Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Email account gehackt?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.05.2016, 15:51   #1
Cuz
 
Email account gehackt? - Ausrufezeichen

Email account gehackt?



Hallo, ich glaube mein Email account wurde gehackt, oder ich habe ein Trojaner auf dem Computer (?).
Anzeichen :

Mojang Account wurde Email geändert (Email kenn ich nicht)
PlayStation Account wird versucht Passwort zurückzusetzen?
EA Passwort wird versucht zurückzusetzen

ADWCleaner findet nichts außer Untilman.exe (habe ich selber eingestellt)

Email Passwort wurde geändert, schon mehrmals, bringt nur irgentwie nicht?

Ich hatte früher hier schon dass problem das sich jemand versucht aus mehren Ländern sich in mein Account einzuloggen?

Mojang Account wurde Email wieder normal gesetzt.

Bitte hilft mir !

Zitat:
Edit:

hxxp://discard.email/pillory/aendern-sie-ihr-passwort_5990150135746113418-ffd927204bbbd969d7f01aab5f9c1334.htm
Genau das gleiche steht in meiner Email? Heißt es, es ist Spam/Fake?
Was ist dann mit dem anderen?

Geändert von Cuz (22.05.2016 um 15:57 Uhr)

Alt 31.05.2016, 08:59   #2
Warlord711
/// TB-Ausbilder
 
Email account gehackt? - Standard

Email account gehackt?



Hallo Cuz



Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Hier findest du die Anleitung für Hilfesuchende
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.


Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8, Win10 User mit Rechtsklick "als Administrator starten".

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Cursor zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.


Die Mails vom Playstation Network bekomme ich auch regelmäßig.
Die Passwörter einfach einmal neu vergeben.

Hintergrund sind sog. "Leaks" aus irgendwelchen Foren, wo durch Sicherheitslücken große Teile der dort gespeicherten Informationen wie email + Passwort "geklaut" wurden.

Mit diesen Daten wird dann automatisiert versucht, sich bei wichtigen Dienste anzumelden, um die Accounts zu kapern (und in der Regel dann im Anschluss zu verkaufen).

Du kannst erstmal selbst nichts dagegen machen, die Meldungen werden immer wieder auftauchen. Brisant wirds, wenn so Meldungen auftauchen, die auf tatsächliche Änderungen am Account hinweisen, wie z.b. die Änderung der verwendeten eMail-Adresse.

Deswegen, bei allen Dienste (EA, Paypal, eBay und was es noch so gibt), die Passwörter ändern, vor allem dann, wenn man überall das gleiche Passwort verwendet.

Tipp: Benutz Software wie KeePass, um deine Passwörter zu verwalten, dadurch kannst du auch extrem komplexe Passwörter einsetzen, die man sich sonst nur schwer merken kann.


Wir können aber gern ein Scan deines Rechners durchführen:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 01.06.2016, 13:26   #3
Cuz
 
Email account gehackt? - Standard

Email account gehackt?



Hey, erstmal danke für die Antwort ! Passwort habe ich von allen sachen geändert, und seit dem habe ich auch keine nachricht mehr bekommen, dass sich jemand versucht in mein Account einzuloggen. Außer bei meinem Mojang Account, da wurde sogar der Name + das Passwort geändert, ich habe den aber wieder zurück bekommen da ich den Support angeschrieben habe.
FRST
Zitat:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Nico (Administrator) auf NICO-PC (01-06-2016 14:24:11)
Gestartet von C:\Users\Nico\Desktop
Geladene Profile: Nico (Verfügbare Profile: Nico & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Scarlet.Crush Productions) C:\c_ps3\ScpServer\bin\ScpService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Nico\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.)
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600320 2015-08-13] (Razer Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\MountPoints2: {7fa75e2f-11a2-11e3-bb2f-904a0a77bf58} - E:\pushinst.exe
IFEO\taskmgr.exe: [Debugger] "C:\USERS\NICO\DESKTOP\PROCESSEXPLORER\PROCEXP.EXE"
IFEO\utilman.exe: [Debugger] cmd.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-19] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{AF62BCB5-1BB9-4FC6-BB91-85BE4F75DB59}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C8824B6B-83C5-4478-8BEB-55FB7C0CC7E7}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\pu2uavbj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-994648660-2701094439-4196816687-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-23] (Google Inc.)
FF Plugin HKU\S-1-5-21-994648660-2701094439-4196816687-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-23] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Nico\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF Extension: Stylish - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\pu2uavbj.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-01-25]
FF Extension: NoScript - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\pu2uavbj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\pu2uavbj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\50.0.2661.102\pdf.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Keine Datei
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Nico\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Profile: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-23]
CHR Extension: (Google Drive) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (YouTube) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Adblock Plus) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-01]
CHR Extension: (Google-Suche) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Google Docs Offline) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (agar.io server browser) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-08-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-18]
CHR Extension: (Google Mail) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-16]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-19] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1314848 2016-01-19] ()
R2 Ds3Service; C:\c_ps3\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-03-29] (EasyAntiCheat Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-22] ()
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [58368 2016-02-03] (Razer Inc.) [Datei ist nicht signiert]
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Survarium-Steam Update Service; "C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe" "Survarium-Steam" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-19] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-19] (AVAST Software)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50384 2015-10-26] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-01 14:24 - 2016-06-01 14:24 - 00017258 _____ C:\Users\Nico\Desktop\FRST.txt
2016-06-01 14:23 - 2016-06-01 14:23 - 02383872 _____ (Farbar) C:\Users\Nico\Desktop\FRST64.exe
2016-05-31 17:42 - 2016-05-31 17:42 - 00000000 ____D C:\Users\Nico\AppData\LocalLow\GOOD VIBRATION GAMES
2016-05-29 21:15 - 2016-05-29 21:15 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2016-05-29 21:15 - 2016-05-29 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MB2000 series Benutzerregistrierung
2016-05-29 21:15 - 2014-05-01 16:04 - 00337408 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_CCL.dll
2016-05-29 21:15 - 2014-02-27 08:37 - 00096768 _____ C:\Windows\SysWOW64\CNC1778D.TBL
2016-05-29 21:15 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2016-05-29 21:11 - 2016-05-29 21:11 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-29 21:05 - 2016-05-29 21:18 - 00015339 _____ C:\Users\Nico\Desktop\text.odt
2016-05-28 20:08 - 2016-05-28 20:14 - 00102720 _____ C:\Users\Nico\Downloads\NSA CHALLENGE(1).mp4.sfk
2016-05-28 20:07 - 2016-05-28 20:08 - 04304143 _____ C:\Users\Nico\Downloads\NSA CHALLENGE(1).mp4
2016-05-28 20:01 - 2016-05-28 20:01 - 04304143 _____ C:\Users\Nico\Downloads\NSA CHALLENGE.mp4
2016-05-27 21:03 - 2016-05-27 21:04 - 00138112 _____ C:\Users\Nico\Downloads\DAMN DANIEL (JERSEY CLUB) - DJ FLEX #NJCLUB.mp4.sfk
2016-05-27 21:03 - 2016-05-27 21:03 - 01651250 _____ C:\Users\Nico\Downloads\DAMN DANIEL (JERSEY CLUB) - DJ FLEX #NJCLUB.mp4
2016-05-27 20:22 - 2016-05-27 20:22 - 03678272 _____ C:\Users\Nico\Desktop\adwcleaner_5.118.exe
2016-05-26 18:45 - 2016-05-26 18:45 - 00000023 _____ C:\Users\Nico\Desktop\fasfaf.txt.com
2016-05-23 15:11 - 2016-06-01 14:17 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000UA.job
2016-05-23 15:11 - 2016-05-31 15:16 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000Core.job
2016-05-23 15:11 - 2016-05-23 15:11 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000UA
2016-05-23 15:11 - 2016-05-23 15:11 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000Core
2016-05-23 14:06 - 2016-05-28 20:04 - 00000000 ____D C:\Users\Nico\AppData\Roaming\.minecraft
2016-05-22 16:13 - 2016-05-22 16:41 - 00281288 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-05-22 01:03 - 2016-05-22 01:03 - 00000000 ____D C:\Users\Nico\AppData\Roaming\com.freakinware.wormis
2016-05-22 00:05 - 2016-05-22 00:06 - 00000000 ___SD C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-05-22 00:03 - 2016-05-22 00:04 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-05-21 21:40 - 2016-05-21 21:42 - 00041696 _____ C:\Users\Nico\Downloads\Cartoon Laugh Sound Effects.mp4.sfk
2016-05-21 21:40 - 2016-05-21 21:40 - 00467536 _____ C:\Users\Nico\Downloads\Cartoon Laugh Sound Effects.mp4
2016-05-21 21:34 - 2016-05-21 21:39 - 00486688 _____ C:\Users\Nico\Downloads\Katja Krasavices Community... - Youtube Fails #5.mp4.sfk
2016-05-21 21:34 - 2016-05-21 21:34 - 57297096 _____ C:\Users\Nico\Downloads\Katja Krasavices Community... - Youtube Fails #5.mp4
2016-05-21 21:29 - 2016-05-21 21:29 - 74675261 _____ C:\Users\Nico\Downloads\geraped- Katja Krasavice - Kuchen Talks #137.mp4
2016-05-21 21:29 - 2016-05-21 21:29 - 00836064 _____ C:\Users\Nico\Downloads\geraped- Katja Krasavice - Kuchen Talks #137.mp4.sfk
2016-05-21 21:28 - 2016-05-21 21:28 - 01436608 _____ C:\Users\Nico\Downloads\Ultimate The Best Fails 2015 - The Best of August Fail Compilation.mp4.sfk
2016-05-21 21:27 - 2016-05-21 21:27 - 280748458 _____ C:\Users\Nico\Downloads\Ultimate The Best Fails 2015 - The Best of August Fail Compilation.mp4
2016-05-19 23:48 - 2016-05-19 23:48 - 00000000 ____D C:\Users\Nico\AppData\Local\UnrealCrazyKiller
2016-05-19 00:51 - 2016-05-19 00:51 - 00000000 ____D C:\Users\Nico\AppData\Local\CrashRpt
2016-05-18 20:31 - 2016-05-18 20:39 - 00247200 _____ C:\Users\Nico\Downloads\SHOPPINGTOUR mit meiner MAMA - Papaplatte.mp4.sfk
2016-05-18 20:31 - 2016-05-18 20:39 - 00050528 _____ C:\Users\Nico\Downloads\Thomas The Tank Engine Theme (Original).mp4.sfk
2016-05-18 20:31 - 2016-05-18 20:31 - 42133022 _____ C:\Users\Nico\Downloads\SHOPPINGTOUR mit meiner MAMA - Papaplatte.mp4
2016-05-18 20:31 - 2016-05-18 20:31 - 02767007 _____ C:\Users\Nico\Downloads\Thomas The Tank Engine Theme (Original).mp4
2016-05-18 11:47 - 2016-05-18 11:48 - 00276536 _____ C:\Windows\Minidump\051816-23509-01.dmp
2016-05-18 11:47 - 2016-05-18 11:47 - 645449783 _____ C:\Windows\MEMORY.DMP
2016-05-18 02:57 - 2016-05-18 02:57 - 00000000 ____D C:\Users\Nico\AppData\Local\war
2016-05-16 21:50 - 2016-05-16 21:56 - 00216448 _____ C:\Users\Nico\Downloads\snoop dogg base instrumental(1).mp4.sfk
2016-05-16 21:50 - 2016-05-16 21:56 - 00085152 _____ C:\Users\Nico\Downloads\Papaplatte = xXQU1CKSC0P3RXx MLG 360 420 BLAZE IT.mp4.sfk
2016-05-16 21:50 - 2016-05-16 21:50 - 16749374 _____ C:\Users\Nico\Downloads\Papaplatte = xXQU1CKSC0P3RXx MLG 360 420 BLAZE IT.mp4
2016-05-16 21:50 - 2016-05-16 21:50 - 05872064 _____ C:\Users\Nico\Downloads\snoop dogg base instrumental(1).mp4
2016-05-16 21:47 - 2016-05-16 21:47 - 05872064 _____ C:\Users\Nico\Downloads\snoop dogg base instrumental.mp4
2016-05-16 21:03 - 2016-05-16 21:06 - 01015104 _____ C:\Users\Nico\Downloads\Hood Lit Dances #3.mp4.sfk
2016-05-16 21:02 - 2016-05-16 21:02 - 00282368 _____ C:\Users\Nico\Downloads\Pippi Langstrumpf - Remix.mp4.sfk
2016-05-16 21:01 - 2016-05-16 21:01 - 05061871 _____ C:\Users\Nico\Downloads\Pippi Langstrumpf - Remix.mp4
2016-05-16 21:00 - 2016-05-16 21:02 - 119909512 _____ C:\Users\Nico\Downloads\Hood Lit Dances #3.mp4
2016-05-14 17:29 - 2016-05-14 17:48 - 640523595 _____ C:\Users\Nico\Desktop\ghghg.wmv
2016-05-14 00:29 - 2016-05-14 00:29 - 01258777 _____ C:\Users\Nico\Downloads\baragaki.zip
2016-05-14 00:29 - 2016-05-14 00:29 - 00996642 _____ C:\Users\Nico\Downloads\horroroid.zip
2016-05-13 23:04 - 2016-05-13 23:05 - 00559328 _____ C:\Users\Nico\Downloads\THESE KIDS MUST BE STOPPED (PART 3).mp4.sfk
2016-05-13 23:04 - 2016-05-13 23:04 - 54384967 _____ C:\Users\Nico\Downloads\THESE KIDS MUST BE STOPPED (PART 3).mp4
2016-05-13 18:11 - 2016-05-13 18:11 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-05-11 17:03 - 2016-05-11 18:30 - 00000225 _____ C:\Users\Nico\Desktop\Lines.txt
2016-05-11 14:54 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 14:54 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 14:54 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 14:54 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 14:54 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 14:54 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 14:54 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 14:54 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 14:54 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 14:54 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 14:54 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 14:54 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 14:54 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 14:54 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 14:54 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 14:54 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 14:54 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 14:54 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 14:54 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 14:54 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 14:54 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 14:54 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 14:54 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 14:54 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 14:54 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 14:54 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 14:54 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 14:54 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 14:54 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 14:54 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 14:54 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 14:54 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 14:54 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 14:54 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 14:54 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 14:54 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 14:54 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 14:54 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 14:54 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 14:54 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 14:54 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 14:54 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 14:54 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 14:54 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 14:54 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 14:54 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 14:54 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 14:54 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 14:54 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 14:54 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 14:54 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 14:54 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 14:54 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 14:54 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 14:54 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 14:54 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 14:54 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 14:54 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 14:54 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 14:54 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 14:54 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 14:54 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 14:54 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 14:54 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 14:54 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 14:54 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 14:54 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 14:54 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 14:54 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 14:54 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 14:54 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 14:54 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 14:54 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 14:54 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 14:54 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 14:54 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 14:54 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 14:54 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 14:54 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 14:53 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 14:53 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 14:53 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 14:53 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-11 14:53 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 14:53 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 14:53 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 14:53 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 14:53 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 14:53 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 14:53 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 14:53 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 14:53 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 14:53 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 14:53 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 14:53 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 14:53 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 14:53 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 14:53 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 14:53 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 14:53 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 14:53 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 14:53 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 14:53 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 14:53 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 14:53 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-11 13:59 - 2016-05-11 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-11 13:59 - 2016-05-11 13:59 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-05-10 14:19 - 2016-05-10 14:19 - 00000000 ____D C:\Users\Nico\Desktop\CharacterEditorV0.4b
2016-05-09 17:23 - 2016-05-09 17:24 - 00000000 ____D C:\Users\Nico\Desktop\x RANDOM SCREENS
2016-05-07 19:27 - 2016-05-07 19:29 - 00000000 ____D C:\Users\Nico\Desktop\gta
2016-05-07 01:43 - 2016-05-07 01:43 - 00001041 _____ C:\Users\Public\Desktop\Cube World.lnk
2016-05-07 01:43 - 2016-05-07 01:43 - 00000000 ____D C:\ProgramData\Picroma
2016-05-07 01:43 - 2016-05-07 01:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World
2016-05-06 00:51 - 2016-05-07 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-05 13:48 - 2016-05-05 13:58 - 00000000 ____D C:\Users\Nico\Documents\IchMagDich
2016-05-05 10:26 - 2016-05-05 13:44 - 00000000 ____D C:\Users\Nico\Documents\Overwatch
2016-05-05 10:26 - 2016-05-05 10:26 - 00001100 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-05-05 10:26 - 2016-05-05 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-05-05 10:06 - 2016-05-31 17:36 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-05-05 10:05 - 2016-05-31 17:28 - 00000000 ____D C:\Users\Nico\AppData\Local\Battle.net
2016-05-05 10:05 - 2016-05-25 14:48 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Battle.net
2016-05-05 10:04 - 2016-05-31 16:48 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-05 10:01 - 2016-05-05 10:02 - 03012080 _____ (Blizzard Entertainment) C:\Users\Nico\Downloads\Battle.net-Setup(1).exe
2016-05-05 00:17 - 2016-05-05 00:17 - 00000000 ____D C:\Users\Nico\AppData\LocalLow\Freejam

