Internet sehr oft sehr sehr langsam Virebefall?

DarthSoul · 02.08.2016, 20:56

Hi

Seit einigen Tagen leide ich an immer wiederkehrenden seltsamen Interneteinbrüchen. Teamspeak, Steam, Origin etc laufen einwandfrei aber per browser kann ich für mehrere Minuten keine Seiten mehr erreichen.
Das Proplem trat auf nachdem ich 3 seltsame russische plugins erst in chrome und dann in firefox drin hatte. (auch schon entfernt)
diese führten zu lässtigen russischsprachigen popups und weiterleitungen auf russische seiten.

Hab mittlerweile meinen PC mehrfach mit Spybot, Avira (mittlerweile deinstalliert bis auf den agent) und Bitdefender (auch mittlerweile deinstalliert) durchforstet. Kein funde.

derzeit microsoft security essentials installiert den ich heute nacht komplett durchlaufen lassen werde.

Hab heute auf rat eines kumpels HijackThis laufen lassen.
ich dachte ich poste es mal hier und schau was ihr mir dazu sagen könnt.

danke schonmal im vorraus
lg DarthSoul

PS: weis nicht ob das direkt was mit meinem proplem zu tun hat aber gestern wurde mein origin konto (trotz sicherheitscode per email) gehackt. mittlerweile aber mithilfe des supports alles wieder in meinen händen.

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:40:32, on 02.08.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)

FIREFOX: 43.0.2 (x86 de)
Boot mode: Normal

Running processes:
C:\Software und Programme\Steam\Steam.exe
C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe
C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe
C:\Software und Programme\Origin\Origin.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe
C:\Software und Programme\Hamachi\hamachi-2-ui.exe
C:\Software und Programme\Hamachi\LMIGuardianSvc.exe
C:\Software und Programme\Steam\bin\steamwebhelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Software und Programme\Firefox\firefox.exe
C:\Users\Patrik Biasi\Downloads\HijackThis_2.0.5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Software und Programme\Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Software und Programme\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [FreeAC] C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe -autorun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Patrik Biasi\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [FreeCT] C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe -autorun
O4 - HKCU\..\Run: [EADM] C:\Software und Programme\Origin\Origin.exe -AutoStart
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Unknown owner - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe (file missing)
O23 - Service: ASRock IO Monitor Service (ASRockIOMon) - Unknown owner - C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Software und Programme\Hamachi\x64\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Software und Programme\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Product Agent Service (ProductAgentService) - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Software und Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11049 bytes

Warlord711 · 03.08.2016, 07:45

Hallo DarthSoul

Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Hier findest du die Anleitung für Hilfesuchende
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.

Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8, Win10 User mit Rechtsklick "als Administrator starten".

HJt Logs sind veraltet.

Bitte neue Logs erstellen:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

DarthSoul · 03.08.2016, 20:21

hier die FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
durchgeführt von Patrik Biasi (Administrator) auf PATRIKBIASI-PC (03-08-2016 21:13:48)
Gestartet von D:\Patrik Daten\Downloads
Geladene Profile: Patrik Biasi (Verfügbare Profile: Patrik Biasi & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Software und Programme\Firefox\firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Software und Programme\Steam\Steam.exe
(Comfort Software Group) C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe
(Comfort Software Group) C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Valve Corporation) C:\Software und Programme\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(LogMeIn Inc.) C:\Software und Programme\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Software und Programme\Hamachi\x64\LMIGuardianSvc.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Disc Soft Ltd) C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Valve Corporation) C:\Software und Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Software und Programme\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Software und Programme\Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (Der Dateneintrag hat 36 mehr Zeichen).
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Software und Programme\Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [Steam] => C:\Software und Programme\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [FreeAC] => C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe [3040160 2015-12-14] (Comfort Software Group)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Patrik Biasi\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [FreeCT] => C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-01-22] (Comfort Software Group)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [EADM] => C:\Software und Programme\Origin\Origin.exe [3639280 2016-06-14] (Electronic Arts)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day0] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day1] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day2] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day3] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day4] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day5] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day6] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: F - Explorer.exe monitor.htm
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {23e2be52-ad66-11e5-8fb6-806e6f6e6963} - F:\BG_Setup.exe
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {74f0b34d-ad62-11e5-b77d-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {a21bcf5b-badb-11e5-a30c-d050991556e3} - H:\AutoRun.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{06F93FA0-CEAF-43A9-B1E7-7C4215F83BF1}: [DhcpNameServer] 213.182.224.30 213.182.224.35

