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2014-10-04] (Huawei Technologies Co., Ltd.)
S3 hxsyol; C:\Windows\system32\hxsy64.sys [86352 2015-08-02] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [99440 2012-04-25] (Qualcomm Atheros Co., Ltd.)
S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan60.sys [32360 2011-09-16] (Realtek Corporation)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [47736 2015-12-21] (Tunngle.net)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [32360 2011-09-16] (Realtek Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RtlWlanu; system32\DRIVERS\rtwlanu.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 12:30 - 2016-04-19 12:30 - 00022520 _____ C:\Users\sv3nxd\Downloads\FRST.txt
2016-04-19 12:30 - 2016-04-19 12:30 - 00000000 ____D C:\FRST
2016-04-19 12:29 - 2016-04-19 12:29 - 02375680 _____ (Farbar) C:\Users\sv3nxd\Downloads\FRST64.exe
2016-04-18 22:24 - 2016-04-18 22:24 - 00001218 _____ C:\Users\sv3nxd\Desktop\Virenscan.txt
2016-04-18 21:15 - 2016-04-18 21:15 - 00367814 _____ C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI3351.txt
2016-04-18 21:15 - 2016-04-18 21:15 - 00011178 _____ C:\Users\sv3nxd\AppData\Local\dd_vcredistUI3351.txt
2016-04-17 14:30 - 2016-04-17 14:30 - 00001622 _____ C:\Users\sv3nxd\Downloads\New Piskel(3).zip
2016-04-17 11:55 - 2016-04-17 11:55 - 00001630 _____ C:\Users\sv3nxd\Downloads\New Piskel(2).zip
2016-04-17 11:40 - 2016-04-17 11:40 - 00002414 _____ C:\Users\sv3nxd\Downloads\New Piskel(1).zip
2016-04-17 11:31 - 2016-04-17 11:31 - 00002490 _____ C:\Users\sv3nxd\Downloads\New Piskel.zip
2016-04-16 17:32 - 2016-04-16 17:32 - 00001043 _____ C:\Users\sv3nxd\Desktop\Play Cave Story.lnk
2016-04-16 17:32 - 2016-04-16 17:32 - 00000000 ____D C:\Users\sv3nxd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe
2016-04-16 17:32 - 2016-04-16 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe
2016-04-16 17:32 - 2016-04-16 17:32 - 00000000 ____D C:\Program Files (x86)\Cave Story Deluxe
2016-04-16 17:28 - 2016-04-16 17:28 - 01475080 _____ C:\Users\sv3nxd\Downloads\Cave Story - CHIP-Installer.exe
2016-04-15 23:10 - 2016-04-15 23:10 - 00000000 ____D C:\Users\sv3nxd\AppData\Local\Jump_n_Run
2016-04-15 23:05 - 2016-04-15 23:05 - 00022481 _____ C:\Users\sv3nxd\AppData\Local\recently-used.xbel
2016-04-15 22:09 - 2016-04-15 22:09 - 00074698 _____ C:\Users\sv3nxd\Desktop\burned.wav
2016-04-15 21:53 - 2016-04-15 21:53 - 00007227 _____ C:\Users\sv3nxd\Desktop\^A92AF49E212094A5586DB766411CFB8854B9D79DEE5A2FB10F^pimgpsh_thumbnail_win_distr.jpg
2016-04-15 21:37 - 2016-04-15 21:38 - 00000000 ____D C:\Users\sv3nxd\Desktop\My Bit-Music
2016-04-15 21:37 - 2016-04-15 21:36 - 03024044 _____ C:\Users\sv3nxd\Desktop\bg1-backup1.wav
2016-04-15 21:13 - 2016-04-15 21:12 - 05927084 _____ C:\Users\sv3nxd\Desktop\bg_field-backup1.wav
2016-04-15 17:09 - 2016-04-15 17:09 - 00020358 _____ C:\Users\sv3nxd\Desktop\sound_destroy.wav
2016-04-15 17:06 - 2016-04-15 17:06 - 00020358 _____ C:\Users\sv3nxd\Desktop\Laser_Shoot.wav
2016-04-15 17:01 - 2016-04-15 17:01 - 01587644 _____ C:\Users\sv3nxd\Desktop\shooter_bg-backup1.wav
2016-04-15 17:01 - 2016-04-15 17:01 - 01190820 _____ C:\Users\sv3nxd\Desktop\shooter_bg.wav
2016-04-15 17:00 - 2016-04-15 17:00 - 01587644 _____ C:\Users\sv3nxd\Desktop\bg_shooter.wav
2016-04-15 16:58 - 2016-04-15 16:56 - 01587644 _____ C:\Users\sv3nxd\Desktop\song_bg-backup1.wav
2016-04-15 16:53 - 2016-04-15 16:58 - 01093312 _____ C:\Users\sv3nxd\Desktop\song_bg.wav
2016-04-15 16:53 - 2016-04-15 16:53 - 01587644 _____ C:\Users\sv3nxd\Desktop\song_nam.wav
2016-04-15 16:23 - 2016-04-15 16:23 - 00846764 _____ C:\Users\sv3nxd\Desktop\song_name.wav
2016-04-15 10:21 - 2016-04-15 10:21 - 00000000 __SHD C:\found.007
2016-04-14 15:43 - 2016-04-14 15:43 - 14637961 _____ C:\Users\sv3nxd\Desktop\addicted.zip
2016-04-14 15:23 - 2016-04-14 15:23 - 29099760 _____ C:\Users\sv3nxd\Desktop\bg_cave.wav
2016-04-14 15:19 - 2016-04-14 15:19 - 00010550 _____ C:\Users\sv3nxd\Desktop\Pickup_Coin.wav
2016-04-14 15:08 - 2016-04-14 15:08 - 00230639 _____ C:\Users\sv3nxd\Downloads\platformer_jumping.zip
2016-04-14 15:08 - 2016-04-14 15:08 - 00000000 ____D C:\Users\sv3nxd\Desktop\Neuer Ordner
2016-04-14 14:36 - 2016-04-14 14:37 - 00000000 ____D C:\Users\sv3nxd\AppData\Roaming\DarkSoulsIII
2016-04-14 09:57 - 2016-04-14 09:58 - 00000000 ____D C:\Users\sv3nxd\Desktop\block
2016-04-14 09:57 - 2016-04-14 09:57 - 00000000 ____D C:\Users\sv3nxd\Desktop\enemy
2016-04-13 21:58 - 2016-04-13 21:58 - 02193862 _____ C:\Users\sv3nxd\Desktop\Jump n Run.7z
2016-04-13 21:49 - 2016-04-13 21:49 - 02226688 _____ C:\Users\sv3nxd\Desktop\Jump n Run.exe
2016-04-13 00:37 - 2016-04-13 00:37 - 00094984 _____ C:\Users\sv3nxd\Desktop\jump.wav
2016-04-12 23:20 - 2016-04-12 23:21 - 00000696 _____ C:\Users\sv3nxd\Desktop\dfdf.txt
2016-04-12 23:19 - 2016-04-12 23:19 - 01028751 _____ C:\Users\sv3nxd\Downloads\newtutorial_platformer.gmx.zip
2016-04-12 23:19 - 2016-04-12 23:19 - 00000000 ____D C:\Users\sv3nxd\Desktop\newtutorial_platformer.gmx
2016-04-12 23:17 - 2016-04-12 23:19 - 00000682 _____ C:\Users\sv3nxd\Desktop\dsf.txt
2016-04-12 11:30 - 2016-04-12 11:35 - 14067592 _____ C:\Users\sv3nxd\Desktop\SideGame.zip
2016-04-12 11:30 - 2016-04-12 11:30 - 00000000 ____D C:\Users\sv3nxd\AppData\Local\SideGame
2016-04-12 11:13 - 2016-04-12 11:13 - 32671002 _____ C:\Users\sv3nxd\Desktop\BGM.wav
2016-04-12 11:01 - 2016-04-12 11:01 - 00401048 _____ C:\Users\sv3nxd\Desktop\PFFAZ.wav
2016-04-12 10:57 - 2016-04-12 10:57 - 00401048 _____ C:\Users\sv3nxd\Desktop\DING.wav
2016-04-12 10:48 - 2016-04-12 10:48 - 00030764 _____ C:\Users\sv3nxd\Desktop\BLOPP.wav
2016-04-12 07:57 - 2016-04-13 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-11 14:22 - 2016-04-11 23:11 - 00000000 ____D C:\Users\sv3nxd\AppData\Local\gm_ttt_75956
2016-04-08 20:01 - 2016-04-08 20:01 - 00000000 ____D C:\Users\sv3nxd\AppData\Local\project_Starship
2016-03-28 22:47 - 2016-03-28 23:30 - 00000000 ____D C:\Users\sv3nxd\Desktop\Musik
2016-03-28 14:45 - 2016-03-28 14:45 - 00039249 _____ C:\Users\sv3nxd\Desktop\Bewerbungsschreiben imc - Sven Peschau.pdf