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-01 14:24 - 2016-02-09 16:40 - 00000000 ____D C:\FRST
2016-06-01 14:20 - 2013-09-14 10:23 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Skype
2016-06-01 14:12 - 2009-07-14 06:45 - 00036128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-01 14:12 - 2009-07-14 06:45 - 00036128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-01 14:11 - 2013-11-15 22:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-01 14:07 - 2013-11-15 15:47 - 00000000 ____D C:\Users\Nico\AppData\Local\Adobe
2016-06-01 14:00 - 2016-03-13 21:06 - 00000000 ____D C:\Users\Nico\AppData\Local\LogMeIn Hamachi
2016-06-01 13:59 - 2016-03-19 03:34 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-01 13:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-31 17:47 - 2013-09-14 10:50 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-31 17:44 - 2013-08-30 20:16 - 00000000 ____D C:\Users\Nico
2016-05-31 15:12 - 2013-09-28 21:22 - 00000000 ____D C:\Users\Nico\AppData\Roaming\TS3Client
2016-05-31 12:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-30 20:31 - 2015-08-16 19:19 - 00000000 ____D C:\AdwCleaner
2016-05-29 21:17 - 2014-02-13 17:10 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-29 21:16 - 2014-02-13 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2016-05-29 21:16 - 2014-02-13 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-05-29 21:16 - 2014-02-13 17:00 - 00000000 ____D C:\Program Files (x86)\Canon
2016-05-29 21:15 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2016-05-29 12:00 - 2014-02-26 22:24 - 00000000 ____D C:\Users\Nico\AppData\Local\CrashDumps
2016-05-28 20:14 - 2016-04-18 16:44 - 00000000 ____D C:\Users\Nico\Desktop\lol
2016-05-27 20:25 - 2013-08-31 06:04 - 00699416 _____ C:\Windows\system32\perfh007.dat
2016-05-27 20:25 - 2013-08-31 06:04 - 00149556 _____ C:\Windows\system32\perfc007.dat
2016-05-27 20:25 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-25 21:31 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-25 21:31 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-25 14:48 - 2014-12-21 16:48 - 00000000 ____D C:\ProgramData\Battle.net
2016-05-24 20:31 - 2014-01-24 22:20 - 00000000 ____D C:\Users\Nico\Desktop\SpeedAutoClicker
2016-05-23 15:26 - 2016-02-15 15:13 - 00000366 _____ C:\Users\Nico\Desktop\Reim.txt
2016-05-22 18:07 - 2016-04-19 12:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-22 16:41 - 2013-11-27 20:28 - 00281288 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-05-22 16:41 - 2013-11-27 20:28 - 00000000 ____D C:\Users\Nico\AppData\Local\PunkBuster
2016-05-22 16:38 - 2013-11-27 20:13 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-05-22 16:38 - 2013-11-27 20:13 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-05-22 13:06 - 2013-08-30 20:29 - 00164680 _____ C:\Users\Nico\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-22 13:04 - 2009-07-14 06:45 - 05242064 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-21 22:42 - 2015-03-13 22:07 - 00010488 _____ C:\Users\Nico\AppData\Roaming\TheHunterSettings_live.bin
2016-05-19 00:51 - 2015-03-13 22:10 - 00000097 _____ C:\Users\Nico\AppData\Roaming\LauncherSettings_live.cfg
2016-05-19 00:51 - 2015-03-13 22:03 - 00000039 _____ C:\Users\Nico\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-05-18 11:47 - 2014-09-07 15:56 - 00000000 ____D C:\Windows\Minidump
2016-05-16 21:16 - 2014-03-02 23:45 - 00000132 _____ C:\Users\Nico\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2016-05-16 19:47 - 2013-09-24 13:23 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Audacity
2016-05-14 13:34 - 2014-02-24 19:56 - 00000000 ____D C:\Users\Nico\AppData\Roaming\OBS
2016-05-14 10:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-13 18:11 - 2013-11-15 22:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 18:11 - 2013-08-30 20:45 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 18:11 - 2013-08-30 20:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-12 21:34 - 2014-12-11 22:06 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-12 15:40 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 21:42 - 2013-10-20 11:35 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 21:30 - 2013-10-20 11:35 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 13:59 - 2016-04-08 14:47 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-05-09 14:38 - 2015-08-26 12:31 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-09 14:38 - 2013-09-14 10:23 - 00000000 ____D C:\ProgramData\Skype
2016-05-07 19:27 - 2013-09-27 22:43 - 00000000 ____D C:\Users\Nico\AppData\Local\Paint.NET
2016-05-07 13:19 - 2013-08-30 20:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-07 01:49 - 2015-10-28 13:51 - 00000000 ____D C:\Program Files (x86)\Cube World
2016-05-06 16:29 - 2013-12-17 11:31 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-05 13:48 - 2016-04-09 19:53 - 00000000 ____D C:\ProgramData\Unity
2016-05-05 13:48 - 2016-03-21 15:36 - 00000000 ____D C:\Users\Nico\AppData\LocalLow\DefaultCompany
2016-05-05 13:47 - 2016-04-10 00:41 - 00000000 ____D C:\Users\Nico\Documents\New Project
2016-05-03 21:24 - 2013-11-27 20:15 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-02 23:45 - 2016-05-16 21:16 - 0000132 _____ () C:\Users\Nico\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-11-30 17:47 - 2013-11-30 17:47 - 0000132 _____ () C:\Users\Nico\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-11-16 13:51 - 2016-03-27 07:17 - 0065594 _____ () C:\Users\Nico\AppData\Roaming\Camdata.ini
2013-11-16 13:51 - 2016-03-27 07:17 - 0000408 _____ () C:\Users\Nico\AppData\Roaming\CamLayout.ini
2013-11-16 13:51 - 2016-03-27 07:17 - 0000408 _____ () C:\Users\Nico\AppData\Roaming\CamShapes.ini
2013-11-16 13:51 - 2016-03-27 07:17 - 0004538 _____ () C:\Users\Nico\AppData\Roaming\CamStudio.cfg
2013-11-23 02:06 - 2013-12-01 00:12 - 0000112 _____ () C:\Users\Nico\AppData\Roaming\JP2K CS6 Prefs
2015-03-13 22:10 - 2016-05-19 00:51 - 0000097 _____ () C:\Users\Nico\AppData\Roaming\LauncherSettings_live.cfg
2015-03-13 22:07 - 2016-05-21 22:42 - 0010488 _____ () C:\Users\Nico\AppData\Roaming\TheHunterSettings_live.bin
2015-03-13 22:03 - 2016-05-19 00:51 - 0000039 _____ () C:\Users\Nico\AppData\Roaming\TheHunterSettings_steam_live.cfg
2013-11-16 13:50 - 2016-03-27 07:16 - 0000096 _____ () C:\Users\Nico\AppData\Roaming\version2.xml
2013-11-21 21:01 - 2014-12-22 13:35 - 0001456 _____ () C:\Users\Nico\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-02 16:30 - 2015-01-10 17:08 - 0017408 _____ () C:\Users\Nico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-22 01:20 - 2014-11-22 01:20 - 0000036 _____ () C:\Users\Nico\AppData\Local\housecall.guid.cache
2015-08-03 02:50 - 2015-08-03 02:50 - 0000003 _____ () C:\Users\Nico\AppData\Local\updater.log
2015-08-03 02:50 - 2015-08-03 02:50 - 0000424 _____ () C:\Users\Nico\AppData\Local\UserProducts.xml
2015-03-16 17:07 - 2015-01-15 17:07 - 0000032 ____R () C:\ProgramData\hash.dat
2016-01-08 21:25 - 2016-01-08 21:25 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat


Einige Dateien in TEMP:
====================
C:\Users\Nico\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
C:\Users\Nico\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Nico\AppData\Local\Temp\PROCEXP64.exe
C:\Users\Nico\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nico\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
__________________

Alt 01.06.2016, 13:29   #4
Cuz
 
Email account gehackt? - Standard

Email account gehackt?