Internet Explorer:
==================
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?pc=UE07&ocid=UE07DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000 -> {685B9D74-F043-4DBE-913C-196B3BC984F7} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B0FB68521-C167-449D-9B9D-DDC9F9EC97FC%7D&gp=811014
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-12] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000 -> Kein Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Software und Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1232250440-3554339344-2704717973-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-07-16] ()
FF Extension: WhatsApp™ Messenger - C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279\Extensions\rt42fsdty645jIidD@jetpack.xpi [2016-07-31]
FF Extension: Adblock Plus - C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-30]
StartMenuInternet: FIREFOX.EXE - C:\Software und Programme\Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=dse&q={searchTerms}&fr=chxtn12.0.11
CHR DefaultSearchKeyword: Default -> mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-21]
CHR Extension: (Google Docs) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-21]
CHR Extension: (Google Drive) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-21]
CHR Extension: (YouTube) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-21]
CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof [2016-07-21]
CHR Extension: (Google Tabellen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-21]
CHR Extension: (Google Docs Offline) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-21]
CHR Extension: (Визуальные Закладки Mail.Ru) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj [2016-07-21]
CHR Extension: (Mail.Ru) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd [2016-07-21]
CHR Extension: (Google Mail) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-21]
CHR Extension: (Chrome Media Router) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-01]
CHR HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-04-07] ()
R3 Disc Soft Lite Bus Service; C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Software und Programme\Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Software und Programme\Origin\OriginClientService.exe [2122248 2016-06-14] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-18] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [991248 2016-06-22] (Bitdefender)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SDScannerService; C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Software und Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 TeamViewer; C:\Software und Programme\Teamviewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 amdacpusrsvc; "C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-03-21] (Advanced Micro Devices)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-12-28] (ASRock Incorporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-24] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 EnergyDriver; C:\Program Files\Intel\Power Gadget 3.0\EnergyDriver.sys [15952 2016-04-15] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-03 21:13 - 2016-08-03 21:13 - 00000000 ____D C:\FRST
2016-08-02 22:16 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 22:16 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 22:16 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-02 22:16 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-02 22:16 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-02 22:16 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-08-02 22:16 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-08-02 22:16 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-02 22:16 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-02 22:16 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-02 22:16 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-02 21:39 - 2016-08-02 21:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\Patrik Biasi\Downloads\HijackThis_2.0.5.exe
2016-08-02 21:32 - 2016-08-02 21:32 - 00236694 _____ C:\ProgramData\1470166142.bdinstall.bin
2016-08-02 21:17 - 2016-08-02 21:17 - 00002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-08-02 21:17 - 2016-08-02 21:17 - 00001912 _____ C:\Windows\epplauncher.mif
2016-08-02 21:17 - 2016-08-02 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-08-02 21:16 - 2016-08-02 21:17 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-08-02 21:11 - 2016-08-02 21:16 - 00000000 ____D C:\ProgramData\SecTaskMan
2016-08-02 21:11 - 2016-08-02 21:11 - 00001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00001145 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2016-07-31 22:22 - 2016-07-31 22:22 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Frontier_Developments
2016-07-31 22:09 - 2016-07-31 22:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\LocalLow\Brilliant Skies
2016-07-31 22:08 - 2016-07-31 22:11 - 00000000 ____D C:\Users\Patrik Biasi\Documents\From The Depths
2016-07-31 21:22 - 2016-07-31 21:23 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Shadwen
2016-07-31 17:51 - 2016-07-31 17:51 - 00000415 _____ C:\Users\Patrik Biasi\AppData\Roaminguser_gensett.xml
2016-07-31 13:38 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-31 13:38 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-31 13:38 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-31 13:38 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-31 13:38 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-31 13:38 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-31 13:38 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-31 13:38 - 2016-06-11 08:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-31 13:38 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-31 13:38 - 2016-06-10 23:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-31 13:38 - 2016-06-10 23:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-31 13:38 - 2016-06-10 23:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-31 13:38 - 2016-06-10 23:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-31 13:38 - 2016-06-10 23:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-31 13:38 - 2016-06-10 23:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-31 13:38 - 2016-06-10 23:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-31 13:38 - 2016-06-10 23:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-31 13:38 - 2016-06-10 23:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-31 13:38 - 2016-06-10 23:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-31 13:38 - 2016-06-10 23:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-31 13:38 - 2016-06-10 23:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-31 13:38 - 2016-06-10 23:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-31 13:38 - 2016-06-10 23:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-31 13:38 - 2016-06-10 23:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-31 13:38 - 2016-06-10 23:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-31 13:38 - 2016-06-10 22:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-31 13:38 - 2016-06-10 22:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-31 13:38 - 2016-06-10 22:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-31 13:38 - 2016-06-10 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-31 13:38 - 2016-06-10 22:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-31 13:38 - 2016-06-10 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-31 13:38 - 2016-06-10 22:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-31 13:38 - 2016-06-10 22:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-31 13:38 - 2016-06-10 22:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-31 13:38 - 2016-06-10 22:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-31 13:38 - 2016-06-10 22:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-31 13:38 - 2016-06-10 22:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-31 13:38 - 2016-06-10 22:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-31 13:38 - 2016-06-10 22:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-31 13:38 - 2016-06-10 21:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-31 13:38 - 2016-06-10 21:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-31 13:38 - 2016-06-10 21:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-31 13:38 - 2016-06-10 21:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-31 13:38 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-31 13:38 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-31 13:38 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-31 13:38 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-31 13:38 