2016-03-28 14:33 - 2016-03-28 14:41 - 00039497 _____ C:\Users\sv3nxd\Desktop\Bewerbungsschreiben illmedia - Sven Peschau.pdf
2016-03-27 23:58 - 2016-03-27 19:40 - 00000000 ____D C:\Users\sv3nxd\Desktop\5 Click
2016-03-27 23:55 - 2016-03-27 23:55 - 00751053 _____ C:\Users\sv3nxd\Downloads\diorama-game.zip
2016-03-27 19:55 - 2016-03-27 19:55 - 00180302 _____ C:\Users\sv3nxd\Desktop\Blop______sound_effect.wav
2016-03-27 19:48 - 2016-03-27 19:48 - 00002918 _____ C:\Users\sv3nxd\Desktop\bg.jpeg
2016-03-27 19:43 - 2016-03-27 20:25 - 00139632 _____ C:\Users\sv3nxd\Desktop\Arrowgame.7z
2016-03-27 13:48 - 2016-03-27 16:20 - 00001732 _____ C:\Users\sv3nxd\Desktop\Link.gal
2016-03-27 12:37 - 2016-03-27 12:37 - 00000941 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-26 22:42 - 2016-03-26 22:42 - 00000891 _____ C:\Users\sv3nxd\Desktop\sketch 1.lnk
2016-03-26 18:22 - 2016-03-26 18:22 - 00000000 ____D C:\Users\sv3nxd\Documents\Criterion Games
2016-03-26 15:26 - 2016-03-26 15:27 - 09220031 _____ C:\Users\sv3nxd\Downloads\Pokemon Snap (Europe).zip
2016-03-24 23:17 - 2016-03-24 23:17 - 00000690 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2016-03-24 23:17 - 2016-03-24 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2016-03-24 20:56 - 2016-03-24 20:56 - 00000000 __RHD C:\Users\sv3nxd\AppData\Roaming\SecuROM
2016-03-24 20:56 - 2016-03-24 20:56 - 00000000 ____D C:\Users\sv3nxd\Documents\Electronic Arts
2016-03-24 20:56 - 2016-03-24 20:56 - 00000000 ____D C:\Users\sv3nxd\AppData\Local\Electronic Arts
2016-03-22 23:56 - 2016-03-22 23:56 - 00000000 ____D C:\ProgramData\ECA78F0CCD5A1BD38DEFF8236B683D67
2016-03-22 23:12 - 2016-03-22 23:12 - 00000000 ____D C:\Users\sv3nxd\AppData\Local\_
2016-03-22 23:08 - 2016-03-22 23:12 - 00000000 ____D C:\Users\sv3nxd\Documents\GameMaker
2016-03-22 23:07 - 2016-03-24 15:05 - 00000000 ____D C:\Users\sv3nxd\AppData\Local\gamemaker_studio
2016-03-22 23:07 - 2016-03-22 23:07 - 00004964 _____ C:\Users\sv3nxd\AppData\Local\VWL19B5.tmp
2016-03-22 23:07 - 2016-03-22 23:07 - 00000000 ____D C:\ProgramData\gamemaker_studio
2016-03-21 22:58 - 2016-03-21 22:58 - 01190608 _____ (Adobe Systems Incorporated) C:\Users\sv3nxd\Downloads\flashplayer21_ga_install.exe
2016-03-20 20:45 - 2016-03-20 20:45 - 00000096 _____ C:\Users\sv3nxd\Desktop\Spieleideen von Schatz  x3.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 12:27 - 2008-01-21 13:10 - 01849984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-19 12:27 - 2008-01-21 13:09 - 00775964 _____ C:\Windows\system32\perfh007.dat
2016-04-19 12:27 - 2008-01-21 13:09 - 00186786 _____ C:\Windows\system32\perfc007.dat
2016-04-19 12:27 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf
2016-04-19 12:24 - 2015-01-03 21:17 - 00004068 _____ C:\Windows\System32\Tasks\Software Updater
2016-04-19 12:20 - 2016-01-25 15:23 - 00000324 _____ C:\Windows\Tasks\RtlNICDiagVistaStart.job
2016-04-19 12:20 - 2014-12-02 22:17 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 12:20 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-19 12:20 - 2006-11-02 17:22 - 00008832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-19 12:20 - 2006-11-02 17:22 - 00008832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-18 23:57 - 2006-11-02 17:42 - 00032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-18 23:35 - 2014-12-02 22:17 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-18 23:21 - 2014-02-08 17:20 - 00000000 ____D C:\Users\sv3nxd\AppData\Roaming\Skype
2016-04-18 23:11 - 2014-12-02 13:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-18 22:02 - 2014-11-20 21:23 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-18 21:16 - 2014-02-08 17:44 - 00000000 ____D C:\Users\sv3nxd\Documents\My Games
2016-04-16 00:14 - 2014-02-28 03:49 - 00000000 ____D C:\Users\sv3nxd\.gimp-2.8
2016-04-15 23:05 - 2014-02-28 04:13 - 00000000 ____D C:\Users\sv3nxd\AppData\Local\gtk-2.0
2016-04-15 22:15 - 2014-02-08 19:51 - 00000000 ____D C:\Users\sv3nxd\AppData\Roaming\Audacity
2016-04-14 23:01 - 2014-12-27 16:17 - 00000000 ____D C:\Users\sv3nxd\AppData\Local\Battle.net
2016-04-14 17:02 - 2014-12-27 16:17 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-04-14 09:36 - 2014-02-08 16:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-13 12:58 - 2015-08-19 18:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-12 22:10 - 2014-02-08 17:20 - 00000000 ____D C:\ProgramData\Skype
2016-04-12 22:09 - 2015-12-16 11:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-12 08:39 - 2014-12-02 22:18 - 00002029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 08:02 - 2014-04-19 01:45 - 00000000 ____D C:\Users\sv3nxd\AppData\Roaming\TS3Client
2016-04-11 13:43 - 2014-04-19 01:45 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2016-04-11 09:09 - 2016-03-12 20:10 - 00000000 ____D C:\Users\sv3nxd\AppData\Roaming\Imminent
2016-04-09 11:41 - 2014-12-02 13:06 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-09 11:41 - 2014-12-02 13:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-09 11:41 - 2014-12-02 13:06 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-08 20:28 - 2014-12-27 16:17 - 00000000 ____D C:\Users\sv3nxd\AppData\Roaming\Battle.net
2016-03-28 14:55 - 2016-02-27 14:43 - 00132152 _____ C:\Users\sv3nxd\Desktop\Lebenslauf - Sven Peschau.pdf
2016-03-27 16:20 - 2016-02-27 20:43 - 00000000 ____D C:\Users\sv3nxd\Documents\GaleBackup
2016-03-27 12:37 - 2014-11-20 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-27 12:37 - 2014-11-20 21:23 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-03-26 21:50 - 2014-10-05 20:16 - 00000000 ____D C:\Users\sv3nxd\Desktop\Stuff
2016-03-26 18:22 - 2014-03-03 00:54 - 00000000 ____D C:\ProgramData\Origin
2016-03-26 15:25 - 2014-10-28 22:47 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2016-03-22 23:07 - 2014-02-08 15:59 - 01379640 _____ C:\Users\sv3nxd\AppData\Local\dd_dotnetfx35install.txt
2016-03-22 23:07 - 2014-02-08 15:59 - 01275884 _____ C:\Users\sv3nxd\AppData\Local\dd_depcheck_NETFX_EXP_35.txt