Addition :
Zitat:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Nico (2016-06-01 14:25:09)
Gestartet von C:\Users\Nico\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-08-30 18:16:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-994648660-2701094439-4196816687-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-994648660-2701094439-4196816687-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-994648660-2701094439-4196816687-1002 - Limited - Enabled)
Nico (S-1-5-21-994648660-2701094439-4196816687-1000 - Administrator - Enabled) => C:\Users\Nico

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
AlienFX for KoneXTD (Version: 1.02 - Roccat GmbH) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM\...\Steam App 113400) (Version: - Reloaded Productions)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloons TD Battles (HKLM\...\Steam App 444640) (Version: - Ninja Kiwi)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.10.274.74.11 - Infernum Productions AG)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version: - Treyarch)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version: - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version: - Infinity Ward)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Camtasia Studio 8 (HKLM-x32\...\{DA88ACD2-9753-4B71-A07D-A7153DDFD8E3}) (Version: 8.4.1.1745 - TechSmith Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.12.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MB2000 series Benutzerregistrierung (HKLM-x32\...\Canon MB2000 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MB2000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB2000_series) (Version: 1.04 - Canon Inc.)
Canon MG5200 series Benutzerregistrierung (HKLM-x32\...\Canon MG5200 series Benutzerregistrierung) (Version: - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Craften Terminal 4.0.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0.2 - Craften.de)
Crazy Killer (HKLM\...\Steam App 448460) (Version: - Ino-Co Plus)
Crusaders of the Lost Idols (HKLM-x32\...\Steam App 402840) (Version: - Codename Entertainment Inc.)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Emily is Away (HKLM\...\Steam App 417860) (Version: - Kyle Seeley)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free MP4 Video Converter version 5.0.30.1029 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Google Chrome (HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
H1Z1: King of the Kill (HKLM-x32\...\Steam App 433850) (Version: - Daybreak Game Company)
H1Z1: King of the Kill Test Server (HKLM-x32\...\Steam App 439700) (Version: - Daybreak Games)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
KlausTrial (HKLM-x32\...\{DB2AC811-5937-43CE-B538-46EBD6F0CAC4}) (Version: 1.00.0000 - Naturalsoft)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Left 4 Dead 2 Beta (HKLM-x32\...\Steam App 223530) (Version: - )
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.428 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.428 - LogMeIn, Inc.) Hidden
Magic Bullet PhotoLooks (HKLM-x32\...\Magic Bullet PhotoLooks) (Version: - )
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.2 - Red Giant Software) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NaturalReader 14 Free (HKLM-x32\...\{773ED0E5-538E-4E86-8E00-719630613290}) (Version: 1.00.0000 - Naturalsoft)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Pamela Basic 4.8 (HKLM-x32\...\Pamela) (Version: 4.8 - Scendix Software-Vertriebsges. mbH)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.4.1 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.2.19 - Red Giant, LLC)
Relic Hunters Zero (HKLM-x32\...\Steam App 382490) (Version: - Rogue Snail)
RIDGE RACER™ Driftopia (HKLM-x32\...\Steam App 226410) (Version: - BUGBEAR)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version: - Roccat GmbH)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version: - Roccat GmbH)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version: - Roccat GmbH)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Roguelands (HKLM\...\Steam App 364420) (Version: - SmashGames)
SafeZone Stable 1.48.2066.98 (x32 Version: 1.48.2066.98 - Avast Software) Hidden
Shakes and Fidget (HKLM\...\Steam App 438040) (Version: - Playa Games GmbH)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SMITE (HKLM-x32\...\Steam App 386360) (Version: - Hi-Rez Studios)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version: - Three Rings)
Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™)
Spotify (HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Crate Box (HKLM-x32\...\Steam App 212800) (Version: - Vlambeer)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.30c - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Culling (HKLM\...\Steam App 437220) (Version: - Xaviant)
The Escapists (HKLM-x32\...\Steam App 298630) (Version: - Mouldy Toof Studios)
theHunter (HKLM\...\Steam App 253710) (Version: - Expansive Worlds)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM\...\Steam App 272350) (Version: - Ubisoft Singapore)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{460D83C4-15D5-4C0E-9B7D-2204F196A010}) (Version: 12.1.3 - Red Giant)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software)
Trapcode Suite 64-bit (Version: 12.1.0 - Red Giant Software) Hidden
Trapcode Suite 64-bit (Version: 12.1.3 - Red Giant) Hidden
Trapcode Suite v12.1.7 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.7 - Red Giant, LLC)
Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
Unity (HKLM-x32\...\Unity) (Version: 5.3.4f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EEB9EFDE-ED91-11E2-91A8-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Warhammer: End Times - Vermintide (HKLM-x32\...\Steam App 235540) (Version: - Fatshark)
WARMODE (HKLM-x32\...\Steam App 391460) (Version: - WARTEAM)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Worm.is: The Game (HKLM\...\Steam App 466910) (Version: - Freakinware Studios)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-994648660-2701094439-4196816687-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1294F3A8-3382-4D6A-AE89-513E19D3A08F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-07] (AVAST Software)
Task: {16111CD5-C91A-4D6A-BC73-5D79BD704CF5} - System32\Tasks\AdobeAAMUpdater-1.0-Nico-PC-Nico => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {1757B46A-AFA2-48C0-AE20-C3556C010A78} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000UA => C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {313056E2-E7C9-4BC4-BF2D-07CD69A6ABA7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000Core => C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5EE8E8FF-C16B-4E75-8233-79688611764B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {5FA56889-72CE-4FB0-AFF9-96453F92DA93} - System32\Tasks\SafeZone scheduled Autoupdate 1458731398 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-30] (Avast Software)
Task: {696BB494-56A8-4EBE-9223-2B0FE0F35974} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe
Task: {6C68DA77-C258-4F93-A253-4897E2088AC2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-19] (AVAST Software)
Task: {6FC11900-0ADA-4CE7-88F1-547D6D97590D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {9317E713-F85A-4CF9-A483-5DB77A066268} - System32\Tasks\Google Updater and Installer => C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9C3B6A35-DA26-466C-A03C-20636D99C47C} - System32\Tasks\{01781721-C0E3-4231-8543-4ECB40549EE0} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?page=tsProgressBar
Task: {E8299A49-FBEE-41D3-820C-400031E0A583} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000Core.job => C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000UA.job => C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-02-13 17:12 - 2013-06-28 15:28 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-11-27 20:13 - 2016-05-22 16:38 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-12-21 09:55 - 2015-12-21 09:55 - 00292352 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-03-19 03:33 - 2016-03-19 03:33 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-03-19 03:33 - 2016-03-19 03:33 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-05-31 20:39 - 2016-05-31 20:39 - 02984152 _____ () C:\Program Files\AVAST Software\Avast\defs\16053101\algo.dll
2016-04-14 15:54 - 2016-04-14 15:54 - 00509344 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-01 13:59 - 2016-06-01 13:59 - 02984152 _____ () C:\Program Files\AVAST Software\Avast\defs\16060100\algo.dll
2016-03-12 00:04 - 2016-06-01 13:58 - 00619840 _____ () C:\Users\Nico\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
2016-02-26 10:29 - 2016-02-26 10:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-03-19 03:33 - 2016-03-19 03:33 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-04-13 15:32 - 2015-10-06 21:26 - 50656768 _____ () C:\Users\Nico\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2016-04-13 15:32 - 2015-10-06 21:26 - 01874944 _____ () C:\Users\Nico\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2016-04-13 15:32 - 2015-10-06 21:26 - 00075264 _____ () C:\Users\Nico\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\55231489.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\55231489.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-03-11 23:22 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-994648660-2701094439-4196816687-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
MSCONFIG\startupreg: Google Update => "C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: Lightshot => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: ManyCam => "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent
MSCONFIG\startupreg: RoccatIsku => "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
MSCONFIG\startupreg: Spotify => "C:\Users\Nico\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Nico\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{54690BD5-4BD9-4492-93B1-AC11CC665BB4}] => (Allow) D:\fsetup.exe
FirewallRules: [{28DA10FC-1760-4251-AF73-A38759459BC9}] => (Allow) D:\fsetup.exe
FirewallRules: [{38BBB56B-BEFC-458A-AAC6-67876532677E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{69D44012-B4C2-49F8-9F82-168C061ED234}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{396C01E5-0CE5-4460-9508-2734BF3D8F54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{15418A81-B6D3-45B1-A2FD-211CD6AF9A5B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7C44271F-C5B9-43E7-9B90-FD0BE32EE8C2}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{52A02C17-F9D9-4664-A884-98F32D570A98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D5D9E836-36F5-47E4-B652-43503AB075A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1949A3ED-DD6B-42BF-8240-C88F6A66BCC6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{27480B1D-574C-4D2E-BF66-A386A07853B2}] => (Allow) LPort=2869
FirewallRules: [{A0D9E000-3E15-4DA3-8BAA-4ECAF1E8C6A7}] => (Allow) LPort=1900
FirewallRules: [{716BEAB0-8F1E-453A-9F44-A2CB8A3D3768}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{3F6A8046-BA07-41F7-9407-DECE2DA46B90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\aceofspades\aos.exe
FirewallRules: [{234931C2-5562-433F-9405-764073E2C3EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe
FirewallRules: [{ECCE0AF4-05C8-4039-917C-44A74CF955C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RIDGE RACER Driftopia\RIDGE RACER Driftopia_46358301.exe
FirewallRules: [TCP Query User{A8C5C466-F5C1-4C8C-9EE6-A61C0470C3E1}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{60979FC1-7316-416B-A249-89A8D9F22345}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{D9E7AE77-6604-4CE2-8809-7858DE3B0653}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{F28F3EE1-573D-422C-B941-3EE47B015C29}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [TCP Query User{C1A4BFF0-C017-4D70-B886-24B373B6B8B6}C:\users\nico\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\nico\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C3725A8E-2503-441E-A4C0-2098CFE2F88A}C:\users\nico\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\nico\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5C2087C4-4BAA-4560-B27A-20F042883672}C:\program files\sony\vegas pro 12.0\vegas120.exe] => (Allow) C:\program files\sony\vegas pro 12.0\vegas120.exe
FirewallRules: [UDP Query User{FC28E009-C184-4044-AF5A-920949708B51}C:\program files\sony\vegas pro 12.0\vegas120.exe] => (Allow) C:\program files\sony\vegas pro 12.0\vegas120.exe
FirewallRules: [{B5F166D1-4832-460E-945B-8A110FB370AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{EA985D3C-1B21-42E9-A868-8D5B81357821}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{70654395-5793-4903-8218-A90720A264E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{8A783CFA-43AE-43B8-B15C-759314F84FD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{24E73931-3408-4D6D-8B56-7624DD39A856}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{0B4CE29E-1BF3-48A5-B7FA-4BE73DCAB8D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{6A91CC79-4593-4155-9989-87C145C53B86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{44165FE5-5327-46C7-BE40-1105D2117420}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{5941405F-1718-416B-86FB-2D33ECAB5A3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{421507B6-5C04-4DEB-80BD-9BCF6345D12C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{CF908A21-4497-4AC2-8023-96FCADA61303}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{F0B3DBC5-B136-42FB-82AD-96177862BB3E}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{E2637E48-3967-4A90-BECE-A0E106204286}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{DDACE8BB-4594-4D96-848B-1C140EB71A37}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{90C72BC2-1F7B-4475-B258-E43C2947AD65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{50F8FF2E-F459-46AD-822B-EABDD87C4508}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BECBFFF8-4B66-4901-8840-EEB11B1C3AB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{EE1892E4-F63B-4F25-88D4-5DE9E629E4B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{10D770AE-DBB1-47D4-A871-6C2D022447FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{ED580C8A-E42D-4D18-B798-9C039788D78C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F9AB109C-6FAF-4E70-9DE5-79BA62B2E5DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7DC8735D-4776-435F-8D88-B59479D503EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{73B41964-317A-4349-858A-C8F689224FF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{D068E9D3-8BA6-4D15-9E5F-3ABD5FFC93A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{03C2C92A-F47A-401E-AFD0-D21D26F49B98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{28E505D7-D847-418B-919C-FF6CC51DA5A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1E1055AB-703A-4792-8E2F-60FEB805D2C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F6B7971A-566F-4CC3-AA87-9EB005A782EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EE90435A-13BC-48EF-A954-F198C877CCBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{5FE20464-7456-4E20-B601-15EA41BD2159}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [TCP Query User{2CA5CD8A-B4E4-4BAE-8AD5-C22C91D2236C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C38E7D36-3106-488B-BC97-3221D688BCB7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{77A035C4-CE16-4177-BAB3-136AB691A783}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B3E36A53-7CB5-4AC3-8763-72F3EDD82FA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BAD4AEBB-1D2D-4D4C-87A4-8D51C709EE1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F516BD5A-8192-4607-A134-5318E9AD2C0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{781C1A35-01C2-4E0D-9609-1F207ECD6069}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{BC15D33B-4CD1-4786-AF49-AC4D0395EAD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{E9CCCD9E-29ED-4583-99C9-6A85F2970A7B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{74A79D32-E0CF-4E5D-A8F7-BC5E8A2B3DA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{9CC028E9-30C9-4EC5-9D93-0FEA5F90FBE5}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{A0913EEC-46E3-42C2-9E00-4584F098BB15}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{CA3832BF-C869-42B4-B12B-BCBD39D36F9F}] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{92828D3B-375A-4A0D-B861-F67E8EFC5919}] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{EF0764FD-4380-44CC-9C69-35A25CA3A50E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{312B9D21-4BBC-4DEE-9C4D-0AD10F986450}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{D6036740-EA69-4583-85C8-8F6C1F938D56}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{AF3A708C-A4A1-49A0-BFB9-24722DF388E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{7E14E73F-BEE6-4D8D-81F5-8CA213017750}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{33A89992-8964-41BF-90CA-75E653D2BC3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{DFDB37B6-59D1-4F89-8BC9-F39F2045134A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{AD4D5879-AB33-4A72-8952-D03FD6BA812A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{C6E908D6-7CA1-4C67-9532-36BD191AA219}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{FE47FD41-1B99-431D-BF6C-C74606BA4A3A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{3FED1A83-CFEE-4711-B4F2-CC527FE50B6A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{5EB00401-534D-42CB-8A4D-61BB12A826DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4658FC5E-C96E-441A-A271-59EF0C477CB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{58CAA6B4-4D00-4D6E-ABFA-F556519A9E14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{D633B695-D0E3-4488-8019-AE442408F389}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{E95FABBD-E3E7-4C1A-92CB-C6BF517D4462}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{F2C74605-916D-4F89-AE27-9D84DCEC29CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{92D70988-9E1C-40C0-9D80-09F1FA4887FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{11BFAEE6-9003-4A00-8F96-2397694F6986}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{F3DC094A-EDDC-459C-8159-5C0E5C942197}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{27ED8812-1693-464C-8898-B5A2266B122F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DA3A747C-AB57-47D1-8653-ECEAFF2298BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{20896888-1761-4955-BDE6-D351CD7DFF22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{7215A0A6-C483-46E4-887D-FDA81805B49E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{24C4C442-223B-4706-917E-DF77D819B995}] => (Allow) C:\Program Files (x86)\Brick-Force\BfLauncher.exe
FirewallRules: [{57E9F638-23F9-4F2E-902E-CEF6DB3FF4B1}] => (Allow) C:\Program Files (x86)\Brick-Force\BrickForce.exe
FirewallRules: [{5AD2654E-6180-4F35-9244-C7EA9212BD89}] => (Allow) LPort=8317
FirewallRules: [{1EC86679-8443-47F5-8F29-3474CFAE0015}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{F7F46720-6C9B-4E4E-8DBC-47474C5C8858}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{D78A9BAF-A85A-46D9-B4C1-C930A36DFEF9}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{508D3F62-A6DE-40C3-8E59-60F1F14E918A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{27D79E1D-82D0-4DCF-BAC7-847075B6547A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{F0E3BCAD-75A0-4133-8DA1-8A780D350F05}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{06FC4EAF-2D98-4E96-B5BF-FB1C5F425505}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{DC86B349-9832-441D-AD38-82E6E679EE87}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [TCP Query User{B12A6611-2D33-42F3-BBD5-E52AC47456B9}C:\program files (x86)\adobe\adobe photoshop cs6\photoshop.exe] => (Allow) C:\program files (x86)\adobe\adobe photoshop cs6\photoshop.exe
FirewallRules: [UDP Query User{7C8D28B5-C3A5-47D2-A7FF-AE3AF095EC91}C:\program files (x86)\adobe\adobe photoshop cs6\photoshop.exe] => (Allow) C:\program files (x86)\adobe\adobe photoshop cs6\photoshop.exe
FirewallRules: [{C5E79EDD-6430-47E8-9327-C3DDF3F8DFAD}] => (Block) C:\program files (x86)\adobe\adobe photoshop cs6\photoshop.exe
FirewallRules: [{D2F1B324-3B5A-4C02-8439-4EAE34DEC0D4}] => (Block) C:\program files (x86)\adobe\adobe photoshop cs6\photoshop.exe
FirewallRules: [{A00F6B08-7EF4-4AB6-B7B9-EF3EBE73FC32}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2C31D41B-9617-429B-8567-52E311A42F32}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{7514FAA2-6E60-4BA6-937B-BA28000ADBE2}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A6403D14-C2AB-4D94-8730-394DE2193AD4}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{6A986343-A765-4E45-AF31-8902ABA25F27}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{4641492A-F507-4950-87E8-2D8A80DDF264}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{873E5612-A3C9-4300-929D-C97BCB6D4EAE}C:\users\nico\desktop\teamspeak3-server_win64-3.0.10.3\teamspeak3-server_win64\ts3server_win64.exe] => (Block) C:\users\nico\desktop\teamspeak3-server_win64-3.0.10.3\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{DB99E33C-34D4-4874-9EDD-BE54E5D71427}C:\users\nico\desktop\teamspeak3-server_win64-3.0.10.3\teamspeak3-server_win64\ts3server_win64.exe] => (Block) C:\users\nico\desktop\teamspeak3-server_win64-3.0.10.3\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{095B695E-BED8-4498-BD4C-8BCBDF6D5FF0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MicroVolts\Bin\Microvolts.exe
FirewallRules: [{ABE1A0BA-6E56-40AA-BE22-FD4CBA2FECEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MicroVolts\Bin\Microvolts.exe
FirewallRules: [{0B01FD2A-179B-48D6-94EF-39AC9CD6F66D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [{5378056D-C2E6-4F05-9F5D-F1F14F3775AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dizzel\Dizzel.exe
FirewallRules: [TCP Query User{091189FB-4DCE-41EE-B0BD-FA1BFD1C6992}C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [UDP Query User{64D95C42-9ECB-44DF-BFB9-FE833B901CAE}C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [{F35497F3-FBDE-4276-9999-686FB2D6C9E7}] => (Block) C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [{65F0B5BE-C234-4DA6-B47A-E955E0D4DD9F}] => (Block) C:\program files\adobe\adobe after effects cc 2014\support files\afterfx.exe