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-31 13:38 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-31 13:38 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-31 13:38 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-31 13:38 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-31 13:38 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-31 13:38 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-31 13:38 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-31 13:38 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-31 13:38 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-31 13:38 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-31 13:38 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-31 13:38 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-31 13:38 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-31 13:38 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-31 13:38 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-31 13:38 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-31 13:38 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-31 13:38 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-31 13:38 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-31 13:38 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-31 13:38 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-31 13:38 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-31 13:38 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-07-31 13:38 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-07-31 13:38 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-07-31 13:38 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-07-31 13:38 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-07-31 13:38 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-07-31 13:38 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-31 13:38 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-31 13:38 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-31 13:38 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-31 13:38 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-31 13:38 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-31 13:38 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-31 13:38 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-31 13:38 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-31 13:38 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-31 13:38 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-07-31 13:38 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-07-31 13:38 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-31 13:38 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-07-31 13:38 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-31 13:35 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-07-31 13:35 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-07-30 14:18 - 2016-07-30 14:18 - 00000000 ____D C:\Users\Patrik Biasi\Desktop\Alte Firefox-Daten
2016-07-28 23:52 - 2016-07-28 23:52 - 00001144 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-07-25 20:36 - 2016-07-25 20:36 - 00000000 ____D C:\Users\Patrik Biasi\Documents\East India Company
2016-07-25 17:00 - 2016-07-25 17:00 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\dvdcss
2016-07-24 11:13 - 2016-07-24 10:58 - 01461467 _____ C:\Users\Patrik Biasi\Desktop\worldedit-forge-mc1.7.10-6.1.1-dist.jar
2016-07-24 11:08 - 2016-08-02 23:08 - 00000996 _____ C:\Users\Patrik Biasi\Desktop\nativelog.txt
2016-07-24 10:53 - 2016-07-24 10:53 - 00000578 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-07-24 10:53 - 2016-07-24 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-07-23 03:31 - 2016-08-02 21:29 - 00003723 _____ C:\bdlog.txt
2016-07-23 03:31 - 2016-07-23 03:31 - 00000000 ____D C:\ProgramData\bdch
2016-07-22 21:10 - 2016-07-22 21:10 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2016-07-22 21:04 - 2016-07-22 21:04 - 00000000 ____D C:\ProgramData\BDLogging
2016-07-22 21:04 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2016-07-22 21:00 - 2016-07-22 21:00 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\PlaysTV
2016-07-22 20:59 - 2016-07-24 08:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-22 20:59 - 2016-07-24 08:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-22 20:58 - 2016-07-22 20:58 - 00000784 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-07-22 20:58 - 2016-07-22 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-07-22 20:53 - 2016-07-22 20:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PlaysTV
2016-07-22 20:52 - 2016-07-22 20:52 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\library_dir
2016-07-22 20:52 - 2016-07-22 20:52 - 00000000 ____D C:\ProgramData\Mail.Ru
2016-07-22 20:51 - 2016-07-22 20:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2016-07-21 16:00 - 2016-08-03 20:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-21 16:00 - 2016-08-03 00:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-21 16:00 - 2016-07-29 00:10 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-21 16:00 - 2016-07-29 00:10 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-21 16:00 - 2016-07-21 16:00 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-21 16:00 - 2016-07-21 16:00 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-17 18:46 - 2015-12-28 18:36 - 00450771 _____ C:\Windows\system32\Drivers\etc\hosts.20160717-184619.backup
2016-07-17 18:44 - 2016-07-17 18:44 - 00003640 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-07-17 18:42 - 2016-08-03 20:37 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-07-17 18:42 - 2016-07-17 18:42 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-07-17 18:40 - 2016-07-17 18:41 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\QuickScan
2016-07-17 18:14 - 2016-07-17 18:14 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Вoйти в Интeрнет
2016-07-17 18:09 - 2016-07-17 18:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Поиcк в Интeрнете
2016-07-17 18:08 - 2016-07-17 18:08 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\MailProducts
2016-07-17 18:08 - 2016-07-17 18:08 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Mail.Ru
2016-07-17 14:36 - 2016-07-17 14:36 - 00000000 ____D C:\Users\Patrik Biasi\Documents\Mirrors Edge Catalyst
2016-07-17 14:02 - 2016-07-17 14:02 - 00000747 _____ C:\Users\Public\Desktop\Mirror's Edge™ Catalyst.lnk
2016-07-17 14:02 - 2016-07-17 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirror's Edge™ Catalyst
2016-07-17 07:48 - 2016-07-17 09:29 - 00000689 _____ C:\Users\Patrik Biasi\Desktop\hoi4 zoigsl.txt
2016-07-14 06:46 - 2016-07-14 06:46 - 00001150 _____ C:\Users\Patrik Biasi\Desktop\FarCry4 - Verknüpfung.lnk
2016-07-11 16:14 - 2016-07-11 16:14 - 00001618 _____ C:\Users\Patrik Biasi\Documents\PwrData_2016-7-11-16-14-52.csv
2016-07-11 16:13 - 2016-07-11 16:13 - 00003073 _____ C:\Users\Patrik Biasi\Desktop\Intel® Power Gadget 3.0.lnk
2016-07-11 16:13 - 2016-07-11 16:13 - 00003027 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Intel® Power Gadget 3.0.lnk
2016-07-10 21:33 - 2016-07-10 21:33 - 00000233 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4.url
2016-07-10 21:33 - 2016-07-10 21:33 - 00000233 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4 Map Editor.url
2016-07-10 16:37 - 2016-07-10 16:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-07-10 16:21 - 2016-07-10 16:21 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\BattlEye
2016-07-06 08:28 - 2015-12-28 18:36 - 00450771 _____ C:\Windows\system32\Drivers\etc\hosts.20160706-082807.backup
2016-07-04 22:38 - 2016-07-24 10:58 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\AMD
2016-07-04 18:33 - 2016-08-02 22:35 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-07-04 18:33 - 2016-07-04 18:33 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-07-04 18:23 - 2016-07-04 18:23 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-07-04 18:18 - 2016-07-22 20:53 - 00002025 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-07-04 18:18 - 2016-07-17 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-07-04 18:18 - 2016-07-04 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-07-04 18:17 - 2016-08-03 10:40 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Raptr
2016-07-04 18:17 - 2016-07-04 18:18 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-07-04 18:17 - 2016-07-04 18:17 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\library_dir
2016-07-04 18:17 - 2016-07-04 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-07-04 18:15 - 2016-07-04 18:15 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-07-04 18:14 - 2016-07-04 18:17 - 00000000 ____D C:\Program Files\AMD
2016-07-04 18:14 - 2016-07-04 18:14 - 00000000 ____D C:\AMD