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-06-04 13:24 - 2016-03-02 22:30 - 0000132 _____ () C:\Users\sv3nxd\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-11-12 10:40 - 2014-11-22 20:56 - 0000004 _____ () C:\Users\sv3nxd\AppData\Roaming\appdataFr2.bin
2016-03-12 20:10 - 2016-03-12 20:10 - 0312320 _____ () C:\Users\sv3nxd\AppData\Roaming\HVBchppI
2016-02-28 21:33 - 2016-02-28 21:33 - 0001456 _____ () C:\Users\sv3nxd\AppData\Local\Adobe Für Web speichern 11.0 Prefs
2014-03-23 14:42 - 2015-10-26 23:45 - 0002032 _____ () C:\Users\sv3nxd\AppData\Local\d3d9caps.dat
2014-02-08 15:54 - 2014-04-10 19:20 - 0001460 _____ () C:\Users\sv3nxd\AppData\Local\d3d9caps64.dat
2014-02-10 19:18 - 2015-10-26 23:25 - 0016896 _____ () C:\Users\sv3nxd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-12 21:33 - 2015-03-12 21:33 - 1113212 _____ () C:\Users\sv3nxd\AppData\Local\dd_ADONETEntityFrameworkTools_deu_MSI4124.txt
2014-09-30 17:59 - 2015-05-31 15:50 - 0084514 _____ () C:\Users\sv3nxd\AppData\Local\dd_depcheckdotnetfx30.txt
2014-02-08 15:59 - 2016-03-22 23:07 - 1275884 _____ () C:\Users\sv3nxd\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2015-03-12 21:01 - 2015-03-12 21:32 - 0140869 _____ () C:\Users\sv3nxd\AppData\Local\dd_depcheck_VB_EXP_100.txt
2014-02-08 15:59 - 2014-02-08 15:59 - 0000002 _____ () C:\Users\sv3nxd\AppData\Local\dd_dotnetfx35error.txt
2014-04-11 12:55 - 2014-04-11 12:55 - 0000002 _____ () C:\Users\sv3nxd\AppData\Local\dd_dotnetfx35error_lp.txt
2014-02-08 15:59 - 2016-03-22 23:07 - 1379640 _____ () C:\Users\sv3nxd\AppData\Local\dd_dotnetfx35install.txt
2014-04-11 12:55 - 2014-07-10 16:54 - 0260978 _____ () C:\Users\sv3nxd\AppData\Local\dd_dotnetfx35install_lp.txt
2014-09-30 17:59 - 2015-05-31 15:50 - 0002150 _____ () C:\Users\sv3nxd\AppData\Local\dd_dotnetfx3error.txt
2014-09-30 17:59 - 2015-05-31 15:50 - 0096316 _____ () C:\Users\sv3nxd\AppData\Local\dd_dotnetfx3install.txt
2015-03-12 21:30 - 2015-03-12 21:30 - 0357982 _____ () C:\Users\sv3nxd\AppData\Local\dd_dw20shared_x86_msi3EF0.txt
2015-03-12 21:01 - 2015-03-12 21:01 - 0000002 _____ () C:\Users\sv3nxd\AppData\Local\dd_error_vb_xcor_100.txt
2015-03-12 21:33 - 2015-03-12 21:33 - 0243462 _____ () C:\Users\sv3nxd\AppData\Local\dd_HelpSetupLP_MSI4159.txt
2015-03-12 21:33 - 2015-03-12 21:33 - 0337168 _____ () C:\Users\sv3nxd\AppData\Local\dd_HelpSetup_MSI4152.txt
2015-03-12 21:01 - 2015-03-12 21:33 - 0589780 _____ () C:\Users\sv3nxd\AppData\Local\dd_install_vb_xcor_100.txt
2015-03-12 21:30 - 2015-03-12 21:30 - 1540938 _____ () C:\Users\sv3nxd\AppData\Local\dd_netfx_dtp3F2E.txt
2014-07-10 16:54 - 2014-07-10 16:54 - 0974098 _____ () C:\Users\sv3nxd\AppData\Local\dd_NET_Framework35_LangPack_MSI24F5.txt
2014-05-08 19:34 - 2014-05-08 19:34 - 0975716 _____ () C:\Users\sv3nxd\AppData\Local\dd_NET_Framework35_LangPack_MSI65A4.txt
2014-04-11 12:55 - 2014-04-11 12:56 - 0975480 _____ () C:\Users\sv3nxd\AppData\Local\dd_NET_Framework35_LangPack_MSI76C4.txt
2014-02-08 16:07 - 2014-02-08 16:08 - 2485576 _____ () C:\Users\sv3nxd\AppData\Local\dd_NET_Framework35_x64_MSI1D31.txt
2014-07-10 16:53 - 2014-07-10 16:53 - 2818398 _____ () C:\Users\sv3nxd\AppData\Local\dd_NET_Framework35_x64_MSI24B4.txt
2014-05-08 19:34 - 2014-05-08 19:34 - 2818706 _____ () C:\Users\sv3nxd\AppData\Local\dd_NET_Framework35_x64_MSI654F.txt
2014-04-11 12:55 - 2014-04-11 12:55 - 2818376 _____ () C:\Users\sv3nxd\AppData\Local\dd_NET_Framework35_x64_MSI767D.txt
2015-03-12 21:33 - 2015-03-12 21:33 - 1711260 _____ () C:\Users\sv3nxd\AppData\Local\dd_SharedManagementObjects_MSI410E.txt
2015-03-12 21:32 - 2015-03-12 21:32 - 0228084 _____ () C:\Users\sv3nxd\AppData\Local\dd_SQLCEToolsForVS2007_MSI40ED.txt
2015-03-12 21:32 - 2015-03-12 21:33 - 0506004 _____ () C:\Users\sv3nxd\AppData\Local\dd_SQLSysClrTypes_msi4104.txt
2015-03-12 21:32 - 2015-03-12 21:32 - 0740566 _____ () C:\Users\sv3nxd\AppData\Local\dd_SSCERuntime_64_MSI40D6.txt
2015-03-12 21:32 - 2015-03-12 21:32 - 0731862 _____ () C:\Users\sv3nxd\AppData\Local\dd_SSCERuntime_MSI40B2.txt
2015-05-11 18:43 - 2015-05-11 18:43 - 0367054 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI0F4D.txt
2016-02-11 20:20 - 2016-02-11 20:20 - 0377344 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI15DA.txt
2016-02-11 20:20 - 2016-02-11 20:20 - 0388466 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI15F8.txt
2014-02-13 16:25 - 2014-02-13 16:25 - 0345394 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI31CD.txt
2015-04-25 10:28 - 2015-04-25 10:28 - 0367438 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI3292.txt
2016-04-18 21:15 - 2016-04-18 21:15 - 0367814 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI3351.txt
2014-02-13 16:33 - 2014-02-13 16:33 - 0349222 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI37CF.txt
2015-02-05 02:54 - 2015-02-05 02:54 - 0366906 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI3A31.txt
2014-02-13 16:41 - 2014-02-13 16:41 - 0350758 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI3DF2.txt
2014-02-13 17:00 - 2014-02-13 17:00 - 0351016 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI4C2E.txt
2014-04-12 01:57 - 2014-04-12 01:57 - 0366176 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI4CF1.txt
2014-02-10 16:39 - 2014-02-10 16:39 - 0462390 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI51AB.txt
2014-02-10 16:39 - 2014-02-10 16:39 - 0459114 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI51ED.txt
2014-04-21 12:04 - 2014-04-21 12:04 - 0417134 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI5CFD.txt
2015-05-31 14:21 - 2015-05-31 14:21 - 0365902 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI6169.txt
2015-06-05 22:42 - 2015-06-05 22:43 - 0365576 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI67E2.txt
2014-02-09 13:29 - 2014-02-09 13:29 - 0419948 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistMSI7228.txt
2015-05-11 18:43 - 2015-05-11 18:43 - 0011210 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI0F4D.txt
2016-02-11 20:20 - 2016-02-11 20:20 - 0011384 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI15DA.txt
2016-02-11 20:20 - 2016-02-11 20:20 - 0011432 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI15F8.txt
2014-02-13 16:25 - 2014-02-13 16:25 - 0011434 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI31CD.txt
2015-04-25 10:28 - 2015-04-25 10:28 - 0011226 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI3292.txt
2016-04-18 21:15 - 2016-04-18 21:15 - 0011178 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI3351.txt
2014-02-13 16:33 - 2014-02-13 16:33 - 0021382 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI37CF.txt
2015-02-05 02:54 - 2015-02-05 02:54 - 0011210 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI3A31.txt
2014-02-13 16:41 - 2014-02-13 16:41 - 0021402 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI3DF2.txt
2014-02-13 17:00 - 2014-02-13 17:00 - 0024054 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI4C2E.txt
2014-04-12 01:57 - 2014-04-12 01:57 - 0016590 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI4CF1.txt
2014-02-10 16:39 - 2014-02-10 16:39 - 0017842 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI51AB.txt
2014-02-10 16:39 - 2014-02-10 16:39 - 0017842 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI51ED.txt
2014-04-21 12:04 - 2014-04-21 12:04 - 0011634 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI5CFD.txt
2015-05-31 14:21 - 2015-05-31 14:21 - 0011162 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI6169.txt
2015-06-05 22:42 - 2015-06-05 22:43 - 0011168 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI67E2.txt
2014-02-09 13:29 - 2014-02-09 13:29 - 0011418 _____ () C:\Users\sv3nxd\AppData\Local\dd_vcredistUI7228.txt
2015-03-12 21:30 - 2015-03-12 21:30 - 0327554 _____ () C:\Users\sv3nxd\AppData\Local\dd_vc_runtime_x64_msi3F0D.txt
2015-03-12 21:30 - 2015-03-12 21:30 - 1299416 _____ () C:\Users\sv3nxd\AppData\Local\dd_vsexpbsln64_1003F17.txt
2015-03-12 21:30 - 2015-03-12 21:32 - 15084706 _____ () C:\Users\sv3nxd\AppData\Local\dd_VSMsiLog3F58.txt
2015-03-15 01:45 - 2015-03-15 01:45 - 0206395 _____ () C:\Users\sv3nxd\AppData\Local\debuggee.mdmp
2016-04-15 23:05 - 2016-04-15 23:05 - 0022481 _____ () C:\Users\sv3nxd\AppData\Local\recently-used.xbel
2016-03-22 23:07 - 2016-03-22 23:07 - 0004964 _____ () C:\Users\sv3nxd\AppData\Local\VWL19B5.tmp