FirewallRules: [{4AF961F3-D10D-4D02-9040-7DD25EDBF237}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{5C39D61B-3F36-472D-BCDB-0AA11EA33324}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{C3356278-A36D-4989-A753-88B66913B82C}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{E2707E0F-8A91-468A-95E5-FAC1266DE103}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{FF22C2C9-0863-40B2-930B-F970B64D0CC6}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{F23F34E6-4A7F-4B96-AFA8-69A066ED1B81}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{1DDE5F55-84D1-48A3-B02B-7BC2C2992F24}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{ADAC97A8-B2E4-42D2-9131-152C1E7CA22C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{03C6BF46-6C78-4029-82C3-B102494571F5}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{EF66F3DF-ACF3-4D85-9B0E-D0831CC5CCEA}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{DC899149-BA7F-44FA-82AE-78F9F1855B7F}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{8B091258-A674-472D-AA09-67BA50DD0429}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{26C4EF7F-4B16-4F0B-95F5-5298903A378E}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{C510C6CA-0425-46A2-AA8C-F6D35F99F496}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{5C181EA7-1739-413F-8651-55798324E72F}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{46D61367-6293-4152-B328-183048A3D8B9}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{D99FA20F-64E0-4C9F-B3CC-4CDEAFABB3B4}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{F9D89357-9BD9-401D-8440-E5802DD3E60B}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{9364C5D1-19DA-4A30-8B73-48BC3686EED5}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{80909B8C-2FC7-445C-B369-F93162B86093}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{56CF7EA9-5C62-4ED8-A52A-3D34DB0BD072}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{42EAAD58-27D9-470F-84A1-AB46D34F13C2}] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{DA753296-A1FB-496B-8BFB-4C4D98517262}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3D49B623-B0F5-4B8E-9D6B-8B996C3C3AAD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{B039065E-85B8-42BC-87E4-E66019B5C7AF}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6C2C0D8B-D939-4E01-88E8-3F992411D520}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{286DF5BE-7291-4D73-B9F3-A3D6CD45456E}] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{E19F0A00-F2FF-4637-9DF6-11824387A734}] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{6E70B737-3425-438D-BB3E-15A36FE548D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EEDD31DC-67C4-4D23-9DD5-4DAACABE10B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0BCCE696-E33C-4FDE-A190-3CE9ABA27ECD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{E4585668-801D-474A-B024-54A2BBECEF03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{DE08D56F-9243-476D-A3E1-793462787D1A}] => (Allow) D:\fsetup.exe
FirewallRules: [{696149AC-D80E-416F-A44D-64E9A95017AB}] => (Allow) D:\fsetup.exe
FirewallRules: [{9FCA1BCC-EB82-40B3-BC19-2884FD5D7E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{06E1F274-B72B-41BD-9DA4-4C26D6955D70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{ADFA178C-D8FB-4211-8D05-AA0D2BA886A3}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [UDP Query User{ABD86107-27B4-49FE-BB71-D621DEC3A3CC}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{5373167A-EC16-4354-86F9-26F4FF6A8B8F}] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{010825A7-DF09-4812-87E4-0CC2EE19F0B6}] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{7C5FA49C-D558-4CBB-8F37-1571285B3FDD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{8A6483A6-2CB9-4DF1-8922-98FB111FAA29}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{64CB8C3A-C065-4309-9C40-4534C4798173}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{04045F81-EB3E-479A-90DB-1B66E11E5713}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [TCP Query User{BF11BF35-0085-4CD0-A1F7-E75C137C3F88}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{CB46B0B8-211F-4C8D-AAB2-116163A6280D}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [{89D03213-9105-4B49-9836-D999FF1A2857}] => (Block) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [{0A4AC359-75F3-42B3-ABCE-AF2A7D7C2C78}] => (Block) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [{8C10C81F-DCE0-41B0-8585-120E85AC3565}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Minimum\Binaries\Win32\MinGame-Win32-F.exe
FirewallRules: [{47D969D1-AE3F-4723-88DC-43DA40F3056B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Minimum\Binaries\Win32\MinGame-Win32-F.exe
FirewallRules: [{CD7BA287-C67F-4DBD-99D0-6875D599E865}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{06D4EC61-B918-464A-9AF1-4019C35370CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{9C7A6D09-D938-46C8-B33F-DF360EFE38E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe
FirewallRules: [{FD8E8AD8-05F9-4E92-BAE6-ABB43332316C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{44797B8A-FD76-4D01-83A2-875C047B2D85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{0D38A7B2-39FB-4D44-8281-920C08F421D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{C21920BE-0500-477B-B8CA-A7615DB8B933}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{9E6D989B-5E32-41BA-BA60-CE7B829D1CEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{C129E91A-6372-4374-A186-BD0002CAE53B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{A7355881-1D5C-4865-ABC5-81BBF81F114F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{2FA1C514-6D3F-439E-8AB4-25382BDCDA60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{4A6A2D41-E2FE-43DB-A50C-7A75630F325A}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{56627EC9-E51A-40EE-A179-BF8DAA0A6502}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{CA5A3556-FAEC-4A78-A2CB-6EB941A6B272}] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{EE5CE35B-BEB7-417A-9169-26154D70A721}] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{818E3530-8D9D-4587-9F8D-8E9881A4861E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{05FFE5B9-B2DA-45E6-A5D8-BA51CCC0F819}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F8455595-10E5-42D5-BFBF-A86463116E38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B48B424D-21B9-4AFD-BEB9-0F4C1FA99F82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{54297260-E7D3-4771-9391-E17D909EFB27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{44C2119C-99E1-419D-ADED-BB8B51227A4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{5D882897-D34F-4108-8B30-944A53CCF54F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{BF707644-4CF7-4ACB-9424-E00E595EBB84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{9C152990-2229-4868-B205-020870EBE816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5C1A0A38-FA59-4423-96A0-73287F4C8BAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{667684EC-209E-4EAA-8BB8-D4789A6591A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{D80A02FE-29B9-42C4-82E6-5DD64A4C4B65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{0D9006F7-B11F-4CF4-A424-D48D5C785EEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{36468AD7-21D7-4279-95C4-81AFA8E48B7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{C84F12F8-6E02-4589-83A9-D8C614DE429E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{647231A5-C910-4CDD-8F2A-D21377616D45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{A83EBCFD-2784-46CB-B7FF-92D3E17D8DB5}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{78A80D09-845D-4B48-BCE3-53DB2B73B193}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{C345EBE1-B7B1-4536-A33E-D385D80A34BE}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{455AE53F-90E7-42FA-8E0D-97878AAA0A8F}] => (Block) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{7D8748FA-DE9E-47BA-AD9A-6079B3C50639}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{8D6C44DB-1B0E-4B17-8D1A-1D581BF61661}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{C3E4AA72-D952-4439-9C95-26D9D77073E7}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{AD69ADF9-D6E3-4B82-B4A9-DC250CD04262}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{255293A7-053E-4F0F-B3DE-DCEDF4F78645}] => (Block) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{CF930F29-DED8-43A0-A00C-2C5658098AA4}] => (Block) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{8CE04B60-8A81-492A-AAE4-50A7BC8858C4}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{2BDDD1E2-EA66-4329-A55B-FD1EF37704AE}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{5C59FA46-F45E-4E29-B8F0-B0649C443ED2}] => (Block) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{25B361FF-D279-4D3B-AAE9-14ED9CCEAB61}] => (Block) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{028A93B1-2E3A-4ECC-89E8-5C862D85C6A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{0AFDA932-2DDC-41CD-BB87-BB4F09B141ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{FC283DE6-A3C5-4D27-937A-5F9541A9A420}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\supercratebox\supercratebox.exe
FirewallRules: [{8E27506F-F52D-40B3-AFFB-DEA032185816}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\supercratebox\supercratebox.exe
FirewallRules: [{182AEAB1-1207-4CD6-A349-C884BF56B456}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{35448B0D-1984-469F-8C46-46D73BA70381}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{33E3984B-B11C-41DB-8BDF-2A009C769601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2 Beta\left4dead2_beta.exe
FirewallRules: [{D88E7E38-ACD1-416E-BC3C-31E1A672D4C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2 Beta\left4dead2_beta.exe
FirewallRules: [{C44E05F1-7C0F-44A3-8DAB-F0F04F11F74D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{A5DF9B94-D0B3-4B77-AA91-45F7AA0E4A73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [TCP Query User{58E50CCA-508C-4324-8017-5D4CA7E66068}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{4BE27D62-4094-45FB-8EB0-D649D9335AAB}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{355BD191-7EB2-4397-BBEA-C942F35A44FA}] => (Block) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{1048A93B-9400-407D-A979-911C6F53ED0E}] => (Block) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{FE55E047-A069-4123-9A64-0EC5424A59F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusaders of the Lost Idols\Crusaders of the Lost Idols.exe
FirewallRules: [{8394A6D3-BB7C-4AF8-94AB-D971C7FD4691}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusaders of the Lost Idols\Crusaders of the Lost Idols.exe
FirewallRules: [{8B284277-5977-4769-B467-0258871EB850}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WARMODE\warmode.exe
FirewallRules: [{98368551-9E36-435F-9732-33475ED5E43A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WARMODE\warmode.exe
FirewallRules: [{3C8FFD8A-3BB8-49AF-B213-6F189B2FD66A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{F126DB3B-F6F9-417F-A8D5-D5445AE12F0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [TCP Query User{2FD8372E-EBD5-4FAA-AA01-307C471C92A6}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{542F516A-CA92-43B4-8914-BB57EEA155F0}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{AB55E989-91D5-409F-8B97-3438F84E72B2}] => (Block) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{C4261EE1-69AE-40C4-9ADD-2C7DEA220CE3}] => (Block) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{1B0547D4-0DFF-4607-BF43-06991AA6F5AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{4207B5FD-D38C-46FE-B483-2740663D443A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{C6F0D8F1-A867-4685-B8AE-6E7D4FB83D47}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2215B24A-E19D-498E-8205-CDC46232B1A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D4E2B73-7B96-4867-9C80-0883FE59B8CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{4715D543-CE55-489D-B34D-D7DCD721C8F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{7E4B6D62-B23D-454F-A608-80221D2AB268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{95AA1D89-6D4A-4835-9334-504E2852EF9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{59E08FCF-3776-497F-B030-A6B4581930B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{DADC7B72-EA96-4DB9-9D2D-AC62F0C92B69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{D63BE189-F373-4A6B-8426-C4E4232FA7D7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{E5CE291E-797A-4BD1-A546-610C03659464}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{CF970758-86FB-4CFC-A9B9-31540F6DE28C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{0EE119E5-DD66-4BCE-8D71-B4608B4AE83A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [TCP Query User{BAAE40D9-EBB5-4BE1-92F3-16A032538667}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{5FEF9A0C-E3D5-44B8-B7A8-EF293AE9EA86}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{0013ACF4-C2A3-4CB7-B116-4AF81DC6A1E6}] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{B3426D26-EFCB-488F-9606-1B18811B1BE3}] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{9B05E434-0CCB-48C0-94A8-3D89828722D3}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{DA7C7F5A-1410-4C63-ADA1-AEB0C11867C8}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [{94DCE23E-4A43-43EE-8812-0EA9DBF903A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{51ED7158-C18A-4823-A8BF-7EF38B5A650C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{ACA4AEEF-0496-47FC-B48C-6BCFD5765A23}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{B3DC95C1-65B6-4D46-BA3D-B1EE840FC6A3}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{C6CD0A96-D70B-4282-96B9-E0B1C91C8556}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{C941C751-CDCF-4C1D-BD17-A0895563DFFA}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [TCP Query User{9E442B67-70AD-4554-A4C5-65BEF30FC7A1}C:\program files\java\jre1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\java.exe
FirewallRules: [UDP Query User{42E38621-ED82-49D4-8356-70448CD25E14}C:\program files\java\jre1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_73\bin\java.exe
FirewallRules: [{993C78E7-232E-4AAD-A490-90DD503891E6}] => (Block) C:\program files\java\jre1.8.0_73\bin\java.exe
FirewallRules: [{803D32AB-4312-4E17-BC9D-50D99F89CA83}] => (Block) C:\program files\java\jre1.8.0_73\bin\java.exe
FirewallRules: [{3D031A2F-32DE-4C86-95FD-9F5AEC7E7A1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F13EDE5E-9729-4F50-A50B-1704B2402D55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B0F47F5C-3501-42ED-8905-1996C057A1A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{0E337960-EA2D-46AF-9286-B5E1ED6A4013}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{98F13491-ADDF-48D1-B7CB-E54251A89E14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{CC6CFA84-8481-4C65-9247-196F92CB3F20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{A752A4EE-9BA7-4478-81BD-EBFA2A84EA0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{12F50593-CCA4-4F25-9AE0-9653144C34B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [TCP Query User{BCFCED22-401E-4BE8-8DB6-474614EA726E}C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe
FirewallRules: [UDP Query User{C0A33CEC-BCA2-477A-920B-9B787DEFEB81}C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe
FirewallRules: [{1B00BE58-A92B-468F-84A6-D819D677D641}] => (Block) C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe
FirewallRules: [{80B42A65-770F-41E2-8C6D-302323F92F7A}] => (Block) C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe
FirewallRules: [{33E21FB5-3604-44D4-B110-A8438834E2A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Roguelands\Roguelands.exe
FirewallRules: [{6FEE097C-D008-440E-BA87-23C7E8E76A8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Roguelands\Roguelands.exe
FirewallRules: [{080954FF-126A-450E-BC9A-1F74A37838A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{7C3F4AEB-EE09-49B0-9858-04A35B980565}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{A65BCC79-E938-46C6-AF3D-1F6E33D039D1}C:\users\nico\documents\my games\terraria\windows\terrariaserver.exe] => (Allow) C:\users\nico\documents\my games\terraria\windows\terrariaserver.exe
FirewallRules: [UDP Query User{00202013-EF23-4D5D-9458-4BB2249CFFDE}C:\users\nico\documents\my games\terraria\windows\terrariaserver.exe] => (Allow) C:\users\nico\documents\my games\terraria\windows\terrariaserver.exe
FirewallRules: [{A0430532-D065-44F1-A6F9-29BC9A042E7B}] => (Block) C:\users\nico\documents\my games\terraria\windows\terrariaserver.exe
FirewallRules: [{19731439-E46E-47D7-98A8-2A18845214F9}] => (Block) C:\users\nico\documents\my games\terraria\windows\terrariaserver.exe
FirewallRules: [{7D4C5068-E747-44EB-90C8-28F4D99033B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{834686C6-33D0-439B-B04F-740F237EB37E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [TCP Query User{1C70B08C-58EE-45F4-A44F-BBF9E574B9B3}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [UDP Query User{11BC301E-20A0-49FD-9421-FEE00E770ED4}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [{19345889-CDDB-437B-9BF1-C2DB36FE37FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{4F070157-A49D-4538-8CCA-0A5D3CEBA90B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{762C7D9D-3A70-4B6A-8DF7-C2BB1A9126B6}C:\program files\unity\editor\unity.exe] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{170A9E05-604A-459C-BF9A-D974D01359C1}C:\program files\unity\editor\unity.exe] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [{2097E650-F5CE-47FB-B86D-68ECA2235918}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emily is Away\emily is away.exe
FirewallRules: [{584F0DAB-B7FC-4AEA-9B0E-C7EAAAC9D1BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Emily is Away\emily is away.exe
FirewallRules: [TCP Query User{3FB129DF-8A8D-4FC9-91E5-D679664A3815}C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe
FirewallRules: [UDP Query User{1046D28A-673A-4B3C-956F-FF48C856E338}C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe
FirewallRules: [{7880304C-59EE-43FE-B092-01E74BF7CFC2}] => (Block) C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe
FirewallRules: [{CB35EFFA-E621-45F1-90B5-9478F9124F90}] => (Block) C:\program files (x86)\steam\steamapps\common\medusa's labyrinth\medusa\binaries\win64\medusa-win64-shipping.exe
FirewallRules: [{6A0E60BE-9716-4D5C-8665-152EE12906BE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{40C3C022-0B24-4B6A-97F3-06C5B5DF1625}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{014A9E78-F316-454E-A673-024F3B35CA46}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{67C9E910-A7A7-4E6D-A5C8-8DBEB30EF340}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{EE130B4C-E7FF-4AB5-B19D-283B8336A6AD}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{7BCB55C3-75B6-46C8-A19A-F54837A57984}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{203D644E-01E5-48E6-A137-17ED1C23EE38}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{2FFB5BA9-9B99-4876-8731-FC37AE99CA22}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{F55C9DBA-6FCE-4EC8-AB82-54FCFBCE9FF0}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{AE498F49-B2C1-435F-992A-D52D2EB3F028}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [{3E6454CA-CB54-4F02-8CBD-3D50D157C672}] => (Block) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [{7296A743-06C9-46AA-85F3-8C543ABA80A0}] => (Block) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{BA7BBFAF-214E-4C68-899A-89BE124E3009}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{E5DAD888-9EDC-4070-9F8F-F08F58C4AE13}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{E104CADD-936D-408B-A244-F6E17420CDB9}] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{BEA7292E-E2F5-4FBB-BD28-7261F75D7E02}] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{C8F3AE26-ED6D-4C7B-9643-C6FD259E8D43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bloons TD Battles\Battles-Win.exe
FirewallRules: [{D38DE040-9058-4456-84E7-94431061F6C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bloons TD Battles\Battles-Win.exe
FirewallRules: [TCP Query User{6EB701B1-BF8A-4038-8E83-1E671AC33168}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{A76A03CD-96AC-4FA4-93BE-072773DABE06}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{DCF9BA35-0981-438C-BF7C-3E541188645B}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{5D83B805-BDC3-460C-9D63-B7C238834EC5}] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{66D127C2-C651-41DA-94B3-77FDFE8E487A}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [UDP Query User{F8697051-ABA3-4765-AE75-957F5F6EE11E}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [{9510470B-961D-4738-A852-5CC362DFC14A}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{2B05CE38-714B-44E0-B731-060F179F11D8}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{D81F3680-13C9-4BF9-8DFE-554A40217977}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{25A37E26-BD52-4074-B52D-EFFB44217E35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{164CD97E-311E-4B17-AC3A-106F72E1CACE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crazy Killer\UnrealCrazyKiller\Binaries\Win64\UnrealCrazyKillerClient-Win64-Shipping.exe
FirewallRules: [{B3197E39-1573-4D60-8217-1E5C9E6D974B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crazy Killer\UnrealCrazyKiller\Binaries\Win64\UnrealCrazyKillerClient-Win64-Shipping.exe
FirewallRules: [{94B167E7-2F3A-421C-A885-3CF84F1FCB2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worm.is The Game\Wormis.exe
FirewallRules: [{92A95A90-793A-43A8-8F3F-AC8D689E1916}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worm.is The Game\Wormis.exe
FirewallRules: [{E2AD6C7C-DED0-4AC8-B4B6-2510E43B5669}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{090764CC-745F-4C46-98AF-95558AE0A461}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{5EBFB47C-4C6A-425A-919C-1CE9DCC179E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F675288F-B11D-4DBF-BF58-DDDF6B96C43F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4988F7F8-B489-4CC2-9C2C-F83DEB1EA44F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2741FA05-23EC-4AE9-9604-A59FCE0031E5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{24C584F5-71C6-41E6-82C2-5C6E2089AEEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{842F11FF-A2ED-4E75-A816-68AA7007F2B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{3374C4AD-7C2C-4CB7-99C1-D9AE2CC8BC64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{468C4F32-C71A-408E-80F2-27CD45642896}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe