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-03 21:13 - 2015-12-29 13:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-03 05:49 - 2015-12-29 13:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 03:20 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-03 03:20 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-03 01:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-08-03 00:07 - 2016-05-06 19:26 - 00000000 ____D C:\ProgramData\Origin
2016-08-02 22:49 - 2016-05-21 16:38 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\LogMeIn Hamachi
2016-08-02 22:39 - 2015-12-30 04:22 - 00000000 __SHD C:\Users\Patrik Biasi\IntelGraphicsProfiles
2016-08-02 22:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-02 22:20 - 2015-12-29 08:42 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 22:20 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 21:39 - 2015-12-28 15:03 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\VirtualStore
2016-08-02 19:01 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-01 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-31 17:48 - 2009-07-14 06:45 - 00296464 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-31 13:45 - 2015-12-29 04:49 - 00000000 ____D C:\Windows\system32\MRT
2016-07-31 13:41 - 2015-12-29 04:49 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-31 13:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-31 12:54 - 2016-03-13 01:18 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\.minecraft
2016-07-28 23:52 - 2016-01-10 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-07-28 23:52 - 2015-12-28 16:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-26 14:24 - 2010-11-21 05:27 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-25 17:01 - 2016-01-01 07:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\vlc
2016-07-25 17:01 - 2011-04-12 09:43 - 00700130 _____ C:\Windows\system32\perfh007.dat
2016-07-25 17:01 - 2011-04-12 09:43 - 00149768 _____ C:\Windows\system32\perfc007.dat
2016-07-25 17:01 - 2009-07-14 07:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 16:59 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-07-22 21:06 - 2015-12-29 13:23 - 00000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-07-22 21:06 - 2015-12-29 13:23 - 00000865 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-07-22 20:51 - 2016-06-30 16:53 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-22 20:51 - 2016-06-14 16:49 - 00000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2016-07-21 16:00 - 2015-12-28 19:14 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Google
2016-07-21 16:00 - 2015-12-28 19:14 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-20 15:44 - 2015-12-28 18:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-20 15:34 - 2015-12-28 15:34 - 00000000 ____D C:\Software und Programme
2016-07-20 15:34 - 2015-12-28 15:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-20 12:08 - 2016-06-14 05:31 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-07-14 05:13 - 2015-12-29 13:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 05:13 - 2015-12-29 13:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 05:13 - 2015-12-29 13:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 05:13 - 2015-12-29 13:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 05:13 - 2015-12-29 13:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-14 00:17 - 2015-12-29 13:40 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-11 16:19 - 2016-03-21 00:01 - 00007596 _____ C:\Users\Patrik Biasi\AppData\Local\Resmon.ResmonCfg
2016-07-11 16:13 - 2015-12-28 15:22 - 00000000 ____D C:\Program Files\Intel
2016-07-11 00:07 - 2016-01-15 00:03 - 00000000 ____D C:\Users\Patrik Biasi\Documents\My Games
2016-07-11 00:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-07-10 21:13 - 2015-12-29 16:43 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\CrashDumps
2016-07-10 18:08 - 2016-01-09 19:12 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Turbine
2016-07-10 16:37 - 2015-12-28 16:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-10 16:16 - 2016-01-07 19:44 - 00000000 ____D C:\Users\Patrik Biasi\Documents\StarCraft II
2016-07-10 16:16 - 2016-01-06 18:11 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\SpaceEngineers
2016-07-10 16:16 - 2015-12-28 20:05 - 00000000 ____D C:\Users\Patrik Biasi\Documents\The Witcher 3
2016-07-10 16:15 - 2016-04-28 20:34 - 00000000 ____D C:\Users\Patrik Biasi\Documents\Arma 3
2016-07-04 23:47 - 2016-01-07 19:43 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Battle.net
2016-07-04 18:17 - 2016-03-21 02:27 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-04 18:10 - 2015-12-28 16:21 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\NVIDIA Corporation
2016-07-04 18:10 - 2015-12-28 16:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-04 18:10 - 2015-12-28 15:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-07-04 17:39 - 2015-12-28 15:37 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-04 17:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-21 00:01 - 2016-07-11 16:19 - 0007596 _____ () C:\Users\Patrik Biasi\AppData\Local\Resmon.ResmonCfg
2016-08-02 21:32 - 2016-08-02 21:32 - 0236694 _____ () C:\ProgramData\1470166142.bdinstall.bin