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\sv3nxd\SpeedAutoClicker.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-19 12:29

==================== Ende von FRST.txt ============================

s3pii · 19.04.2016, 14:04

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von sv3nxd (2016-04-19 12:30:57)
Gestartet von C:\Users\sv3nxd\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2014-02-08 13:30:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3907350877-53157355-3790402147-500 - Administrator - Disabled)
Gast (S-1-5-21-3907350877-53157355-3790402147-501 - Limited - Disabled)
sv3nxd (S-1-5-21-3907350877-53157355-3790402147-1000 - Administrator - Enabled) => C:\Users\sv3nxd

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Wizard's Lizard (HKLM-x32\...\Steam App 280040) (Version:  - Lost Decade Games)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Aftermath version 1.0 (HKLM-x32\...\{024D0ADC-6846-4B7A-B12F-D571DF826068}}_is1) (Version: 1.0 - Free Reign Entertainment)
Akamai NetSession Interface (HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
Auto Mouse Click v8.1 (HKLM-x32\...\{F5E3859D-0720-41F0-BAF5-4CBCDFD8F406}_is1) (Version: 8.0 - MurGee.com)
Autodesk SketchBook (HKLM\...\{1F892DA2-F427-4ABC-A6FC-33DA2A85BFF7}) (Version: 7.31.0000 - Autodesk)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.4.505 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bird Assassin (HKLM-x32\...\Steam App 312010) (Version:  - Social Loner Studios)
Blender 2.76b (HKLM-x32\...\Steam App 365670) (Version:  - Blender Foundation)
Borderlands (HKLM\...\Steam App 8980) (Version:  - Gearbox Software)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Cave Story Deluxe (HKLM-x32\...\Cave Story Deluxe) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creativerse (HKLM-x32\...\Steam App 280790) (Version:  - Playful Corporation)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version:  - Brace Yourself Games)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Dawn of Magic 2 (HKLM\...\Steam App 33540) (Version:  - SkyFallen Entertainment)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Deadly 30 (HKLM-x32\...\Steam App 264730) (Version:  - Ignatus Zuk and Gonzalo Villagomez)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
Deepworld (HKLM-x32\...\Steam App 340810) (Version:  - Bytebin)
Delver (HKLM-x32\...\Steam App 249630) (Version:  - Priority Interrupt)
Dethroned! (HKLM-x32\...\Steam App 269390) (Version:  - Treehouse Ltd)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Drawpile 1.0.2 (HKLM-x32\...\{DC47B534-E365-4054-85F0-2E7C6CCB76CC}_is1) (Version: 1.0.2 - )
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version:  - 3D Realms)
Earth 2150 Trilogy (HKLM-x32\...\Steam App 253880) (Version:  - Reality Pump Studios)
Earth 2150: Lost Souls (HKLM-x32\...\Steam App 259300) (Version:  - )
Earth 2150: The Moon Project (HKLM-x32\...\Steam App 259280) (Version:  - )
Easy Tune 6 B13.0125.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.0125.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Emily is Away (HKLM-x32\...\Steam App 417860) (Version:  - Kyle Seeley)
FATE (HKLM-x32\...\Steam App 246840) (Version:  - WildTangent)
Fiesta Online (HKLM-x32\...\Steam App 280620) (Version:  - Onson Soft)
Fingerbones (HKLM-x32\...\Steam App 391270) (Version:  - David Szymanski)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fowl Space (HKLM-x32\...\Steam App 109500) (Version:  - Pixelante Game Studios)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Future Wars (HKLM-x32\...\Steam App 46440) (Version:  - Headup Games / Radon Labs)
Game Launcher version 3.2.1.7 (HKLM-x32\...\{31D22D10-7FD2-401B-8AEA-D20A1A9A440E}_is1) (Version: 3.2.1.7 - Eikester)
GameMaker: Studio (HKLM\...\Steam App 214850) (Version:  - YoYo Games Ltd.)
GameRanger (HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\GameRanger) (Version:  - GameRanger Technologies)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GDR 1617 für SQL Server 2008 R2 (KB2494088) (64-bit) (HKLM\...\KB2494088) (Version: 10.50.1617.0 - Microsoft Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Gothic 3 Enhanced Edition (HKLM-x32\...\{C28A686B-D439-4B83-B023-7402E982F69D}_is1) (Version:  - Nordic Games GmbH)
Gothic 3 Modkit v1.75.14 (HKLM-x32\...\{420DA6C7-EE34-4468-AE16-87205B7D24EF}_is1) (Version: v1.75.14 - Nordic Games GmbH)
GraphicsGale FreeEdition version 2.04.09 (HKLM-x32\...\GraphicsGale FreeEdition_is1) (Version:  - HUMANBALANCE Ltd.)
Greyfox (HKLM-x32\...\Steam App 341310) (Version:  - Lesley Dodd)
Gumboy Tournament (HKLM-x32\...\Steam App 11230) (Version:  - CINEMAX, s.r.o.)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM-x32\...\Steam App 214830) (Version:  - Opus)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heavy Bullets (HKLM-x32\...\Steam App 297120) (Version:  - Terri Vellmann)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}.KB947789) (Version: 1 - Microsoft Corporation)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
ICQ 8.2 (build 6901) (HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\ICQ) (Version: 8.2.6901.0 - ICQ)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version:  - BullPoint) <==== ACHTUNG
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
Java SE Development Kit 8 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180710}) (Version: 8.0.710.15 - Oracle Corporation)
K-Lite Codec Pack 10.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lethal League (HKLM-x32\...\Steam App 261180) (Version:  - Team Reptile)
Livestreamer 1.12.1 (HKLM-x32\...\Livestreamer) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.5.2 - www.leaguereplays.com)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
MAGIX Foto & Grafik Designer 2013 (HKLM-x32\...\MAGIX_{CA67D519-4D81-4550-8BD1-CD4269DE5F18}) (Version: 8.1.3.23459 - MAGIX AG)
MAGIX Foto & Grafik Designer 2013 (Version: 8.1.3.23459 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Memories of a Vagabond (HKLM-x32\...\Steam App 307070) (Version:  - DarkElite)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{362A3FDF-B12E-436A-9097-1B795A9FFCC5}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{79FB3E7E-FD92-49A9-AAD1-193EE4CB85D3}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Richtlinien (HKLM-x32\...\{78033A38-50E2-4A65-823F-C1B34DF9FE41}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{8DD113A8-811A-404E-A4D7-443D014946AC}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools DEU (HKLM-x32\...\{3888A22E-1A9E-4DBE-A93B-42385141F37D}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft1.6.2 (HKLM-x32\...\Minecraft1.6.2) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM-x32\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
NETGEAR WG111v3 wireless USB 2.0 adapter (x32 Version: 1.01.10 - NETGEAR) Hidden
NetObjects Fusion Essentials (HKLM-x32\...\NetObjects Fusion Essentials) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OnTopReplica (HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\OnTopReplica) (Version: 3.4 - Lorenz Cuno Klopfenstein)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{1fbb3f39-b830-4ccb-a2b4-31e3cbeb6e16}) (Version: latest - ppy Pty Ltd)
Overcast - Walden and the Werewolf (HKLM-x32\...\Steam App 293180) (Version:  - Microblast Games)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Path of Shadows prototype version 1.5 (HKLM-x32\...\{9F599662-2BDC-48E8-AAA0-E816786081F2}_is1) (Version: 1.5 - Path of Shadows Team)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Pixel Star (HKLM-x32\...\Steam App 367300) (Version:  - Soul Forge)
Polarity (HKLM-x32\...\Steam App 315430) (Version:  - Bluebutton Games)
Project Starship (HKLM\...\Steam App 454890) (Version:  - Matteo Gonano)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Quake Live (HKLM-x32\...\Quake Live) (Version:  - id Software)
QuickTime (HKLM-x32\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Reader for PC (HKLM-x32\...\{D279DFB7-97A3-439D-8BE9-95D8AFA68562}) (Version: 2.4.01.10241 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 6.250.908.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0187 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0199 - REALTEK Semiconductor Corp.)
RepZ Installer (HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\1b1c64cc2484e6cc) (Version: 1.0.2.20 - RepZ)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version:  - Enterbrain, Inc.)
RPG MAKER VX Ace (HKLM-x32\...\RPG MAKER VX Ace_is1) (Version: 1.01a - )
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version:  - DPad Studios)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
Serena (HKLM-x32\...\Steam App 272060) (Version:  - Senscape)
Shadowgrounds (HKLM-x32\...\Steam App 2500) (Version:  - Frozenbyte)
Shadowgrounds: Survivor (HKLM-x32\...\Steam App 11200) (Version:  - Frozenbyte)
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skullgirls (HKLM-x32\...\Steam App 245170) (Version:  - Lab Zero Games)
Skype Voice Changer (HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\d8f4b4d52e33052f) (Version: 1.4.0.0 - Mark Heath)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version:  - Lag Studios)
Spotify (HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\Spotify) (Version: 1.0.21.143.g76c19bcd - Spotify AB)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
T.E.C. 3001 (HKLM-x32\...\Steam App 280910) (Version:  - Phoenix Game Studio)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Terra Incognita ~ Chapter One: The Descendant (HKLM-x32\...\Steam App 347560) (Version:  - Back To Basics Gaming)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Cat and the Coup (HKLM-x32\...\Steam App 95700) (Version:  - Peter Brinson and Kurosh ValaNejad)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Hat Man: Shadow Ward (HKLM-x32\...\Steam App 291010) (Version:  - Game Mechanics)
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Titan Souls Demo (HKLM-x32\...\Steam App 359950) (Version:  - Acid Nerve)
TL-WN851ND Driver (HKLM-x32\...\{4BAE4C76-44C3-418F-B715-6BBF5A65323E}) (Version: 1.00.0000 - TP-LINK)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 2.01.0012 - TP-LINK)
Transistor (HKLM-x32\...\Steam App 237930) (Version:  - Supergiant Games)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
TubeBox (HKLM-x32\...\{7a0bc01c-1d8a-4ec9-a3e2-da0d7ac5b1de}) (Version: 4.5.0.0 - Freetec)
TubeBox (x32 Version: 4.5.0.0 - Freetec) Hidden
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.4 - Tunngle.net GmbH)
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Unity (HKLM-x32\...\Unity) (Version: 5.0.0f4 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
VIRTUIS ADVANCED Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - SPEEDLINK)
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Voices from the Sea (HKLM-x32\...\Steam App 348620) (Version:  - Zeiva Inc)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.5 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.4 - Wacom Technology Corp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
WTFast 3.5 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.5.2.389 - Initex & AAA Internet Publishing)
XP Codec Pack (HKLM-x32\...\XP Codec Pack) (Version: 2.5.3 - XP Codec Pack team)
You Have to Win the Game (HKLM-x32\...\Steam App 286100) (Version:  - Minor Key Games)
ZELOTES MOUSE (C-12) (HKLM-x32\...\{8986FEDF-AA98-430E-8148-D5DA1B7040C5}_is1) (Version: 1.0 - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3907350877-53157355-3790402147-1000_Classes\CLSID\{65545209-E245-4026-94AE-DEABE04DA1BF}\localserver32 -> C:\Program Files (x86)\MAGIX\Foto Grafik Designer 2013\PhotoGraphicDesigner.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3907350877-53157355-3790402147-1000_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files (x86)\MAGIX\Foto Grafik Designer 2013\PhotoGraphicDesigner.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3907350877-53157355-3790402147-1000_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files (x86)\MAGIX\Foto Grafik Designer 2013\PhotoGraphicDesigner.exe (Xara Group Ltd.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {21B6C8A3-1477-4A22-866F-D24156B17AFB} - System32\Tasks\{C2E546E7-D225-49BD-8FFA-8F0404EFB56E} => pcalua.exe -a F:\.\Setup.exe -d F:\ -c AUTORUN=1
Task: {4ED8A76A-A041-46E7-829A-78E678434C94} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {63250F48-85A0-45E5-9FD0-503A1896E811} - System32\Tasks\{0C277285-0C19-4025-8092-14711F2B4F59} => pcalua.exe -a C:\Users\sv3nxd\Downloads\Duesterburg-v1.21-Full.exe -d C:\Users\sv3nxd\Downloads
Task: {8423AFA3-8B61-4CC1-B52C-4114A546F139} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {97FED8B3-26A5-494A-97A5-2EBC62BED7F3} - System32\Tasks\RtlNICDiagVistaStart => C:\Program Files (x86)\Realtek\Realtek Ethernet Diagnostic Utility\8169Diag.exe [2012-04-30] (Realtek Semiconductor Corporation.)
Task: {9DAB34E6-2801-4B6A-B01F-C3CC387BC609} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09] (Adobe Systems Incorporated)
Task: {C3B1E807-886D-4FB2-B801-B9FCACC650AB} - System32\Tasks\{2972059F-A4B9-48D0-820D-A166F97A49C1} => pcalua.exe -a C:\Users\sv3nxd\Desktop\Flash8-en.exe -d C:\Users\sv3nxd\Desktop
Task: {CAA2C8D6-69F3-4EDE-B58B-2E7CE9774FFC} - System32\Tasks\{2B09B9E5-08BD-4D00-A586-F75B54C420C3} => pcalua.exe -a F:\Setup.exe -d F:\ -c AUTORUN=1
Task: {ED266784-A3D5-4A6A-B3ED-20F65AE35457} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {F0A63CE6-692E-46A8-81AB-3FBF2FFFC714} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {FFF7622F-2587-40A1-9898-1D604530CC7B} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2014-08-21] () <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RtlNICDiagVistaStart.job => C:\Program Files (x86)\Realtek\Realtek Ethernet Diagnostic Utility\8169Diag.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-06-02 21:35 - 2014-08-19 21:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-07-29 14:42 - 2013-09-30 17:24 - 01976832 _____ () C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.EXE
2012-10-16 11:39 - 2012-10-16 11:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2015-07-29 14:42 - 2013-07-11 09:38 - 00169984 _____ () C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\OSD.exe
2014-03-26 18:10 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
2015-07-29 14:42 - 2013-08-17 14:13 - 00036864 _____ () C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Lang\Lang_EN.dll
2015-07-29 14:42 - 2012-11-05 08:37 - 00061440 _____ () C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\hiddriver.dll
2014-10-24 22:34 - 2014-10-24 22:34 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2014-04-25 22:46 - 2014-04-25 22:46 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2014-10-24 22:35 - 2014-10-24 22:35 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3907350877-53157355-3790402147-1000\...\aeriagames.com -> hxxp://aeriagames.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3907350877-53157355-3790402147-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ALDITALKVerbindungsassistent_Service => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: ArcService => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: RealtekCU => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TouchServicePen => 2
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: WpsSupplicant => 2
MSCONFIG\Services: WTabletServiceCon => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launcher.lnk => C:\Windows\pss\Launcher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v3 Setup-Assistent.lnk => C:\Windows\pss\NETGEAR WG111v3 Setup-Assistent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^sv3nxd^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^sv3nxd^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk => C:\Windows\pss\GameRanger.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: AudialsNotifier => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Google Update => "C:\Users\sv3nxd\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: icq => C:\Users\sv3nxd\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: puush => C:\Program Files (x86)\puush\puush.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\sv3nxd\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\sv3nxd\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WTFast Tray => "C:\Program Files (x86)\WTFast\WTFast.exe" trayonly