==================== Wiederherstellungspunkte =========================

17-05-2016 12:06:21 Windows Update
22-05-2016 00:02:44 OpenOffice 4.1.2 wird installiert
22-05-2016 16:10:02 DirectX wurde installiert
22-05-2016 16:35:44 DirectX wurde installiert
24-05-2016 12:16:32 Windows Update
25-05-2016 21:30:39 Windows Update
31-05-2016 12:21:49 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/01/2016 01:58:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2016 12:17:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2016 01:56:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2016 12:00:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.18345, Zeitstempel: 0x573de6e7
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a801
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000475b8
ID des fehlerhaften Prozesses: 0x1278
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3

Error: (05/29/2016 11:53:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2016 11:34:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/27/2016 02:28:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2016 03:42:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2016 02:21:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2016 02:04:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (06/01/2016 01:57:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Razer Game Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/01/2016 01:57:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Razer Game Scanner erreicht.

Error: (05/31/2016 03:15:13 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "WULLISPC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3773AA03-48B3-4CA9-9FF1-DE7E839B6F23}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/31/2016 12:40:12 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.

Error: (05/31/2016 12:16:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SCP DS3 Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/31/2016 12:16:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SCP DS3 Service erreicht.

Error: (05/30/2016 09:20:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (05/30/2016 02:03:35 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (05/30/2016 01:55:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SCP DS3 Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/30/2016 01:55:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SCP DS3 Service erreicht.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8120.61 MB
Verfügbarer physikalischer RAM: 5207.43 MB
Summe virtueller Speicher: 16239.39 MB
Verfügbarer virtueller Speicher: 13080.78 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:275.34 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BC0D2EC8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Alt 02.06.2016, 10:11   #5
Warlord711
/// TB-Ausbilder
 
Email account gehackt? - Standard

Email account gehackt?