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Patrik Biasi\AppData\Local\Temp\avgnt.exe
C:\Users\Patrik Biasi\AppData\Local\Temp\jansi-64-4714379629118050537.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-27 00:35

==================== Ende von FRST.txt ============================

DarthSoul · 03.08.2016, 20:22

und hier die addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-08-2016
durchgeführt von Patrik Biasi (2016-08-03 21:14:45)
Gestartet von D:\Patrik Daten\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-12-28 13:03:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1232250440-3554339344-2704717973-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1232250440-3554339344-2704717973-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1232250440-3554339344-2704717973-1002 - Limited - Enabled)
Patrik Biasi (S-1-5-21-1232250440-3554339344-2704717973-1000 - Administrator - Enabled) => C:\Users\Patrik Biasi

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Skybox Labs)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Avira Launcher (HKLM-x32\...\{92a7fd6b-31e5-472f-862e-79214c5032ef}) (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG) Hidden
AXYOS (HKLM\...\Steam App 318100) (Version:  - Axyos Games)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefleet Gothic: Armada (HKLM\...\Steam App 363680) (Version:  - Tindalos Interactive)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.29.1517 - Bitdefender)
Black Sails (HKLM-x32\...\Steam App 373240) (Version:  - Deck13)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
DeadCore (HKLM-x32\...\Steam App 284460) (Version:  - 5 Bits Games)
Discord (HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Discord) (Version: 0.0.291 - Hammer & Chisel, Inc.)
East India Company Gold (HKLM\...\Steam App 254000) (Version:  - )
Elite Dangerous (HKLM\...\Steam App 359320) (Version:  - Frontier Developments)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version:  - Monolith Productions, Inc.)
F.E.A.R.: Extraction Point (HKLM-x32\...\Steam App 21110) (Version:  - Monolith )
F.E.A.R.: Perseus Mandate (HKLM-x32\...\Steam App 21120) (Version:  - Monolith )
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FINAL FANTASY XIII (HKLM-x32\...\Steam App 292120) (Version:  - SQUARE ENIX)
From The Depths (HKLM\...\Steam App 268650) (Version:  - Brilliant Skies Ltd.)
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version:  - Neople)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.82 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hard Reset (HKLM-x32\...\Steam App 98400) (Version:  - Flying Wild Hog)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version:  - Gearbox Software)
In Verbis Virtus (HKLM-x32\...\Steam App 242840) (Version:  - Indomitus Games)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Power Gadget 3.0 (HKLM\...\{AAFAAB45-753C-4402-A23D-3F0EA9A750EC}) (Version: 3.0.4 - Intel)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
KHOLAT (HKLM-x32\...\Steam App 343710) (Version:  - IMGN.PRO)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.493 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.493 - LogMeIn, Inc.) Hidden
METAL GEAR SOLID V: GROUND ZEROES (HKLM\...\Steam App 311340) (Version:  - Kojima Productions)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mozilla Firefox 43.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla)
Mozilla Firefox 47.0.1 (x86 de) (HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2 - Mozilla)
My Bones (HKLM-x32\...\Steam App 389700) (Version:  - Mamedov Yuriy)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Postal 3 (HKLM-x32\...\Steam App 10220) (Version:  - Trashmasters)
PROTOTYPE 2 (HKLM-x32\...\Steam App 115320) (Version:  - Radical Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.3-r114633-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Red Orchestra: Ostfront 41-45 (HKLM-x32\...\Steam App 1200) (Version:  - Tripwire Interactive)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Security Task Manager 2.1g (HKLM-x32\...\Security Task Manager) (Version: 2.1g - Neuber Software)
Shadwen (HKLM\...\Steam App 425210) (Version:  - Frozenbyte)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skyrim Script Extender (SKSE) (HKLM-x32\...\Steam App 365720) (Version:  - The SKSE Team)
Snis HitZone Installer (HKLM-x32\...\Snis HitZone Installer) (Version: 21.4.0 - Snis ModPack Installer)
Snis ModPack Installer (HKLM-x32\...\Snis ModPack Installer) (Version: 2.5.1.0 - Snis ModPack Installer)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Starpoint Gemini 2 (HKLM\...\Steam App 236150) (Version:  - Little Green Men Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Last Crown: Midnight Horror (HKLM-x32\...\Steam App 291770) (Version:  - Darkling Room)
The Lost Crown (HKLM-x32\...\Steam App 291710) (Version:  - Darkling Room)
The Stanley Parable (HKLM\...\Steam App 221910) (Version:  - Galactic Cafe)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Tom Clancy's H.A.W.X. 2 (HKLM-x32\...\Steam App 48180) (Version:  - Ubisoft Romania)
Two Worlds: Epic Edition (HKLM\...\Steam App 1930) (Version:  - Reality Pump Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Wargame: Red Dragon (HKLM-x32\...\Steam App 251060) (Version:  - Eugen Systems)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM-x32\...\Steam App 9450) (Version:  - Relic Entertainment)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00BACFF6-BAA1-4E6F-9494-0CECC8453599} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {183D3DC7-B7B4-4AF5-94D4-26DAE91DD151} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\Windows\System32\GWX\GWX.exe
Task: {1A320040-A934-4643-A8B2-7D252346C4D3} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {38323431-66EB-45D4-BFA6-6E120F119B28} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Software und Programme\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {3ACD375D-2AE2-43AB-8D06-1CC273EE6009} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-21] (Google Inc.)
Task: {420DFF1C-C132-4501-8C3F-AD887104B6D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {4BB71278-EC8F-4EB9-9393-E3E9F7F112B0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {C3E4EA5F-0137-4041-AC98-2BF68CA3518D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Software und Programme\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C47E5A5D-717F-42DE-99FE-54F22AF33AB6} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-06-14] (Bitdefender)
Task: {D3E28982-7F3C-4203-A947-658E4B5FF79F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-21] (Google Inc.)
Task: {D7168393-BC75-42A1-8BF2-4E1284E323C5} - System32\Tasks\{7F931E57-155F-43B8-B626-4E7F4BFBF2B1} => C:\Patrik Daten\Downloads\o1417en_w_scan7031.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{EC282B17-FEEB-4530-BACA-C0BB19B8C9DC}\SupportTasks\1\Support.lnk -> hxxp://www.support.vugames.com/
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{EC282B17-FEEB-4530-BACA-C0BB19B8C9DC}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.whatisfear.com/
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{220FD8FC-C027-42FD-B2DE-1F9CEFA2BF73}\SupportTasks\1\Support.lnk -> hxxp://empireearth.sierra.com/support/
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{220FD8FC-C027-42FD-B2DE-1F9CEFA2BF73}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.empireearth.com/

ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://otnofes.ru/?utm_source=startlink03&utm_content=aa10ba6431e0e87e0974fde2390a003d&utm_term=49B2ECE1B9CAC212FCB225556D05D035&utm_d=20160717"
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811008"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-12-28 15:30 - 2013-05-28 18:58 - 00454656 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-05-12 22:12 - 2016-06-18 23:40 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-01-06 21:43 - 2016-01-06 21:43 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-01-06 21:43 - 2016-01-06 21:43 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-08-09 05:50 - 2015-08-09 05:50 - 00404376 _____ () C:\Windows\system32\igfxTray.exe
2015-12-28 17:56 - 2014-05-13 13:04 - 00109400 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-28 17:56 - 2014-05-13 13:04 - 00416600 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-28 17:56 - 2014-05-13 13:04 - 00167768 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-28 17:56 - 2012-08-23 11:38 - 00574840 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-28 17:56 - 2012-04-03 18:06 - 00565640 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-03-21 15:49 - 2016-03-21 15:49 - 00186368 _____ () C:\Windows\SysWOW64\GameManager32.dll
2015-12-28 17:13 - 2016-04-29 22:10 - 00785920 _____ () C:\Software und Programme\Steam\SDL2.dll
2015-12-28 17:13 - 2015-07-03 18:12 - 04962816 _____ () C:\Software und Programme\Steam\v8.dll
2015-12-28 17:13 - 2015-07-03 18:12 - 01556992 _____ () C:\Software und Programme\Steam\icui18n.dll
2015-12-28 17:13 - 2015-07-03 18:12 - 01187840 _____ () C:\Software und Programme\Steam\icuuc.dll
2015-12-28 17:13 - 2016-07-09 03:06 - 02317904 _____ () C:\Software und Programme\Steam\video.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 02549760 _____ () C:\Software und Programme\Steam\libavcodec-56.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 00442880 _____ () C:\Software und Programme\Steam\libavutil-54.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 00491008 _____ () C:\Software und Programme\Steam\libavformat-56.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 00332800 _____ () C:\Software und Programme\Steam\libavresample-2.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 00485888 _____ () C:\Software und Programme\Steam\libswscale-3.dll
2015-12-28 17:13 - 2016-07-09 03:06 - 00829520 _____ () C:\Software und Programme\Steam\bin\chromehtml.DLL
2016-03-09 06:00 - 2016-07-07 00:00 - 00266560 _____ () C:\Software und Programme\Steam\openvr_api.dll
2015-12-28 17:13 - 2016-06-14 21:14 - 49826080 _____ () C:\Software und Programme\Steam\bin\libcef.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-10-21 22:29 - 2015-10-21 22:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-10-21 22:29 - 2015-10-21 22:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2015-06-27 01:09 - 2015-06-27 01:09 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd
2016-07-21 02:08 - 2016-07-21 02:08 - 02619136 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\ltc_host_ex.DLL
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2016-04-19 19:08 - 2016-04-19 19:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2015-12-28 15:25 - 2013-09-03 17:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-28 17:13 - 2015-09-25 01:56 - 00119208 _____ () C:\Software und Programme\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-08-02 20:48 - 00450771 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15463 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 213.182.224.30 - 213.182.224.35
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{1EED9DB9-12D7-420E-9C77-79573EB73974}] => (Allow) C:\Software und Programme\Firefox\firefox.exe
FirewallRules: [{80BBF87A-7300-40AA-8319-AC29BFAA182A}] => (Allow) C:\Software und Programme\Firefox\firefox.exe
FirewallRules: [{17716CD1-C795-4DF2-912D-1399D0ABE89A}] => (Allow) C:\Software und Programme\Steam\Steam.exe
FirewallRules: [{5B2D54A4-8169-462B-B628-C65F1AE77295}] => (Allow) C:\Software und Programme\Steam\Steam.exe
FirewallRules: [{01FD1050-5152-4F7C-9BEB-FB2612D50A90}] => (Allow) C:\Software und Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A2CF660A-C38D-4A78-A6AC-A7C8DC0E4A09}] => (Allow) C:\Software und Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{6DB5B0C8-20F9-488C-8E28-987F3F4FB8C7}] => (Allow) E:\Games\Wargaming\WoT\WoTLauncher.exe
FirewallRules: [{65AD2E40-3776-41CF-9357-49A6095618B6}] => (Allow) E:\Games\Wargaming\WoT\WoTLauncher.exe
FirewallRules: [{AD6710A0-FDE4-40B3-874B-D66ABC878602}] => (Allow) E:\Games\Wargaming\WoT\worldoftanks.exe
FirewallRules: [{1387C918-1AB7-4B6A-8D75-D7EB22A9F9FC}] => (Allow) E:\Games\Wargaming\WoT\worldoftanks.exe
FirewallRules: [{96E743CF-4D25-4AC0-81EF-2E73D4B15736}] => (Allow) E:\Games\Wargaming\WoWs\WoWSLauncher.exe
FirewallRules: [{7D713567-F54E-4C6B-81EA-645131837C35}] => (Allow) E:\Games\Wargaming\WoWs\WoWSLauncher.exe
FirewallRules: [{CA2B6825-2EB7-44A7-A01D-92AAD29B676D}] => (Allow) E:\Games\Wargaming\WoWs\worldofwarships.exe
FirewallRules: [{3ACA64CC-AA9E-46C7-B05B-15B182C51F28}] => (Allow) E:\Games\Wargaming\WoWs\worldofwarships.exe
FirewallRules: [{CEF40CCD-EB95-40B5-845F-BDF6136BE5B2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{95E6C9A3-4CCC-4D9A-A14D-9F89C9D8F860}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{211A9728-A355-4FA0-9004-29BCE8C8684D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3365F15C-59CA-4269-81D2-BEFA227EE97B}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E5B7EB50-C309-4BA7-8525-807513F379D1}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{E8311E00-4606-4DEE-B29C-C750D9926EAC}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{F3B0696D-A825-44D7-B08E-510DDD582939}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{15547076-18B3-4B1D-BE8A-CACFE2A4FEBC}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{CACEC709-5BC0-4C4A-8E5B-592F69840CA9}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{47F8455E-BFB7-408C-9980-32AA8D19CACF}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{CF28802F-1875-475B-9114-D8BF099A47A9}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{3269D615-A67B-4597-B4CB-E57AE0C54922}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F0FD16A5-73B0-4A68-9E70-56A8876E2728}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{845AC523-8D94-4819-9221-57656D3E6345}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{542E7216-D412-44E3-A649-65A7E11820C2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B1EB418A-062C-4D54-9527-11101529A99A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{1853736B-B984-4F15-93F6-EB4A5DBF47AB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\HardReset\hardreset.exe
FirewallRules: [{6269FD08-6281-4659-911E-E6E74B45AF7A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\HardReset\hardreset.exe