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{481725F5-AEC9-48C2-A881-EF0375A38738}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4E660F35-C7EA-4339-ADA3-6DEDF7773685}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{E49AF8B7-DB45-4D43-969F-CF0DBF0034AC}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{6C3DD2F7-C6BD-4986-9887-EC4027DD41CA}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{882D3505-4D4D-43E9-90E5-4EB2E7F46C97}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{A213F40B-EE20-4203-9A36-F4938EBF595A}] => (Allow) D:\Steam\SteamApps\common\Fowl Space\Fowl Space.air\Fowl Space.exe
FirewallRules: [{0D3B9F6A-2BC5-43E5-8CAB-497BF760C11D}] => (Allow) D:\Steam\SteamApps\common\Fowl Space\Fowl Space.air\Fowl Space.exe
FirewallRules: [{51B1EF34-8E2F-4BAE-90D0-5C6F300C7518}] => (Allow) LPort=80
FirewallRules: [{1E852EBB-93EF-40CB-A1DD-BE003DBC38F9}] => (Allow) LPort=80
FirewallRules: [{FD88E58A-488E-4C4F-8C73-25F1DD0641E1}] => (Allow) LPort=80
FirewallRules: [{86655DF4-4702-4649-BE8B-9A90C87CD9F1}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{38E4A313-1B35-4BDE-9ACC-F94B6E80063F}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{B380908B-3795-4A74-9CA0-5C8041803C40}] => (Allow) LPort=1542
FirewallRules: [{9A03ED36-CE5C-4FE8-94E7-3CD1622AB41B}] => (Allow) LPort=1542
FirewallRules: [{8DC8FD3E-76DB-4F5A-946B-7ECD3BDB90BE}] => (Allow) LPort=53
FirewallRules: [{EC767353-FF3A-4661-BE2A-434500D23ADB}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{7DE2FD31-4F27-4BFA-8EA5-1541C200EE2A}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{74D012C1-DAAF-4465-B32B-9D53D3DB2BFD}] => (Allow) D:\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{58F6095F-31CB-4842-94FF-5D1723EAC61E}] => (Allow) D:\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [TCP Query User{D8A70861-9A4A-450E-BE02-FF7002312FED}C:\users\sv3nxd\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sv3nxd\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0F9DC520-24A8-4D2A-8170-AF7D345AD589}C:\users\sv3nxd\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sv3nxd\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8300FCA2-3991-4F0D-B436-7EA55F81D583}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{2C60F0B3-DF5A-4BE8-8C55-3C3CBAC931A0}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{2F6F3FA8-D1ED-41CD-9CC9-6125237F5252}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E07CC74B-4572-490A-A1CC-45FFF9292B4E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{062D278F-D002-4BB8-BC13-7FD4508F7624}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{58711166-A4B4-4F1D-B9BC-F0C9B12A2466}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AB63862C-18C5-4C8C-8C82-24D941AEA18A}] => (Allow) D:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{A49FAC99-32C1-47DF-9D91-7A9D5D12FF06}] => (Allow) D:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{94B7C65B-DF2D-4D16-BB97-B87DC0E24B0F}] => (Allow) D:\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{C4319C7D-62F2-452D-9828-3288CAD10162}] => (Allow) D:\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{31D52D00-B0C8-4363-8ACF-EDCD5BEF4D4F}] => (Allow) D:\Steam\SteamApps\common\Future Wars\bin\win32\futurewars.exe
FirewallRules: [{25433E53-90E8-4632-91AC-BFEFA7CEE6DB}] => (Allow) D:\Steam\SteamApps\common\Future Wars\bin\win32\futurewars.exe
FirewallRules: [{BBEE8D78-24D6-4B50-ABED-2EE47E0DF175}] => (Allow) D:\Steam\SteamApps\common\Future Wars\bin\win32\Leveleditor.exe
FirewallRules: [{614CCEA0-946A-4C3D-A51E-B0BE7153BE9E}] => (Allow) D:\Steam\SteamApps\common\Future Wars\bin\win32\Leveleditor.exe
FirewallRules: [{68EA84D1-E873-4C9D-8D01-9818D3039D5D}] => (Allow) D:\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [{71E5F8D3-206B-4493-8F9D-3F75FF776291}] => (Allow) D:\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [{E431ED4A-70A0-4A86-B338-C12199BC41D9}] => (Allow) D:\Steam\SteamApps\common\Trine\trine_launcher.exe
FirewallRules: [{991EBF79-0601-4718-876F-AB940155C786}] => (Allow) D:\Steam\SteamApps\common\Trine\trine_launcher.exe
FirewallRules: [TCP Query User{A33CF3F7-DEFE-4861-B57B-6D1305EE23C3}C:\users\sv3nxd\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sv3nxd\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1CC98AC8-F659-47A9-ADC3-3A3945115ED4}C:\users\sv3nxd\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sv3nxd\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C260973C-452E-4E70-AF04-5C394CDECABA}] => (Allow) D:\Steam\SteamApps\common\Serena\Dagon64.exe
FirewallRules: [{B654E37F-2E35-4618-891E-A4705993CB60}] => (Allow) D:\Steam\SteamApps\common\Serena\Dagon64.exe
FirewallRules: [{A500698E-097D-482E-B918-8E5E25EEE7FA}] => (Allow) D:\Steam\SteamApps\common\The Cat and the Coup\catc_Launch.exe
FirewallRules: [{4DA63A37-FE60-47AA-9FA7-578D2437D941}] => (Allow) D:\Steam\SteamApps\common\The Cat and the Coup\catc_Launch.exe
FirewallRules: [{285076D6-F48A-4932-B69C-FAB99C0F0F2A}] => (Allow) D:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{B4CDFC78-2EB9-4FAC-A808-77D56939B127}] => (Allow) D:\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{5219389D-B7FB-4D74-AA9E-10854088DB74}] => (Allow) D:\Steam\SteamApps\common\Gumboy Tournament\gumboytournament.exe
FirewallRules: [{7EE916B9-3F69-4F60-BCE7-EA02000C2C77}] => (Allow) D:\Steam\SteamApps\common\Gumboy Tournament\gumboytournament.exe
FirewallRules: [TCP Query User{70131DBA-5256-4A6A-A2B3-B481BA27D4FD}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{A5D8C283-2B31-41D2-B141-A4FD701FE30A}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [TCP Query User{D72E4649-0633-42DD-B13E-82A2CC1DA5AF}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{EEF1DEA8-5D02-4E0F-8681-051D73100572}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{6CC011EC-01C0-4689-80DF-89CE06C83E87}] => (Allow) D:\Steam\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{62F255F2-5669-42C9-B5E7-E266345B07FD}] => (Allow) D:\Steam\SteamApps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{8390E2D1-9A5C-41E4-95F9-13F9EBF21B2F}] => (Allow) D:\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{13DEB56E-DF54-4B7D-938C-39EFCB89EB6E}] => (Allow) D:\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{CF359E88-4062-4D44-B41E-67B35D97DEF1}] => (Allow) D:\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{DBAAC8A2-F263-4E01-809A-51C5B6BEA56A}] => (Allow) D:\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{B80D2853-EA00-4479-9864-F944E1346EF1}] => (Allow) D:\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{98AEDEF5-F321-44CA-996F-C19D9068C390}] => (Allow) D:\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{13DB74E7-A6CE-4B1A-8D91-A16D90ECD00D}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{1320429C-5E08-41AA-8F64-78378C65C734}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{6BEA2D49-D3A0-4D38-BED3-17F390E25CA7}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{B6EB279E-586B-4B5D-B993-B918E44F119B}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{1E50062E-BFE0-465B-87FA-1AC835D29363}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F5318C18-CF2B-4710-9C26-C9B6D8BB1F05}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{57006F51-9A5A-4A4E-ADA2-7450CD9856E7}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\Shadowgrounds.exe
FirewallRules: [{E0C0035E-99AE-426C-A26E-18B35871FEDE}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\Shadowgrounds.exe
FirewallRules: [{29256DF1-7052-4790-AD59-351BDB793412}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\ShadowgroundsLauncher.exe
FirewallRules: [{D7A6AE5A-441C-45F1-A6BE-CC090A2F2760}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\ShadowgroundsLauncher.exe
FirewallRules: [{B9221FFA-8943-4749-A765-E31B1F7E32C5}] => (Allow) D:\Steam\SteamApps\common\FATE\fate.exe
FirewallRules: [{52EDD482-3BF4-4D83-9897-912DAB5711A3}] => (Allow) D:\Steam\SteamApps\common\FATE\fate.exe
FirewallRules: [{77DB5816-458E-4DC8-BB79-67F9837EAEA2}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 Lost Souls\LostSouls.exe
FirewallRules: [{C7E86482-F66C-49D9-8804-CB666E5E4275}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 Lost Souls\LostSouls.exe
FirewallRules: [{3FD52ADD-E3E8-49E9-930E-BCAA86E809D8}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 Lost Souls\Setup.exe
FirewallRules: [{103576F7-5068-4C86-B18A-4A83B398ECAF}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 Lost Souls\Setup.exe
FirewallRules: [{CAD9FDBD-05C8-41B8-AA89-03C1912374B4}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 The Moon Project\TheMoonProject.exe
FirewallRules: [{1E20BEC0-EE03-41B0-A10D-6CF9253EFCE6}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 The Moon Project\TheMoonProject.exe
FirewallRules: [{A56206FF-4580-467A-B3C2-44AD2136B18E}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 The Moon Project\Setup.exe
FirewallRules: [{FBDDADAE-316B-4EFB-B9FD-03D1258C7E7F}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 The Moon Project\Setup.exe
FirewallRules: [{0293A468-A541-4D54-B3ED-CCA7D992BD95}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 EftbP\Earth2150.exe
FirewallRules: [{044A1BE0-105F-4491-BC66-7DE590DAA274}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 EftbP\Earth2150.exe
FirewallRules: [{2271E1CE-1A25-4C89-8B4C-8CC10724BA4A}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 EftbP\Setup.exe
FirewallRules: [{35E55B5B-A33E-4C9D-A494-6D3CBF98EAC3}] => (Allow) D:\Steam\SteamApps\common\Earth 2150 EftbP\Setup.exe
FirewallRules: [{6AD5F1B9-D4AF-486E-B724-BA0860A9E9CA}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds Survivor\survivor.exe
FirewallRules: [{5D112256-4895-421D-96E7-F291A3E20999}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds Survivor\survivor.exe
FirewallRules: [{3A6288CF-4A24-4E07-A752-F0C78815037C}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds Survivor\Shadowgrounds Survivor Launcher.exe
FirewallRules: [{C652DE7B-F2E4-492B-8E82-44877D3E8F0D}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds Survivor\Shadowgrounds Survivor Launcher.exe
FirewallRules: [TCP Query User{A2D26625-01D4-4DD0-A9A9-59BF2C401E0A}C:\users\sv3nxd\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\sv3nxd\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [UDP Query User{995733D8-8653-4469-B348-B742D6B21570}C:\users\sv3nxd\appdata\local\id software\quakelive\quakelive.exe] => (Allow) C:\users\sv3nxd\appdata\local\id software\quakelive\quakelive.exe