Zitat:
IFEO\utilman.exe: [Debugger] cmd.exe
Hast du dir das "Backdoor" selbst gebaut ?


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 02.06.2016, 15:57   #6
Cuz
 
Email account gehackt? - Standard

Email account gehackt?



Ja, das mit Untilman.exe habe ich eingestellt.
ADWCleaner :
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.035 - Bericht erstellt am 18/02/2016 um 21:20:24
# Aktualisiert am 18/02/2016 von Xplode
# Datenbank : 2016-02-18.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Nico - NICO-PC
# Gestartet von : C:\Users\Nico\Desktop\adwcleaner_5.035.exe
# Option : Löschen
# Unterstützung : ToolsLib - Forum: Ask for help or share your experience.

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000Core
[-] Geplante Aufgabe Gelöscht : GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000UA
[-] Geplante Aufgabe Gelöscht : GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000Core
[-] Geplante Aufgabe Gelöscht : GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000UA

***** [ Registrierungsdatenbank ] *****

[x] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utilman.exe

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner[C1].txt - [8796 Bytes] - [16/08/2015 18:21:15]
C:\AdwCleaner[S1].txt - [8190 Bytes] - [16/08/2015 18:19:44]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1436 Bytes] ##########
         
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.119 - Logfile created 02/06/2016 at 16:05:03
# Updated 30/05/2016 by Xplode
# Database : 2016-05-30.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (X64)
# Username : Nico - NICO-PC
# Running from : C:\Users\Nico\Desktop\adwcleaner_5.119.exe
# Option : Clean
# Support : ToolsLib - Forum: Ask for help or share your experience.

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Nico\AppData\Local\CrashRpt

***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[x] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utilman.exe

***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Proxy settings cleared
:: Winsock settings cleared
:: IE policies deleted
:: Chrome policies deleted

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2497 bytes] - [18/02/2016 22:20:24]
C:\AdwCleaner\AdwCleaner[C2].txt - [5054 bytes] - [25/12/2015 04:39:53]
C:\AdwCleaner\AdwCleaner[C3].txt - [1015 bytes] - [09/01/2016 05:55:11]
C:\AdwCleaner\AdwCleaner[C4].txt - [1077 bytes] - [16/01/2016 20:06:57]
C:\AdwCleaner\AdwCleaner[C5].txt - [1015 bytes] - [17/01/2016 20:14:43]
C:\AdwCleaner\AdwCleaner[C6].txt - [1164 bytes] - [20/01/2016 22:13:55]
C:\AdwCleaner\AdwCleaner[S10].txt - [4733 bytes] - [16/01/2016 20:05:22]
C:\AdwCleaner\AdwCleaner[S11].txt - [6520 bytes] - [17/01/2016 20:12:16]
C:\AdwCleaner\AdwCleaner[S12].txt - [6663 bytes] - [20/01/2016 22:11:56]
C:\AdwCleaner\AdwCleaner[S13].txt - [6488 bytes] - [23/01/2016 18:47:51]
C:\AdwCleaner\AdwCleaner[S14].txt - [6814 bytes] - [23/01/2016 21:06:34]
C:\AdwCleaner\AdwCleaner[S15].txt - [6815 bytes] - [24/01/2016 17:44:57]
C:\AdwCleaner\AdwCleaner[S16].txt - [6816 bytes] - [26/01/2016 21:24:56]
C:\AdwCleaner\AdwCleaner[S17].txt - [6517 bytes] - [28/01/2016 22:20:27]
C:\AdwCleaner\AdwCleaner[S18].txt - [6518 bytes] - [28/01/2016 22:30:43]
C:\AdwCleaner\AdwCleaner[S19].txt - [6572 bytes] - [28/01/2016 22:32:36]
C:\AdwCleaner\AdwCleaner[S1].txt - [3651 bytes] - [06/02/2016 17:26:59]
C:\AdwCleaner\AdwCleaner[S20].txt - [6573 bytes] - [30/01/2016 04:37:14]
C:\AdwCleaner\AdwCleaner[S21].txt - [6574 bytes] - [30/01/2016 19:57:10]
C:\AdwCleaner\AdwCleaner[S22].txt - [2935 bytes] - [30/05/2016 15:01:38]
C:\AdwCleaner\AdwCleaner[S23].txt - [3009 bytes] - [30/05/2016 20:31:44]
C:\AdwCleaner\AdwCleaner[S24].txt - [3083 bytes] - [01/06/2016 16:45:12]
C:\AdwCleaner\AdwCleaner[S25].txt - [3157 bytes] - [02/06/2016 16:03:14]
C:\AdwCleaner\AdwCleaner[S2].txt - [5406 bytes] - [25/12/2015 04:34:42]
C:\AdwCleaner\AdwCleaner[S3].txt - [5406 bytes] - [25/12/2015 04:38:04]
C:\AdwCleaner\AdwCleaner[S4].txt - [4635 bytes] - [28/12/2015 22:12:43]
C:\AdwCleaner\AdwCleaner[S5].txt - [4635 bytes] - [03/01/2016 20:02:05]
C:\AdwCleaner\AdwCleaner[S6].txt - [4635 bytes] - [05/01/2016 18:56:44]
C:\AdwCleaner\AdwCleaner[S7].txt - [4668 bytes] - [09/01/2016 05:40:25]
C:\AdwCleaner\AdwCleaner[S8].txt - [5060 bytes] - [09/01/2016 05:53:32]
C:\AdwCleaner\AdwCleaner[S9].txt - [1853 bytes] - [10/01/2016 01:34:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4776 bytes] ##########
         
--- --- ---

JRT:JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x64 
Ran by Nico (Administrator) on 02.06.2016 at 16:10:47,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 40 

Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23RQD8YX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2T75KP3Y (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\94YNRN1E (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BWTWP3Y5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELQNOBLG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQMMOXT7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXKITL69 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FYZI2UDL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOB9YPTA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXVZA6YB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K6F0TAK8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LM1JB1P7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LY3WB7OJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M18YHP19 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWBEM44J (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9QTBSCD (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REAT4P3I (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SH4BS0EV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T9VP4Y6C (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Nico\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YG20DNT5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23RQD8YX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2T75KP3Y (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\94YNRN1E (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BWTWP3Y5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELQNOBLG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQMMOXT7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXKITL69 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FYZI2UDL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOB9YPTA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXVZA6YB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K6F0TAK8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LM1JB1P7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LY3WB7OJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M18YHP19 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWBEM44J (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R9QTBSCD (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REAT4P3I (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SH4BS0EV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T9VP4Y6C (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YG20DNT5 (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.06.2016 at 16:15:57,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---

Malwarebytes:
Zitat:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 02.06.2016
Suchlaufzeit: 16:19
Protokolldatei: mb.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.06.02.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Nico

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 365096
Abgelaufene Zeit: 30 Min., 52 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
FRST:

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-06-2016
durchgeführt von Nico (Administrator) auf NICO-PC (02-06-2016 16:54:44)
Gestartet von C:\Users\Nico\Desktop
Geladene Profile: Nico (Verfügbare Profile: Nico & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.19\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.59\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.202\deploy\LolClient.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.)
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600320 2015-08-13] (Razer Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\MountPoints2: {7fa75e2f-11a2-11e3-bb2f-904a0a77bf58} - E:\pushinst.exe
IFEO\taskmgr.exe: [Debugger] "C:\USERS\NICO\DESKTOP\PROCESSEXPLORER\PROCEXP.EXE"
IFEO\utilman.exe: [Debugger] cmd.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-19] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{AF62BCB5-1BB9-4FC6-BB91-85BE4F75DB59}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C8824B6B-83C5-4478-8BEB-55FB7C0CC7E7}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\pu2uavbj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-994648660-2701094439-4196816687-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-23] (Google Inc.)
FF Plugin HKU\S-1-5-21-994648660-2701094439-4196816687-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Nico\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-23] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Nico\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF Extension: Stylish - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\pu2uavbj.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-01-25]
FF Extension: NoScript - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\pu2uavbj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\pu2uavbj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKU\S-1-5-21-994648660-2701094439-4196816687-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\50.0.2661.102\pdf.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Keine Datei
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Nico\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Profile: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-23]
CHR Extension: (Google Drive) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (YouTube) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Adblock Plus) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-01]
CHR Extension: (Google-Suche) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Google Docs Offline) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (agar.io server browser) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-08-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-18]
CHR Extension: (Google Mail) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-16]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-19] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1314848 2016-01-19] ()
S2 Ds3Service; C:\c_ps3\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-03-29] (EasyAntiCheat Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-22] ()
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [58368 2016-02-03] (Razer Inc.) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Survarium-Steam Update Service; "C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe" "Survarium-Steam" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-19] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-19] (AVAST Software)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50384 2015-10-26] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-02 16:54 - 2016-06-02 16:55 - 00017068 _____ C:\Users\Nico\Desktop\FRST.txt
2016-06-02 16:21 - 2016-06-02 16:21 - 02383872 _____ (Farbar) C:\Users\Nico\Desktop\FRST64.exe
2016-06-02 16:09 - 2016-06-02 16:09 - 01610816 _____ (Malwarebytes) C:\Users\Nico\Desktop\JRT.exe
2016-06-01 19:49 - 2016-06-01 19:49 - 00228640 _____ C:\Users\Nico\Downloads\Gzuz feat. LX- Schnapp! (prod. P.M.B.).mp4.sfk
2016-06-01 19:48 - 2016-06-01 19:49 - 15051465 _____ C:\Users\Nico\Downloads\Gzuz feat. LX- Schnapp! (prod. P.M.B.).mp4
2016-06-01 19:48 - 2016-06-01 19:49 - 00239584 _____ C:\Users\Nico\Downloads\LX - Compton (Jambeatz).mp4.sfk
2016-06-01 19:48 - 2016-06-01 19:49 - 00228288 _____ C:\Users\Nico\Downloads\Gzuz & Maxwell - Prollz (Jambeatz)(1).mp4.sfk
2016-06-01 19:48 - 2016-06-01 19:48 - 13461151 _____ C:\Users\Nico\Downloads\Gzuz & Maxwell - Prollz (Jambeatz)(1).mp4
2016-06-01 19:47 - 2016-06-01 19:48 - 15109025 _____ C:\Users\Nico\Downloads\LX - Compton (Jambeatz).mp4
2016-06-01 19:47 - 2016-06-01 19:48 - 00296256 _____ C:\Users\Nico\Downloads\LX & Maxwell feat. Gzuz - HaifischNikez (Jambeatz).mp4.sfk
2016-06-01 19:46 - 2016-06-01 19:47 - 12526519 _____ C:\Users\Nico\Downloads\LX & Maxwell feat. Gzuz - HaifischNikez (Jambeatz).mp4
2016-06-01 19:45 - 2016-06-01 19:46 - 00231712 _____ C:\Users\Nico\Downloads\AchtVier- Fizzle.mp4.sfk
2016-06-01 19:45 - 2016-06-01 19:45 - 18768305 _____ C:\Users\Nico\Downloads\Gzuz - Optimal (Jambeatz).mp4
2016-06-01 19:45 - 2016-06-01 19:45 - 11197718 _____ C:\Users\Nico\Downloads\AchtVier- Fizzle.mp4
2016-06-01 19:45 - 2016-06-01 19:45 - 00287232 _____ C:\Users\Nico\Downloads\Gzuz - Optimal (Jambeatz).mp4.sfk
2016-06-01 16:45 - 2016-06-01 16:45 - 03677248 _____ C:\Users\Nico\Desktop\adwcleaner_5.119.exe
2016-05-31 17:42 - 2016-05-31 17:42 - 00000000 ____D C:\Users\Nico\AppData\LocalLow\GOOD VIBRATION GAMES
2016-05-29 21:15 - 2016-05-29 21:15 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2016-05-29 21:15 - 2016-05-29 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MB2000 series Benutzerregistrierung
2016-05-29 21:15 - 2014-05-01 16:04 - 00337408 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_CCL.dll
2016-05-29 21:15 - 2014-02-27 08:37 - 00096768 _____ C:\Windows\SysWOW64\CNC1778D.TBL
2016-05-29 21:15 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2016-05-29 21:11 - 2016-05-29 21:11 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-29 21:05 - 2016-05-29 21:18 - 00015339 _____ C:\Users\Nico\Desktop\text.odt
2016-05-28 20:08 - 2016-05-28 20:14 - 00102720 _____ C:\Users\Nico\Downloads\NSA CHALLENGE(1).mp4.sfk
2016-05-28 20:07 - 2016-05-28 20:08 - 04304143 _____ C:\Users\Nico\Downloads\NSA CHALLENGE(1).mp4
2016-05-28 20:01 - 2016-05-28 20:01 - 04304143 _____ C:\Users\Nico\Downloads\NSA CHALLENGE.mp4
2016-05-27 21:03 - 2016-05-27 21:04 - 00138112 _____ C:\Users\Nico\Downloads\DAMN DANIEL (JERSEY CLUB) - DJ FLEX #NJCLUB.mp4.sfk
2016-05-27 21:03 - 2016-05-27 21:03 - 01651250 _____ C:\Users\Nico\Downloads\DAMN DANIEL (JERSEY CLUB) - DJ FLEX #NJCLUB.mp4
2016-05-26 18:45 - 2016-05-26 18:45 - 00000023 _____ C:\Users\Nico\Desktop\fasfaf.txt.com
2016-05-23 15:11 - 2016-06-02 16:16 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000UA.job
2016-05-23 15:11 - 2016-06-02 15:16 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000Core.job
2016-05-23 15:11 - 2016-05-23 15:11 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000UA
2016-05-23 15:11 - 2016-05-23 15:11 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-994648660-2701094439-4196816687-1000Core
2016-05-23 14:06 - 2016-05-28 20:04 - 00000000 ____D C:\Users\Nico\AppData\Roaming\.minecraft
2016-05-22 16:13 - 2016-05-22 16:41 - 00281288 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-05-22 01:03 - 2016-05-22 01:03 - 00000000 ____D C:\Users\Nico\AppData\Roaming\com.freakinware.wormis
2016-05-22 00:05 - 2016-05-22 00:06 - 00000000 ___SD C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-05-22 00:03 - 2016-05-22 00:04 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-05-21 21:40 - 2016-05-21 21:42 - 00041696 _____ C:\Users\Nico\Downloads\Cartoon Laugh Sound Effects.mp4.sfk
2016-05-21 21:40 - 2016-05-21 21:40 - 00467536 _____ C:\Users\Nico\Downloads\Cartoon Laugh Sound Effects.mp4
2016-05-21 21:34 - 2016-05-21 21:39 - 00486688 _____ C:\Users\Nico\Downloads\Katja Krasavices Community... - Youtube Fails #5.mp4.sfk
2016-05-21 21:34 - 2016-05-21 21:34 - 57297096 _____ C:\Users\Nico\Downloads\Katja Krasavices Community... - Youtube Fails #5.mp4
2016-05-21 21:29 - 2016-05-21 21:29 - 74675261 _____ C:\Users\Nico\Downloads\geraped- Katja Krasavice - Kuchen Talks #137.mp4
2016-05-21 21:29 - 2016-05-21 21:29 - 00836064 _____ C:\Users\Nico\Downloads\geraped- Katja Krasavice - Kuchen Talks #137.mp4.sfk
2016-05-21 21:28 - 2016-05-21 21:28 - 01436608 _____ C:\Users\Nico\Downloads\Ultimate The Best Fails 2015 - The Best of August Fail Compilation.mp4.sfk
2016-05-21 21:27 - 2016-05-21 21:27 - 280748458 _____ C:\Users\Nico\Downloads\Ultimate The Best Fails 2015 - The Best of August Fail Compilation.mp4
2016-05-19 23:48 - 2016-05-19 23:48 - 00000000 ____D C:\Users\Nico\AppData\Local\UnrealCrazyKiller
2016-05-18 20:31 - 2016-05-18 20:39 - 00247200 _____ C:\Users\Nico\Downloads\SHOPPINGTOUR mit meiner MAMA - Papaplatte.mp4.sfk
2016-05-18 20:31 - 2016-05-18 20:39 - 00050528 _____ C:\Users\Nico\Downloads\Thomas The Tank Engine Theme (Original).mp4.sfk
2016-05-18 20:31 - 2016-05-18 20:31 - 42133022 _____ C:\Users\Nico\Downloads\SHOPPINGTOUR mit meiner MAMA - Papaplatte.mp4
2016-05-18 20:31 - 2016-05-18 20:31 - 02767007 _____ C:\Users\Nico\Downloads\Thomas The Tank Engine Theme (Original).mp4
2016-05-18 11:47 - 2016-05-18 11:48 - 00276536 _____ C:\Windows\Minidump\051816-23509-01.dmp
2016-05-18 11:47 - 2016-05-18 11:47 - 645449783 _____ C:\Windows\MEMORY.DMP
2016-05-18 02:57 - 2016-05-18 02:57 - 00000000 ____D C:\Users\Nico\AppData\Local\war
2016-05-16 21:50 - 2016-05-16 21:56 - 00216448 _____ C:\Users\Nico\Downloads\snoop dogg base instrumental(1).mp4.sfk
2016-05-16 21:50 - 2016-05-16 21:56 - 00085152 _____ C:\Users\Nico\Downloads\Papaplatte = xXQU1CKSC0P3RXx MLG 360 420 BLAZE IT.mp4.sfk
2016-05-16 21:50 - 2016-05-16 21:50 - 16749374 _____ C:\Users\Nico\Downloads\Papaplatte = xXQU1CKSC0P3RXx MLG 360 420 BLAZE IT.mp4
2016-05-16 21:50 - 2016-05-16 21:50 - 05872064 _____ C:\Users\Nico\Downloads\snoop dogg base instrumental(1).mp4
2016-05-16 21:47 - 2016-05-16 21:47 - 05872064 _____ C:\Users\Nico\Downloads\snoop dogg base instrumental.mp4
2016-05-16 21:03 - 2016-05-16 21:06 - 01015104 _____ C:\Users\Nico\Downloads\Hood Lit Dances #3.mp4.sfk
2016-05-16 21:02 - 2016-05-16 21:02 - 00282368 _____ C:\Users\Nico\Downloads\Pippi Langstrumpf - Remix.mp4.sfk
2016-05-16 21:01 - 2016-05-16 21:01 - 05061871 _____ C:\Users\Nico\Downloads\Pippi Langstrumpf - Remix.mp4
2016-05-16 21:00 - 2016-05-16 21:02 - 119909512 _____ C:\Users\Nico\Downloads\Hood Lit Dances #3.mp4
2016-05-14 17:29 - 2016-05-14 17:48 - 640523595 _____ C:\Users\Nico\Desktop\ghghg.wmv
2016-05-14 00:29 - 2016-05-14 00:29 - 01258777 _____ C:\Users\Nico\Downloads\baragaki.zip
2016-05-14 00:29 - 2016-05-14 00:29 - 00996642 _____ C:\Users\Nico\Downloads\horroroid.zip
2016-05-13 23:04 - 2016-05-13 23:05 - 00559328 _____ C:\Users\Nico\Downloads\THESE KIDS MUST BE STOPPED (PART 3).mp4.sfk
2016-05-13 23:04 - 2016-05-13 23:04 - 54384967 _____ C:\Users\Nico\Downloads\THESE KIDS MUST BE STOPPED (PART 3).mp4
2016-05-13 18:11 - 2016-05-13 18:11 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-05-11 17:03 - 2016-05-11 18:30 - 00000225 _____ C:\Users\Nico\Desktop\Lines.txt
2016-05-11 14:54 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 14:54 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 14:54 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 14:54 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 14:54 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 14:54 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 14:54 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 14:54 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 14:54 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 14:54 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 14:54 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 14:54 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 14:54 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 14:54 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 14:54 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 14:54 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 14:54 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 14:54 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 14:54 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 14:54 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 14:54 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 14:54 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 14:54 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 14:54 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 14:54 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 14:54 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 14:54 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 14:54 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 14:54 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 14:54 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 14:54 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 14:54 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 14:54 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 14:54 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 14:54 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 14:54 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 14:54 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 14:54 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 14:54 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 14:54 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 14:54 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 14:54 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 14:54 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 14:54 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 14:54 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 14:54 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 14:54 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 14:54 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 14:54 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 14:54 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 14:54 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 14:54 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 14:54 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 14:54 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 14:54 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 14:54 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 14:54 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 14:54 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 14:54 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 14:54 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 14:54 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 14:54 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 14:54 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 14:54 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 14:54 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 14:54 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 14:54 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 14:54 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 14:54 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 14:54 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 14:54 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 14:54 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 14:54 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 14:54 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 14:54 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 14:54 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 14:54 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 14:54 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 14:54 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 14:53 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 14:53 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 14:53 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 14:53 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-11 14:53 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 14:53 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 14:53 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 14:53 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 14:53 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 14:53 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 14:53 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 14:53 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 14:53 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 14:53 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 14:53 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 14:53 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 14:53 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 14:53 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 14:53 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 14:53 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 14:53 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 14:53 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 14:53 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 14:53 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 14:53 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 14:53 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:53 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 14:53 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-11 13:59 - 2016-05-11 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-11 13:59 - 2016-05-11 13:59 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-05-10 14:19 - 2016-05-10 14:19 - 00000000 ____D C:\Users\Nico\Desktop\CharacterEditorV0.4b
2016-05-09 17:23 - 2016-05-09 17:24 - 00000000 ____D C:\Users\Nico\Desktop\x RANDOM SCREENS
2016-05-07 19:27 - 2016-05-07 19:29 - 00000000 ____D C:\Users\Nico\Desktop\gta
2016-05-07 01:43 - 2016-05-07 01:43 - 00001041 _____ C:\Users\Public\Desktop\Cube World.lnk
2016-05-07 01:43 - 2016-05-07 01:43 - 00000000 ____D C:\ProgramData\Picroma
2016-05-07 01:43 - 2016-05-07 01:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World
2016-05-06 00:51 - 2016-05-07 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-05 13:48 - 2016-05-05 13:58 - 00000000 ____D C:\Users\Nico\Documents\IchMagDich
2016-05-05 10:26 - 2016-05-05 13:44 - 00000000 ____D C:\Users\Nico\Documents\Overwatch
2016-05-05 10:26 - 2016-05-05 10:26 - 00001100 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-05-05 10:26 - 2016-05-05 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-05-05 10:06 - 2016-06-02 16:03 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-05-05 10:05 - 2016-06-02 16:52 - 00000000 ____D C:\Users\Nico\AppData\Local\Battle.net
2016-05-05 10:05 - 2016-05-25 14:48 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Battle.net
2016-05-05 10:04 - 2016-06-02 16:52 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-05 10:01 - 2016-05-05 10:02 - 03012080 _____ (Blizzard Entertainment) C:\Users\Nico\Downloads\Battle.net-Setup(1).exe
2016-05-05 00:17 - 2016-05-05 00:17 - 00000000 ____D C:\Users\Nico\AppData\LocalLow\Freejam