FirewallRules: [{EE01E2F8-7C5E-4D3B-9975-0172B2F2DEE2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{F65A1934-F330-4E16-BF12-1CB5F7A5162F}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{3C101777-1205-4320-9A2D-8A996F2AC8F2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{C217900D-7739-4DEA-BF5C-1DB4C99BBFC0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{1B4C9756-C62A-4855-B98C-D4ED0C4673A4}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{A3850DBD-335E-4038-B3E8-DBA2485B8AAE}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{B1773C76-1007-45F8-A7FC-D27A19825ED2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{74B5FF5B-4FA9-4AB8-92BE-BE7025E85E3E}] => (Allow) E:\Steam Spiele 1T\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{BBBBA739-ABE1-4F54-978C-2D61792C17A0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{57D1CFFA-7EDF-4747-B2C0-E69A7B40165F}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{7B685A09-BE77-40F1-B453-0BA3DE7409AB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{0786B62D-412E-4786-B02A-2C51EC8044B0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{BBC01307-CEC3-4B58-8F39-70A47F76AE60}] => (Allow) E:\Steam Spiele 1T\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{0EE257A5-CBAF-49AA-8B34-5571552BD00E}] => (Allow) E:\Steam Spiele 1T\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{66047CC7-5598-4867-8A8F-2D4EBF7F8F16}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{B0ECCC85-8273-4312-B059-77D28F9F4E48}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{802764B7-6264-4717-B3B3-B46BF1AFC00C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\DeadCore\DeadCore.exe
FirewallRules: [{E6D9A2F3-2B06-42C9-B529-6BD7DCEDF6F8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\DeadCore\DeadCore.exe
FirewallRules: [{A2FF501A-D374-4837-BA30-E0471267C248}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{AD437B25-DDF4-4047-A14E-8FB813FD1A99}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A72C7073-7C48-4EEC-AEF1-6133A23C2794}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{22925672-91AB-4A60-9CBE-9B1DE517E02C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{8E354F53-8ADE-4B5E-8F3F-251C1F1BEF94}] => (Allow) E:\Steam Spiele 1T\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{C9F183CF-D725-4EA6-B1EC-CE4C8B27180D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{B3E0FF26-9870-4648-826A-D717D0053616}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{1350171F-D806-471B-9F6A-1A93918C453C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{49CDFA04-D033-40BF-A95C-9609520402FB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C942D818-7103-451B-84CA-C35CF9992C70}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5B53A9EB-929A-44A2-915A-26EDD96B166A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{2C1AB0B1-F9C3-4847-B060-9B7B757EB8C1}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{340F18C2-3ADC-4731-915B-439F43453124}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{3888B4D8-DEAB-4FDB-BD80-72A16AE1A34D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{9D4FC308-70B8-436B-90CA-E41C2C932004}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{28F813E3-35EC-42A1-A707-D74CC05286B1}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{C7DF6B64-06F3-4A85-9E52-6E426032139E}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Red Orchestra\System\RedOrchestra.exe
FirewallRules: [{7CDD67DB-DD0B-4372-AF61-16E911520ECF}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Red Orchestra\System\RedOrchestra.exe
FirewallRules: [{FA9C4233-8DFA-4C4C-BD93-8B6988C03CAA}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Tom Clancy's HAWX 2 EMEA\HAWX2.exe
FirewallRules: [{5B55AEBA-1C60-40D3-AD81-B756B65EB9A8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Tom Clancy's HAWX 2 EMEA\HAWX2.exe
FirewallRules: [{0448B735-3F1C-47B9-9FCF-E1800982340B}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Tom Clancy's HAWX 2 EMEA\HAWX2_DX11.exe
FirewallRules: [{F198480E-E225-4748-9DB7-EBDCD4B60B13}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Tom Clancy's HAWX 2 EMEA\HAWX2_DX11.exe
FirewallRules: [{60CEF98F-F584-48CE-AE3C-46E111301D9A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{EA789F8C-4FBE-423F-8103-76A8C83B6F53}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{E08FA49A-8AD2-488B-B321-4BC5FD26E095}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame Airland Battle\WarGame2.exe
FirewallRules: [{D89607D5-3918-4671-8A28-EC94144E6FC4}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame Airland Battle\WarGame2.exe
FirewallRules: [{BBF27D55-C69F-4B0D-8BE5-FF219BE4BB02}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{7B2A51DF-6FDF-481B-8D7A-56431539F303}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{0803DFEF-9C13-45D5-8B1D-B054FD1D2D6A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\In Verbis Virtus\Binaries\Win32\IVV.exe
FirewallRules: [{435F7C7F-8D2C-4042-87F3-DE731486B3CF}] => (Allow) E:\Steam Spiele 1T\steamapps\common\In Verbis Virtus\Binaries\Win32\IVV.exe
FirewallRules: [{A146AD6C-9990-4C91-AC1D-4428AFB958F9}] => (Allow) C:\Software und Programme\Avira\Av\avgmfapx.exe
FirewallRules: [{3BDC44B8-823D-49F3-A33F-CADA9159499E}] => (Allow) C:\Software und Programme\Avira\Av\avgmfapx.exe
FirewallRules: [TCP Query User{AB7991B7-F87E-45DD-B35B-3FF0F9F08AE2}E:\steam spiele 1t\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Allow) E:\steam spiele 1t\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [UDP Query User{AEA18431-7AEF-41C0-8BD5-E6C6BD19CEA1}E:\steam spiele 1t\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Allow) E:\steam spiele 1t\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [TCP Query User{DA02C742-877D-43F7-834C-9D04807B80B5}E:\games\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) E:\games\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{6230BD8D-2061-4BF6-8E0F-58D94D0EC317}E:\games\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) E:\games\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{D297D779-1207-4BA3-A4C1-32E961C75FCB}C:\users\patrik biasi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\patrik biasi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E0CC898D-C1A9-40C8-A493-A186002A6208}C:\users\patrik biasi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\patrik biasi\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A3BE4D7B-BE66-439C-A20E-4D9DA89180AF}] => (Allow) E:\Steam Spiele 1T\steamapps\common\My Bones\My Bones.exe
FirewallRules: [{25F3AF93-D9F4-4AC7-95C1-A0B61F64489A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\My Bones\My Bones.exe
FirewallRules: [{291F5765-048B-44FE-B0F9-C5BC81EB27AC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Lost Crown\TheLostCrown.exe
FirewallRules: [{519CA0B8-028C-4AE2-B448-590429E4616C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Lost Crown\TheLostCrown.exe
FirewallRules: [{A9EFA679-790E-461F-9A5C-0DFCC6F13007}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Midnight Horror\Launcher.exe
FirewallRules: [{F9DE9681-42B7-4156-8DF8-4345F648B948}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Midnight Horror\Launcher.exe
FirewallRules: [{DB6F799D-E561-4198-A5B9-EB9401FFFC34}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{CD308190-459C-4875-82A7-5CC8B74F9337}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{86643908-7EBB-48C9-9A9A-A7297261C338}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Prototype 2\prototype2.exe
FirewallRules: [{CCA794E2-C3D7-49CE-BD14-C870F2EA4A3B}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Prototype 2\prototype2.exe