FirewallRules: [TCP Query User{3E59AE78-3D7A-4FFC-BF57-2D7993510352}C:\users\sv3nxd\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\sv3nxd\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0E2C709C-B2E7-4EFD-A7A9-B4AAD71A8ABB}C:\users\sv3nxd\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\sv3nxd\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E274D426-44B1-41CB-9937-DE73E56D9C67}C:\users\sv3nxd\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sv3nxd\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{9496C6D9-E465-46D9-9E9C-A37AE5A8A46A}C:\users\sv3nxd\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sv3nxd\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F82DC053-E400-4E3F-BB21-4D4879501004}] => (Allow) D:\Steam\SteamApps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{037D22B4-7D7C-4699-8181-2A27063DDDCE}] => (Allow) D:\Steam\SteamApps\common\You Have to Win the Game\TheGame.exe
FirewallRules: [{E1F7A428-4238-466B-B508-3AEC01FF8B9A}] => (Allow) D:\Steam\SteamApps\common\Deadly30\Deadly30.exe
FirewallRules: [{4B69FA7C-B279-4E1F-AE2E-7BEBE9633F51}] => (Allow) D:\Steam\SteamApps\common\Deadly30\Deadly30.exe
FirewallRules: [TCP Query User{C95851C5-4BED-45C4-9F3A-DDA80D8F3AE3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{408EBAC0-3AEF-4247-9EFD-E3C0A9221E49}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{3FEEDDFE-5B05-433A-9713-306CEFEEC8F1}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{CA738757-AA0C-4FB0-8C6D-E88B51D94D1C}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{F3C895D5-7A55-460B-95BD-FDC24ADCE0B3}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{3F4A678A-F30C-4739-A662-BEE51EC4DE40}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{8991FAD3-78AB-4EF7-9C9E-AC848C1F4947}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{2CCB0BB5-1C13-468D-BFAC-947B26518BE2}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [{B3FCF744-3908-4C45-88C9-8B5D53473CDF}] => (Allow) D:\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{9A6AF29D-6BDA-4798-9250-82286763BD16}] => (Allow) D:\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{CB4A9B68-AD26-4142-A1E3-8B703594452D}] => (Allow) D:\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{F18459C7-440A-40AC-825C-065A53FA7050}] => (Allow) D:\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{607B6446-B206-4904-8DAD-3B7CB10F0F98}] => (Allow) D:\Steam\SteamApps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{6469A81A-B9E6-43BE-BC57-2C4EABADF3E6}] => (Allow) D:\Steam\SteamApps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{CFD88044-AEC7-4D66-8898-DF24AEE47EEA}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{CF7FEB74-705B-4108-A6E5-512AA1A0A096}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{01C56484-458D-4655-9228-6DF55EC5819F}] => (Allow) D:\Steam\SteamApps\common\Bird Assassin\Bird Assassin.exe
FirewallRules: [{0806AF39-E8D6-40B1-9B5E-CE1C2AD87DDD}] => (Allow) D:\Steam\SteamApps\common\Bird Assassin\Bird Assassin.exe
FirewallRules: [{D36B0ADB-7EA6-4F72-A855-9BAC20392B8A}] => (Allow) D:\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{BF0B5034-DE66-4CAF-9099-0208A781A148}] => (Allow) D:\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{B3165C78-F757-41DC-AA3D-27B3526A162C}] => (Allow) D:\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{F934B444-F2FD-4BAC-9FE2-3DCA87958A82}] => (Allow) D:\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{F1C2FF55-6621-44BB-B02F-018EEE6A9A2E}] => (Allow) D:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{33ED618F-495E-427B-A112-174529CE06CA}] => (Allow) D:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F02CFF56-21D6-4BE0-8DF4-5AC9789C81FD}] => (Allow) D:\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{2311F316-7692-4844-9F0F-5CA13CA1D00F}] => (Allow) D:\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{8849A921-EB68-498E-B0D0-09E60E2181F0}] => (Allow) D:\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{1C2B6197-219C-4D3F-9066-107B81E6242E}] => (Allow) D:\Steam\SteamApps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{A66E9FDF-BA42-4C95-B2E6-0703ECEB5E0F}] => (Allow) D:\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{B1FAFB59-B248-4215-8AA6-9F257251EE34}] => (Allow) D:\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{18F89B0B-C8ED-46E6-8EF4-F359153F6AF4}] => (Allow) D:\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{0B158316-1E0B-4B56-9146-56A68B4F0F62}] => (Allow) D:\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{AB325EFB-7B97-4E43-B5ED-4EA54BEA73D5}] => (Allow) D:\Steam\SteamApps\common\Titan Souls Demo\TITAN.exe
FirewallRules: [{DFFDC7FB-C9AD-4598-89C8-47C9C249FF19}] => (Allow) D:\Steam\SteamApps\common\Titan Souls Demo\TITAN.exe
FirewallRules: [{46A44789-7CE2-4D26-993F-AF71C3743B49}] => (Allow) D:\Steam\SteamApps\common\Deepworld\Deepworld.exe
FirewallRules: [{44E619E2-4146-4611-B2B0-D70AD6ABA5EE}] => (Allow) D:\Steam\SteamApps\common\Deepworld\Deepworld.exe
FirewallRules: [{0F8A821A-DB16-4AD1-93AA-C0006DAFEF71}] => (Allow) D:\Steam\SteamApps\common\Voices from the Sea\voices_steam.exe
FirewallRules: [{018238B2-EB62-416C-A8F8-4F118188FB0A}] => (Allow) D:\Steam\SteamApps\common\Voices from the Sea\voices_steam.exe
FirewallRules: [{E7657054-9B34-4D25-B761-FC2D5139EE59}] => (Allow) D:\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{C6A3D384-C1ED-4782-8DDC-0DADC777E03A}] => (Allow) D:\Steam\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{7B27574A-E4E7-49B6-8DCD-34FA08452BAB}] => (Allow) D:\Steam\SteamApps\common\Fiesta Online\FiestaOnline.exe
FirewallRules: [{B3303E20-9024-4477-825B-47434426DAA8}] => (Allow) D:\Steam\SteamApps\common\Fiesta Online\FiestaOnline.exe
FirewallRules: [{7800EBC6-8394-4A74-90B2-726747DF4D13}] => (Allow) D:\Steam\SteamApps\common\Scribblenauts\Scribble.exe
FirewallRules: [{5D16333A-A80D-4A88-9028-51E28ED45F5E}] => (Allow) D:\Steam\SteamApps\common\Scribblenauts\Scribble.exe
FirewallRules: [{A3183596-AE32-4960-849A-F90C15D308FD}] => (Allow) D:\Steam\SteamApps\common\Heavy Bullets\HEAVY_BULLETS.exe
FirewallRules: [{605C3BC8-3B29-426F-BAB4-7C20A46A2E65}] => (Allow) D:\Steam\SteamApps\common\Heavy Bullets\HEAVY_BULLETS.exe
FirewallRules: [{DD634AD7-88FE-4F81-961E-89262B7F2B6F}] => (Allow) D:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{DF157837-C828-449C-913C-48C2F6B4437F}] => (Allow) D:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{9D6CE8D7-D5E7-405B-A964-E3231A9332AD}] => (Allow) D:\Steam\SteamApps\common\Overcast - Walden and the Werewolf\Overcast - Walden and the Werewolf.exe
FirewallRules: [{377D2905-B4FA-46F6-995A-8AD2ED720EDD}] => (Allow) D:\Steam\SteamApps\common\Overcast - Walden and the Werewolf\Overcast - Walden and the Werewolf.exe
FirewallRules: [{874BAD56-855C-4E67-8555-F58F0A632CB5}] => (Allow) D:\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{A6FD6037-1F14-41EA-BF3A-F21132183EA8}] => (Allow) D:\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{15252589-4709-485F-88C9-ED601B82F750}] => (Allow) D:\Steam\SteamApps\common\The Hat Man Shadow Ward\The Hat Man.exe
FirewallRules: [{1D434A2A-33AA-4F36-88A8-058E9D61F576}] => (Allow) D:\Steam\SteamApps\common\The Hat Man Shadow Ward\The Hat Man.exe
FirewallRules: [{718B7C0B-765F-431E-B2C8-FE58526E6D9A}] => (Allow) D:\Steam\SteamApps\common\Polarity\Polarity.exe
FirewallRules: [{2B27584C-E550-4C71-8CCC-C7765C84B01A}] => (Allow) D:\Steam\SteamApps\common\Polarity\Polarity.exe
FirewallRules: [{F562DD2B-8922-4817-AAB8-9DB5616BC505}] => (Allow) D:\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{013A7C7F-71D5-47FD-A283-63D4A9E32B7C}] => (Allow) D:\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{723A6B16-CFEF-4D96-A722-130109EEBE68}] => (Allow) D:\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{CADDEDFD-F638-470F-98FC-DCB85AD4C5B6}] => (Allow) D:\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{D0E39BDC-ADA8-4428-BD22-859A41453345}] => (Allow) D:\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{6D04A46C-93EE-44E0-8E7E-352DCCF3C9F1}] => (Allow) D:\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{56F25FE9-EF1D-461B-96FA-C03892A5C267}] => (Allow) D:\Steam\SteamApps\common\Memories of a Vagabond\GAME.exe
FirewallRules: [{2F1126FA-934B-46E0-8EF2-EC1F20376D0F}] => (Allow) D:\Steam\SteamApps\common\Memories of a Vagabond\GAME.exe
FirewallRules: [{57F16C06-3E74-4D8E-B6AA-F8A0B70BBC56}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{0BD5D0A0-72E7-40A4-A170-60D56C23B739}] => (Allow) D:\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{06B13CD7-82B2-4D7B-85F6-E11A63BA1942}] => (Allow) D:\Steam\SteamApps\common\Terra Incognita ~ Chapter One The Descendant\Game.exe
FirewallRules: [{82FD0219-0474-4EBB-B5A2-30E9A7A4EEFE}] => (Allow) D:\Steam\SteamApps\common\Terra Incognita ~ Chapter One The Descendant\Game.exe
FirewallRules: [{7BCC76AC-4A84-471F-B1D3-B086D0F939A6}] => (Allow) D:\Steam\SteamApps\common\Greyfox\Game.exe
FirewallRules: [{F9069FAF-2305-4B27-9681-9A73CD51E30D}] => (Allow) D:\Steam\SteamApps\common\Greyfox\Game.exe
FirewallRules: [{89778A6A-C7B2-450F-96E6-ACFE1DC4C06D}] => (Allow) D:\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{212F1921-8841-4150-9227-5408A38EEEDC}] => (Allow) D:\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{B0609D2D-587C-4E6B-AD1F-B3EBFABBA6E5}] => (Allow) D:\Steam\SteamApps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{72511E64-2F83-4274-AF63-B94D822EBCB7}] => (Allow) D:\Steam\SteamApps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{A39608C2-4DF9-4096-9EF6-12FA8897A35A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FD9250E4-3408-43B7-827C-5270745E40C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{31F02127-5FAA-4C47-998F-F1760F4F6A60}D:\dia\diablo iii\diablo iii.exe] => (Allow) D:\dia\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{EA3D969D-5649-4ED6-B9F3-FE85C867E698}D:\dia\diablo iii\diablo iii.exe] => (Allow) D:\dia\diablo iii\diablo iii.exe
FirewallRules: [{20E69447-47AF-4ABA-B552-4226C8DA39F8}] => (Allow) D:\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{6688F2A0-C99D-4049-AE2A-6855D7472E6C}] => (Allow) D:\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{B6C0D8F9-E265-452D-B6A9-84DF93E1AD19}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{9BEF5976-F56E-45DE-836A-E498D2C015B2}] => (Allow) D:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{785C5C83-4FCD-450F-B9CD-C99784BA5437}D:\blizzard eu\hearthstone\hearthstone.exe] => (Allow) D:\blizzard eu\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{B924A2AC-E802-4D11-A58A-B962246F3AF9}D:\blizzard eu\hearthstone\hearthstone.exe] => (Allow) D:\blizzard eu\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{A3D3D838-FEE1-4C6E-A0FB-034BD0A0CF7A}D:\aftermath\amlauncher.exe] => (Allow) D:\aftermath\amlauncher.exe