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-02 16:55 - 2013-09-14 10:23 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Skype
2016-06-02 16:54 - 2016-02-09 16:40 - 00000000 ____D C:\FRST
2016-06-02 16:26 - 2016-02-15 15:13 - 00000385 _____ C:\Users\Nico\Desktop\Reim.txt
2016-06-02 16:19 - 2016-04-19 12:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-02 16:18 - 2013-11-15 15:47 - 00000000 ____D C:\Users\Nico\AppData\Local\Adobe
2016-06-02 16:18 - 2009-07-14 06:45 - 00036128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-02 16:18 - 2009-07-14 06:45 - 00036128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-02 16:11 - 2013-11-15 22:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-02 16:10 - 2016-03-13 21:06 - 00000000 ____D C:\Users\Nico\AppData\Local\LogMeIn Hamachi
2016-06-02 16:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-02 16:05 - 2015-04-10 22:49 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-02 16:03 - 2015-08-16 19:19 - 00000000 ____D C:\AdwCleaner
2016-06-02 12:03 - 2016-03-19 03:34 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-01 20:06 - 2013-09-14 10:50 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-01 15:45 - 2014-02-24 19:56 - 00000000 ____D C:\Users\Nico\AppData\Roaming\OBS
2016-05-31 17:44 - 2013-08-30 20:16 - 00000000 ____D C:\Users\Nico
2016-05-31 15:12 - 2013-09-28 21:22 - 00000000 ____D C:\Users\Nico\AppData\Roaming\TS3Client
2016-05-31 12:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-29 21:17 - 2014-02-13 17:10 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-29 21:16 - 2014-02-13 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2016-05-29 21:16 - 2014-02-13 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-05-29 21:16 - 2014-02-13 17:00 - 00000000 ____D C:\Program Files (x86)\Canon
2016-05-29 21:15 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2016-05-29 12:00 - 2014-02-26 22:24 - 00000000 ____D C:\Users\Nico\AppData\Local\CrashDumps
2016-05-28 20:14 - 2016-04-18 16:44 - 00000000 ____D C:\Users\Nico\Desktop\lol
2016-05-27 20:25 - 2013-08-31 06:04 - 00699416 _____ C:\Windows\system32\perfh007.dat
2016-05-27 20:25 - 2013-08-31 06:04 - 00149556 _____ C:\Windows\system32\perfc007.dat
2016-05-27 20:25 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-25 21:31 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-25 21:31 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-25 14:48 - 2014-12-21 16:48 - 00000000 ____D C:\ProgramData\Battle.net
2016-05-24 20:31 - 2014-01-24 22:20 - 00000000 ____D C:\Users\Nico\Desktop\SpeedAutoClicker
2016-05-22 16:41 - 2013-11-27 20:28 - 00281288 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-05-22 16:41 - 2013-11-27 20:28 - 00000000 ____D C:\Users\Nico\AppData\Local\PunkBuster
2016-05-22 16:38 - 2013-11-27 20:13 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-05-22 16:38 - 2013-11-27 20:13 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-05-22 13:06 - 2013-08-30 20:29 - 00164680 _____ C:\Users\Nico\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-22 13:04 - 2009-07-14 06:45 - 05242064 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-21 22:42 - 2015-03-13 22:07 - 00010488 _____ C:\Users\Nico\AppData\Roaming\TheHunterSettings_live.bin
2016-05-19 00:51 - 2015-03-13 22:10 - 00000097 _____ C:\Users\Nico\AppData\Roaming\LauncherSettings_live.cfg
2016-05-19 00:51 - 2015-03-13 22:03 - 00000039 _____ C:\Users\Nico\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-05-18 11:47 - 2014-09-07 15:56 - 00000000 ____D C:\Windows\Minidump
2016-05-16 21:16 - 2014-03-02 23:45 - 00000132 _____ C:\Users\Nico\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2016-05-16 19:47 - 2013-09-24 13:23 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Audacity
2016-05-14 10:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-13 18:11 - 2013-11-15 22:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 18:11 - 2013-08-30 20:45 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 18:11 - 2013-08-30 20:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-12 21:34 - 2014-12-11 22:06 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-12 15:40 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 21:42 - 2013-10-20 11:35 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 21:30 - 2013-10-20 11:35 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 13:59 - 2016-04-08 14:47 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-05-09 14:38 - 2015-08-26 12:31 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-09 14:38 - 2013-09-14 10:23 - 00000000 ____D C:\ProgramData\Skype
2016-05-07 19:27 - 2013-09-27 22:43 - 00000000 ____D C:\Users\Nico\AppData\Local\Paint.NET
2016-05-07 13:19 - 2013-08-30 20:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-07 01:49 - 2015-10-28 13:51 - 00000000 ____D C:\Program Files (x86)\Cube World
2016-05-06 16:29 - 2013-12-17 11:31 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-05 13:48 - 2016-04-09 19:53 - 00000000 ____D C:\ProgramData\Unity
2016-05-05 13:48 - 2016-03-21 15:36 - 00000000 ____D C:\Users\Nico\AppData\LocalLow\DefaultCompany
2016-05-05 13:47 - 2016-04-10 00:41 - 00000000 ____D C:\Users\Nico\Documents\New Project
2016-05-03 21:24 - 2013-11-27 20:15 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-02 23:45 - 2016-05-16 21:16 - 0000132 _____ () C:\Users\Nico\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-11-30 17:47 - 2013-11-30 17:47 - 0000132 _____ () C:\Users\Nico\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-11-16 13:51 - 2016-03-27 07:17 - 0065594 _____ () C:\Users\Nico\AppData\Roaming\Camdata.ini
2013-11-16 13:51 - 2016-03-27 07:17 - 0000408 _____ () C:\Users\Nico\AppData\Roaming\CamLayout.ini
2013-11-16 13:51 - 2016-03-27 07:17 - 0000408 _____ () C:\Users\Nico\AppData\Roaming\CamShapes.ini
2013-11-16 13:51 - 2016-03-27 07:17 - 0004538 _____ () C:\Users\Nico\AppData\Roaming\CamStudio.cfg
2013-11-23 02:06 - 2013-12-01 00:12 - 0000112 _____ () C:\Users\Nico\AppData\Roaming\JP2K CS6 Prefs
2015-03-13 22:10 - 2016-05-19 00:51 - 0000097 _____ () C:\Users\Nico\AppData\Roaming\LauncherSettings_live.cfg
2015-03-13 22:07 - 2016-05-21 22:42 - 0010488 _____ () C:\Users\Nico\AppData\Roaming\TheHunterSettings_live.bin
2015-03-13 22:03 - 2016-05-19 00:51 - 0000039 _____ () C:\Users\Nico\AppData\Roaming\TheHunterSettings_steam_live.cfg
2013-11-16 13:50 - 2016-03-27 07:16 - 0000096 _____ () C:\Users\Nico\AppData\Roaming\version2.xml
2013-11-21 21:01 - 2014-12-22 13:35 - 0001456 _____ () C:\Users\Nico\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-02 16:30 - 2015-01-10 17:08 - 0017408 _____ () C:\Users\Nico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-22 01:20 - 2014-11-22 01:20 - 0000036 _____ () C:\Users\Nico\AppData\Local\housecall.guid.cache
2015-08-03 02:50 - 2015-08-03 02:50 - 0000003 _____ () C:\Users\Nico\AppData\Local\updater.log
2015-08-03 02:50 - 2015-08-03 02:50 - 0000424 _____ () C:\Users\Nico\AppData\Local\UserProducts.xml
2015-03-16 17:07 - 2015-01-15 17:07 - 0000032 ____R () C:\ProgramData\hash.dat
2016-01-08 21:25 - 2016-01-08 21:25 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat


Einige Dateien in TEMP:
====================
C:\Users\Nico\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
C:\Users\Nico\AppData\Local\Temp\libeay32.dll
C:\Users\Nico\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Nico\AppData\Local\Temp\msvcr120.dll
C:\Users\Nico\AppData\Local\Temp\PROCEXP64.exe
C:\Users\Nico\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nico\AppData\Local\Temp\sqlite3.dll
C:\Users\Nico\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-29 17:27

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 03.06.2016, 08:36   #7
Warlord711
/// TB-Ausbilder
 
Email account gehackt? - Standard

Email account gehackt?



Ja, da passt soweit alles.

Lass zur letzten Kontrolle noch ESET Scan laufen, der braucht aber etwas an Zeit:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Ansonsten alles wie ich bereits anfangs gesagt hatte - nix auffem Rechner erkennbar.
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 03.06.2016, 18:00   #8
Cuz
 
Email account gehackt? - Standard

Email account gehackt?



Wenn ich den Text als "QUOTE" angebe, steht da, das der Text länger als 3 Zeichen lang sein soll. Ich hoffe es geht auch so :/

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0ca46ce8b1ad5045815e69cc1a6630a5
# end=init
# utc_time=2016-06-03 12:21:59
# local_time=2016-06-03 02:21:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29683
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0ca46ce8b1ad5045815e69cc1a6630a5
# end=updated
# utc_time=2016-06-03 12:23:59
# local_time=2016-06-03 02:23:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0ca46ce8b1ad5045815e69cc1a6630a5
# engine=29683
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-03 04:56:32
# local_time=2016-06-03 06:56:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=788 16777213 100 80 702940 10543062 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 24066 216602842 0 0
# scanned=786102
# found=8
# cleaned=0
# scan_time=16353
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nico\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=FED7CAA2E24771B66065C8D30131FC8037B6BD2A ft=1 fh=b41296876ed186e5 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nico\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=848C686280EAA04B172FCCFFBD312132A0C46172 ft=1 fh=7764b0effb0b9556 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nico\AppData\Local\Temp\OCS\ocs_v7f.exe.vir"
sh=062ABDCB56570C442DED18676BAA1D9A0D807429 ft=1 fh=a6caf9f716b3d3da vn="Variante von Win32/RiskWare.Astori.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nico\AppData\Roaming\InetStat\inetstat.exe.vir"
sh=153BFC626AEE483A53765E1EC5E722A7FA4F7CE0 ft=1 fh=841e0c64fd47062f vn="MSIL/HackTool.Inject.A Trojaner" ac=I fn="C:\Users\Nico\Desktop\Alle Dateien\Random Stuff\Extreme-Injector\TTT Undetected\Extreme Injector v2 by master131.exe"
sh=C31CBBDA78790F3BEFFFCF7EAD70DF5D95375DFD ft=0 fh=0000000000000000 vn="Win32/HackTool.GameHack.AN Trojaner" ac=I fn="C:\Users\Nico\Desktop\Alle Dateien\Random Stuff\Extreme-Injector\TTT Undetected\gmodpicklesv2.rar"
sh=7DB95F931C929B3AF0B1C91AB1AD0D06921BBFA4 ft=1 fh=9beccc5603a77250 vn="Win32/HackTool.GameHack.AN Trojaner" ac=I fn="C:\Users\Nico\Desktop\SpeedAutoClicker\TTT Undetected\TTT Undetected\gmodpicklesv2\gmodpickles.dll"
sh=F8AFF2BF3F287AB4295CB4EFAD4D40DC68A1D2BE ft=1 fh=ec8f8757815054a0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nico\Downloads\OpenOffice - CHIP-Installer.exe"


*EDIT*
C:\Programme\Eset Gab es bei mir nicht, habe den Ordner C:\Program Files (x86)\ESET Gelöscht.

Alt 06.06.2016, 08:38   #9
Warlord711
/// TB-Ausbilder
 
Email account gehackt? - Standard

Email account gehackt?



Zitat:
sh=153BFC626AEE483A53765E1EC5E722A7FA4F7CE0 ft=1 fh=841e0c64fd47062f vn="MSIL/HackTool.Inject.A Trojaner" ac=I fn="C:\Users\Nico\Desktop\Alle Dateien\Random Stuff\Extreme-Injector\TTT Undetected\Extreme Injector v2 by master131.exe"
sh=C31CBBDA78790F3BEFFFCF7EAD70DF5D95375DFD ft=0 fh=0000000000000000 vn="Win32/HackTool.GameHack.AN Trojaner" ac=I fn="C:\Users\Nico\Desktop\Alle Dateien\Random Stuff\Extreme-Injector\TTT Undetected\gmodpicklesv2.rar"
sh=7DB95F931C929B3AF0B1C91AB1AD0D06921BBFA4 ft=1 fh=9beccc5603a77250 vn="Win32/HackTool.GameHack.AN Trojaner" ac=I fn="C:\Users\Nico\Desktop\SpeedAutoClicker\TTT Undetected\TTT Undetected\gmodpicklesv2\gmodpickles.dll"
Ich würd sowas nicht einsetzen...du kannst nicht sicherstellen das im "tollen" Hacktool (bist du so schlecht das du das brauchst ?) nen Trojaner/Backdoor versteckt ist.

Lösch den Käse und lern zu zielen

Im Ernst, falls der eMail Account gehackt wurde, dann darüber.

Ansonsten wäre das Log damit sauber.

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.


Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 
 



Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.



Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .



Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.



Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 06.06.2016, 18:27   #10
Cuz
 
Email account gehackt? - Standard

Email account gehackt?



Das mit den Hacktools war nur alter kram den ich früher benutzt habe x), habe den Ordner mit den zugehörigen Dateien gelöscht.
DelFix habe ich durchlaufen lassen und Java + Flashplayer wurden geupdatet.
Das heißt alles erledigt und vielen dank für die Hilfe .

Antwort

Themen zu Email account gehackt?
.exe, account, account gehackt, compu, computer, eingestellt, email, email account, email account gehackt?, gehackt, gestellt, geändert, glaube, hilft, mehrmals, nicht, nichts, passwort, problem, troja, trojaner, versuch, versucht, zeichen




Ähnliche Themen: Email account gehackt?


  1. Email account gehackt
    Plagegeister aller Art und deren Bekämpfung - 16.03.2016 (1)
  2. Email-account gehackt, Betreffszeile: New message
    Log-Analyse und Auswertung - 08.02.2016 (21)
  3. Spam Mail vom eigenen Yahoo Account erhalten - Account gehackt?
    Log-Analyse und Auswertung - 28.08.2015 (8)
  4. Email Account gehackt: Email Versand an meine Kontakte mit meinem Namen, aber anderer Email Adresse.
    Log-Analyse und Auswertung - 29.07.2015 (3)
  5. Passwort von Mail Account gehackt - Email mit Virenlink an Kontakte = PC infiziert?
    Überwachung, Datenschutz und Spam - 19.02.2015 (6)
  6. AOL Email Account gehackt?
    Diskussionsforum - 23.10.2014 (7)
  7. Mein Email Account wurde vermutlich gehackt
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (12)
  8. Email Account gehackt? Mail Delivery
    Plagegeister aller Art und deren Bekämpfung - 29.05.2014 (24)
  9. E-Mail Account gehackt - unauthorisierte Mails von meinem Account werden verschickt
    Log-Analyse und Auswertung - 19.04.2014 (5)
  10. EMail-Account gehackt, kann mir bitte jmd sagen was ich jetzt alles tun sollte?
    Plagegeister aller Art und deren Bekämpfung - 13.04.2014 (3)
  11. BSI Email Account gehackt. PC mit Trojaner befallen?
    Log-Analyse und Auswertung - 08.04.2014 (1)
  12. "Stille" email an vorhandenes email-account senden um emails mitzulesen?
    Überwachung, Datenschutz und Spam - 29.08.2012 (2)
  13. eMail Account gehackt? Versende unkontrolliert Spam-eMails mit dubiosen Links
    Log-Analyse und Auswertung - 09.07.2012 (5)
  14. Email Account gehackt, Trojaner installiert?
    Log-Analyse und Auswertung - 21.11.2011 (8)
  15. Account gehackt
    Log-Analyse und Auswertung - 30.03.2010 (13)
  16. Keylogger email account gehackt! wer weiß was
    Log-Analyse und Auswertung - 18.03.2010 (1)
  17. Amazon Account gehackt + E-mail gehackt !
    Plagegeister aller Art und deren Bekämpfung - 05.05.2008 (16)

Zum Thema Email account gehackt? - Hallo, ich glaube mein Email account wurde gehackt, oder ich habe ein Trojaner auf dem Computer (?). Anzeichen : Mojang Account wurde Email geändert (Email kenn ich nicht) PlayStation Account - Email account gehackt?...
Archiv
Du betrachtest: Email account gehackt? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.