FirewallRules: [UDP Query User{910C10BF-53E2-4131-97AE-413C5CB3971B}D:\aftermath\amlauncher.exe] => (Allow) D:\aftermath\amlauncher.exe
FirewallRules: [TCP Query User{47408C08-8A72-4347-9AE1-7C72DF7D1E17}D:\aftermath\amlauncher.exe.new.exe] => (Allow) D:\aftermath\amlauncher.exe.new.exe
FirewallRules: [UDP Query User{2668FB33-25A1-4E59-A703-8EE4E475C87C}D:\aftermath\amlauncher.exe.new.exe] => (Allow) D:\aftermath\amlauncher.exe.new.exe
FirewallRules: [{52A773CF-0F5D-4883-AF56-8042C7C6F0D5}] => (Allow) D:\Aftermath\Aftermath.exe
FirewallRules: [{A67E1545-125A-4A5D-94C4-4CC07D2EBE9D}] => (Allow) D:\Steam\SteamApps\common\A Wizards Lizard\nw.exe
FirewallRules: [{E33F17FF-9080-468B-81EB-A2E695186F85}] => (Allow) D:\Steam\SteamApps\common\A Wizards Lizard\nw.exe
FirewallRules: [TCP Query User{4DF8C22F-6683-4E8F-BF95-E96DCE7D80A2}D:\steam\steamapps\common\gumboy tournament\testapp.exe] => (Allow) D:\steam\steamapps\common\gumboy tournament\testapp.exe
FirewallRules: [UDP Query User{A719BAB9-9BB8-4B9D-8028-8FFFAAFE0EAD}D:\steam\steamapps\common\gumboy tournament\testapp.exe] => (Allow) D:\steam\steamapps\common\gumboy tournament\testapp.exe
FirewallRules: [{B80E8CB8-699B-4470-95CD-76114951E45A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC212B0B-EDBE-41A9-95A5-55A5422011B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{700A1459-412C-4CAC-AE65-9D5962BA4953}] => (Allow) D:\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{61F1039B-8E78-4B47-B1E1-BFC726492331}] => (Allow) D:\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{641C418E-4216-4170-947C-D81795052465}] => (Allow) D:\Steam\SteamApps\common\Emily is Away\emily is away.exe
FirewallRules: [{81EEC29C-E13C-42B6-8D5C-1432A58122F7}] => (Allow) D:\Steam\SteamApps\common\Emily is Away\emily is away.exe
FirewallRules: [TCP Query User{91F8898E-8E4E-4AF7-91DF-8D560E557CE3}C:\program files (x86)\drawpile\drawpile.exe] => (Allow) C:\program files (x86)\drawpile\drawpile.exe
FirewallRules: [UDP Query User{DA7414B9-844C-4D34-9F30-9A17F6904CF8}C:\program files (x86)\drawpile\drawpile.exe] => (Allow) C:\program files (x86)\drawpile\drawpile.exe
FirewallRules: [{8CE2978D-94F2-4158-B95D-05678D789052}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2E08E235-47FD-4047-ACA7-45007EF84039}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C97A5994-453D-42FF-BC2B-041C29B1EA1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{908F222C-84CA-42F7-99DF-FBEE0BF8D5DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D38F2D43-6E29-4884-8F0B-922C63F4EC0F}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{475E7770-F956-4CDF-8564-92AAA1A70945}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{00C7E85C-91AE-4C42-B19D-C0707F359AA7}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{0D856C22-34E3-495F-81CF-B0C5F7EA2A6C}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C5716604-BFCE-4CCD-8213-546F43EDF7ED}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{DFC690A4-BF0D-401B-82F4-6E6F08759E9F}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{DD5B6671-FC73-44C0-B8DB-6BC5FC7078D1}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{FB3A14A4-A206-48C0-9240-B433B59F4A75}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{064D3305-0D1C-4D92-B2BD-F21120B1FACB}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{82F675DC-2AB1-45F5-BC43-F7E52A72701D}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{08851137-4DD5-4D15-9DB1-3A10335D4F48}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{82A56261-4FC6-4D5A-89C2-B744D4355998}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{33B544DB-6575-4770-B57D-6A2490EC4D24}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{93635E65-03DB-4350-AF7E-723B4FC45AE6}D:\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{C322AC91-3F9E-4932-855E-E8FD60E1B4F7}] => (Allow) D:\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{078A9D5A-A1AA-4EB2-BD2F-FC868ABC1428}] => (Allow) D:\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{03A7FB1C-08BA-4602-951D-70271AA0F951}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{3640A189-A01E-4E74-B965-DEB4F314C8D0}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [{219E23F0-F019-4A8F-8E3C-5583C5BF4426}] => (Allow) D:\Steam\SteamApps\common\Delver\delver.exe
FirewallRules: [{B9F2866E-87C0-4455-8B98-9B1928FDB6D6}] => (Allow) D:\Steam\SteamApps\common\Delver\delver.exe
FirewallRules: [{9572CF72-E956-4E3D-8703-17EADA12C609}] => (Allow) D:\Steam\SteamApps\common\Pixel Star\PIXELSTAR.exe
FirewallRules: [{8B99243B-C446-4147-90A7-1C0CB5B98F83}] => (Allow) D:\Steam\SteamApps\common\Pixel Star\PIXELSTAR.exe
FirewallRules: [{4BA86E1F-ABE3-4A19-A839-A42CF9CF8DD3}] => (Allow) D:\Steam\SteamApps\common\Creativerse\Creativerse.exe
FirewallRules: [{82A806A2-1556-4E8D-959E-BD93DA1DF9E9}] => (Allow) D:\Steam\SteamApps\common\Creativerse\Creativerse.exe
FirewallRules: [{683A856F-9891-4092-8A83-E861614CF8EF}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{0326A4FB-4DD1-41AB-99A4-E2EA3E3A5485}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{B05505A6-30DF-41CC-8541-6654850DE1B3}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{0BAF32D1-E80D-4C99-B320-80629732B13E}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{FB5FB950-DAAC-44D8-B124-6BB4F28C3BAE}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{8D9959A6-A0DA-476D-8A20-16D495DBBAD3}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{2554BCC1-C5D6-4FEA-9F0B-D1A4AB6827FF}] => (Allow) D:\Steam\SteamApps\common\Fingerbones\Fingerbones.exe
FirewallRules: [{741170F4-C323-49F9-995F-753AB23FD1F2}] => (Allow) D:\Steam\SteamApps\common\Fingerbones\Fingerbones.exe
FirewallRules: [TCP Query User{3997976D-136E-4A98-AA7A-DF0367D74872}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3F19FD1A-3895-444A-AB9F-A63963CCE23D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{3371347E-A547-44C7-B82C-1B61A1C3E3AA}C:\users\sv3nxd\desktop\stuff\java lernen\eclipse\eclipse.exe] => (Allow) C:\users\sv3nxd\desktop\stuff\java lernen\eclipse\eclipse.exe
FirewallRules: [UDP Query User{9413B18A-7F44-4014-AB54-BB75653FA90A}C:\users\sv3nxd\desktop\stuff\java lernen\eclipse\eclipse.exe] => (Allow) C:\users\sv3nxd\desktop\stuff\java lernen\eclipse\eclipse.exe
FirewallRules: [{2BAE55B7-CE37-41AD-B634-E5D5DD712862}] => (Allow) D:\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{073404D3-9F25-4075-9013-049BA0DDD9B2}] => (Allow) D:\Steam\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{F6D43557-72FD-4A76-A215-E033446F35FF}] => (Allow) D:\Steam\SteamApps\common\TEC3001\TEC3001.exe
FirewallRules: [{C175CA51-6EB6-4DD1-AD74-4C90FD9FBC04}] => (Allow) D:\Steam\SteamApps\common\TEC3001\TEC3001.exe
FirewallRules: [{E7DED657-FFDC-41B2-84BE-4C5AEC060AC2}] => (Allow) D:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{E2F7B34B-A080-49C6-AA4D-282831E0AF43}] => (Allow) D:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{13AED426-4210-43B6-BBA3-67141A63907B}] => (Allow) D:\Steam\SteamApps\common\Blender\blender.exe
FirewallRules: [{BDDE954D-8423-4754-BF86-C8009F83E2F4}] => (Allow) D:\Steam\SteamApps\common\Blender\blender.exe
FirewallRules: [{3E641A07-217D-4DE2-96F5-9788EE390755}] => (Allow) D:\Steam\SteamApps\common\lethalleague\LethalLeague.exe
FirewallRules: [{CF4B28F8-7098-4408-83A2-049F964983C1}] => (Allow) D:\Steam\SteamApps\common\lethalleague\LethalLeague.exe
FirewallRules: [{AB88C192-BDCE-4EAD-A617-F1EFA20268D4}] => (Allow) D:\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{2786B72B-A958-466D-9ED0-652B56CC9A22}] => (Allow) D:\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{3E23AE6D-594F-47A1-8AA8-C3C11A9A6A35}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{B8C1B953-D346-4500-9D12-31D9C3050B9B}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{DD8E0E3A-E87D-4151-8B06-D8368EB9AE38}] => (Allow) D:\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{42D0B81B-A2A3-43C4-9A47-55DB3C603FED}] => (Allow) D:\Steam\SteamApps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [TCP Query User{3BD14885-5136-49C2-B3FD-217E5D39365C}D:\steam\steamapps\common\gamemaker_studio\runner.exe] => (Allow) D:\steam\steamapps\common\gamemaker_studio\runner.exe
FirewallRules: [UDP Query User{8D8BB8E7-4FA9-4B8D-BBAD-6437A5C185BD}D:\steam\steamapps\common\gamemaker_studio\runner.exe] => (Allow) D:\steam\steamapps\common\gamemaker_studio\runner.exe
FirewallRules: [TCP Query User{B1B45527-B326-4DBB-9033-CD3F5EEC7C81}D:\origin\deadspace\dead space.exe] => (Allow) D:\origin\deadspace\dead space.exe
FirewallRules: [UDP Query User{C8282AFF-BF40-41DB-818E-983F09FDEB9F}D:\origin\deadspace\dead space.exe] => (Allow) D:\origin\deadspace\dead space.exe
FirewallRules: [{8780FDC8-3725-4BA7-8630-ADBDB4622720}] => (Allow) D:\Origin\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{B7794DE4-A3E0-4C37-90FF-1744913D51F6}] => (Allow) D:\Origin\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{26C3B627-B438-4F26-A13E-AD763D38AA23}] => (Allow) D:\Steam\SteamApps\common\Dawn of Magic II\dawnofmagic2.exe
FirewallRules: [{51E5039F-6643-4591-8EB2-D67EB2D3C53C}] => (Allow) D:\Steam\SteamApps\common\Dawn of Magic II\dawnofmagic2.exe
FirewallRules: [{3F1FA17F-6F6E-473C-AEA0-4C5E715A5786}] => (Allow) D:\Steam\SteamApps\common\Greyfox\EQLauncher.exe
FirewallRules: [{FE6D8924-2797-4723-98F9-9B1012706F16}] => (Allow) D:\Steam\SteamApps\common\Greyfox\EQLauncher.exe
FirewallRules: [{90423CEC-89A3-4BE7-BFFC-EF4FF313DED8}] => (Allow) D:\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{D3833891-95A5-485F-893C-C559DE786529}] => (Allow) D:\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{7A8038C8-9BA9-4DF1-A535-7F19734F0AF5}] => (Allow) D:\Steam\SteamApps\common\Project Starship\game.exe
FirewallRules: [{7C879779-9D26-4F36-B507-939DFF89502C}] => (Allow) D:\Steam\SteamApps\common\Project Starship\game.exe
FirewallRules: [{9718D249-826B-452E-85F4-2C2970C10779}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2DA72005-3883-4985-9805-75F519EE0B86}] => (Allow) D:\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{BD38AF8A-B69F-458D-8EE5-DFEDE90B5D88}] => (Allow) D:\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{175578F8-2341-428E-84EF-C3DE79C07D0F}] => (Allow) D:\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{D6BC8FEE-6422-428A-8C45-915066769ED0}] => (Allow) D:\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/19/2016 12:23:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung SpotifyWebHelper.exe, Version 1.0.21.143, Zeitstempel 0x56a26d24, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.19381, Zeitstempel 0x554d42e0, Ausnahmecode 0xc0000005, Fehleroffset 0x00000003,
Prozess-ID 0xd34, Anwendungsstartzeit SpotifyWebHelper.exe0.

Error: (04/19/2016 12:21:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2016 09:23:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, fehlerhaftes Modul cudart.dll, Version 6.0.6002.19454, Zeitstempel 0x55ae6da5, Ausnahmecode 0xc0000135, Fehleroffset 0x0006f40f,
Prozess-ID 0x1724, Anwendungsstartzeit Borderlands.exe0.

Error: (04/18/2016 09:23:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, fehlerhaftes Modul Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, Ausnahmecode 0xc0000005, Fehleroffset 0x01438837,
Prozess-ID 0x1754, Anwendungsstartzeit Borderlands.exe0.

Error: (04/18/2016 09:22:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, fehlerhaftes Modul Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, Ausnahmecode 0xc0000005, Fehleroffset 0x006ae5fa,
Prozess-ID 0x1754, Anwendungsstartzeit Borderlands.exe0.

Error: (04/18/2016 09:17:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, fehlerhaftes Modul Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, Ausnahmecode 0xc0000005, Fehleroffset 0x01438837,
Prozess-ID 0x156c, Anwendungsstartzeit Borderlands.exe0.

Error: (04/18/2016 09:16:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, fehlerhaftes Modul Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, Ausnahmecode 0xc0000005, Fehleroffset 0x006ae5fa,
Prozess-ID 0x156c, Anwendungsstartzeit Borderlands.exe0.

Error: (04/18/2016 09:16:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, fehlerhaftes Modul Borderlands.exe, Version 1.5.0.0, Zeitstempel 0x53ed3bb3, Ausnahmecode 0xc0000005, Fehleroffset 0x006ae5fa,
Prozess-ID 0x1708, Anwendungsstartzeit Borderlands.exe0.

Error: (04/18/2016 02:01:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung NvBackend.exe, Version 16.13.42.0, Zeitstempel 0x5418ec0a, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.19381, Zeitstempel 0x554d42e0, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0x4c8, Anwendungsstartzeit NvBackend.exe0.

Error: (04/18/2016 02:00:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (04/15/2016 10:24:06 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 14.04.2016 um 23:01:38 unerwartet heruntergefahren.

Error: (04/14/2016 09:46:36 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "\Device\HarddiskVolume2" aus.

Error: (04/14/2016 09:46:36 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "\Device\HarddiskVolume2" aus.

Error: (04/14/2016 09:36:25 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "\Device\HarddiskVolume2" aus.

Error: (04/14/2016 09:36:25 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "\Device\HarddiskVolume2" aus.

Error: (04/14/2016 09:32:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Neustart des Diensts

Error: (04/14/2016 09:32:24 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (04/14/2016 09:31:25 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a8SOFTWARE

Error: (04/14/2016 09:30:44 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a64\??\C:\Users\sv3nxd\AppData\Local\Microsoft\Windows\UsrClass.dat

Error: (04/14/2016 09:30:44 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a30\??\C:\Users\sv3nxd\ntuser.dat


CodeIntegrity:
===================================
  Date: 2016-04-19 12:30:28.749
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hxsy64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-04-19 12:30:28.649
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hxsy64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-04-11 09:07:44.629
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-04-10 18:32:13.142
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-04-10 16:45:18.052
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-04-10 12:51:27.952
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-04-10 11:31:06.353
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-04-10 10:37:54.376
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-04-10 02:34:33.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-04-10 02:34:33.424
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-4300 Quad-Core Processor 
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 4092.63 MB
Verfügbarer physikalischer RAM: 1820.68 MB
Summe virtueller Speicher: 8408.29 MB
Verfügbarer virtueller Speicher: 5949.08 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:220.7 GB) (Free:92.95 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:245.06 GB) (Free:4.02 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 8EB2F5C6)
Partition 1: (Not Active) - (Size=245.1 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=220.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

burningice · 19.04.2016, 18:03

Hast du die Datei jetzt schon gelöscht oder nicht?

Schritt 1
Lade dir folgendes Programm herunter und installiere es:

Malwarebytes Anti-Malware Hier findest du dazu eine bebilderte Anleitung

Klicke auf die Einstellungen / Erkennung und Schutz und setze dabei den Haken bei "Nach Rootkits suchen"
Klicke im Anschluss auf Durchsuchen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlaufprotokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:

Logfile von AdwCleaner
Logfile von Malwarebytes
Frst.txt
Addition.txt

WindowsDUC-Virus

Plagegeister aller Art und deren Bekämpfung: WindowsDUC-Virus