FirewallRules: [{C66A6E31-4852-4231-8987-1A5185ADC6AC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{7EA5F85D-B89C-492D-980D-5E13F01D28CD}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{D88C099B-4597-499F-8F74-D70795AAE22D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{F738F50E-6187-4441-8BE6-1803D6817551}] => (Allow) E:\Steam Spiele 1T\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{36B457DE-C2F5-47A8-A15B-EDBBF514379F}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{BC42FD0D-EEC9-4D5F-94C7-89D9D47B50A1}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{9B52BAF4-1998-46CD-BC35-56ABCB4FFF47}] => (Allow) E:\Steam Spiele 1T\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [{C79A83E0-7907-4B4A-8033-7B1325212D52}] => (Allow) E:\Steam Spiele 1T\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [{088A9301-BF8F-49DE-AB55-41E09B9FDD16}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{C39E4F19-B477-4F8A-96CA-2249AD919C88}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{9B39F168-71D7-4CD2-9806-AF11730CA5FB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Postal III\p3.exe
FirewallRules: [{91605AA2-AE37-4361-9BE1-0DD879A6003A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Postal III\p3.exe
FirewallRules: [{94726EE5-7A95-4391-8BD0-DD18B97D9F2D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{9E103FD2-1B4A-4F88-B6B8-0820D3A7D439}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{24108AE9-97CF-4A1F-A751-42AB1FBC88BB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{704124BE-39FA-4C66-8B92-B11FF923A520}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{C0EE6CFB-E7BE-40A5-AFD2-D266DAE4106D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{767FF953-355B-4851-B669-477B6A784770}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{4F216842-2211-4B4E-8521-CF94D0B41F28}] => (Allow) E:\Steam Spiele 1T\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{60B2E2EF-9584-4464-863E-50425383F811}] => (Allow) E:\Steam Spiele 1T\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{A66E334D-D790-4A49-A114-9BD67F4E41D0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{0ED65D03-64EE-45A6-ACB5-B194480D8BDB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{6E85AC28-0BDA-40FC-99DA-3A93B1F9AB93}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{DC1ABB69-3B4C-4FD3-B888-F4DE5246C088}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{F7005104-E4AD-4269-89CC-22E98485CF4B}E:\games\empire earth\empire earth.exe] => (Block) E:\games\empire earth\empire earth.exe
FirewallRules: [UDP Query User{CB8391D9-3911-4EA6-A1DB-666E16716748}E:\games\empire earth\empire earth.exe] => (Block) E:\games\empire earth\empire earth.exe
FirewallRules: [{F36C4BDB-DF9B-449C-9702-367886A613E2}] => (Allow) E:\origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{1CD5C018-CAD6-471F-9BA0-AB4264AE4518}] => (Allow) E:\origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{0F6DEF06-5781-4013-9EB3-50A27610672F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FD4072A4-0B95-4D82-B13E-67E5A67B23AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9FC4C60A-20BD-40AC-93F7-518C2E6520F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E3E2E792-4255-49BB-84A4-4C17FF191E87}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A24C9B38-5071-4B5B-991E-EBAB82EC18EF}] => (Allow) E:\origin\Battlefield 3\bf3.exe
FirewallRules: [{CAE2FF73-FC9B-4772-A874-4743C26BB689}] => (Allow) E:\origin\Battlefield 3\bf3.exe
FirewallRules: [{C1A6E077-3A46-4AA2-ABA8-49A9A3A583FC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{A5493F6E-23A3-40D5-B8AB-33C9C20C5C55}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{31B4D4EE-68DC-4784-A384-7C0FAA73E832}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Carrier Command Gaea Mission\carrier.exe
FirewallRules: [{30615F86-7F64-48D2-A9F1-5E73869D1955}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Carrier Command Gaea Mission\carrier.exe
FirewallRules: [{C123A1C9-2EF1-45E8-9E08-90880DF4448D}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Alternativa\ALTERNATIVA.exe
FirewallRules: [{3BCFD2EF-E1A9-4A40-82E8-DD31A2489E13}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Alternativa\ALTERNATIVA.exe
FirewallRules: [{C15E395C-5D4C-490A-92C6-D6BA693D1995}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer.exe
FirewallRules: [{FC463429-20A1-416B-BBDB-CACE986EDDAD}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer.exe
FirewallRules: [{BA2348F2-5340-4ECD-AC69-18BE78D699D8}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{CDB01618-67DB-42F9-A234-CA0E50EBFF57}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{DF365F44-3D87-40B5-9A9A-71FD868C8953}] => (Allow) E:\origin\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{C98F6289-01CD-4932-AE53-63652118585D}] => (Allow) E:\origin\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{843168AB-4965-4653-BA5A-A3FB8DBC194A}] => (Allow) E:\origin\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{A42478CB-C315-4CE2-8922-8B8A39F25529}] => (Allow) E:\origin\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [TCP Query User{7712BE76-77DE-4CCA-ADE8-93DB74BDD520}E:\steam spiele 1t\steamapps\common\arma 3\arma3.exe] => (Block) E:\steam spiele 1t\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{C16277DB-74C0-44BC-BE43-63DAAA7150A3}E:\steam spiele 1t\steamapps\common\arma 3\arma3.exe] => (Block) E:\steam spiele 1t\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{49C2C175-EA3D-47DF-9D16-FA58C8D6227C}E:\steam spiele 1t\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Block) E:\steam spiele 1t\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{61C2E3EC-5918-4416-AD91-0F12560B9887}E:\steam spiele 1t\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Block) E:\steam spiele 1t\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{3B6BB865-D080-48A9-AACD-6C94845E1DB3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BE838703-9B1B-4AE7-8654-B398B4FD20DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{537C53B1-3EF3-453F-BFCE-ED39DF23C6CD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{64955B1B-9981-4D24-982C-1209C0119440}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5711F30B-3B4A-40DF-9961-FCDCBC0DFA5E}] => (Allow) E:\Uplaygames\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{E0553681-44C3-4328-9F2F-1A37C556308D}] => (Allow) E:\Uplaygames\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [TCP Query User{195AECA6-766E-48C7-8540-1BFABA58EE41}C:\software und programme\vlc\vlc.exe] => (Block) C:\software und programme\vlc\vlc.exe
FirewallRules: [UDP Query User{DC5B1059-57F8-478F-A5BC-99C27B7C4005}C:\software und programme\vlc\vlc.exe] => (Block) C:\software und programme\vlc\vlc.exe
FirewallRules: [TCP Query User{696203F6-DB5B-485D-8053-274077A099E8}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{5CEDB9C9-64FB-4F23-9CC9-743A803F21EB}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{9334486E-A082-4210-8936-74C9EBED4101}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{FD40F0CA-AFF5-414F-A043-26FCA76D2DCD}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{90431DCB-8710-4289-96E0-6765322A8C25}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{7AA1503B-F9B5-42FC-A808-F5EB52105740}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{6051CF6F-6969-490B-AC0A-E865C2E141F8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{36451A5D-8CB3-47B5-9F4B-44253C04D11E}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{1746728A-6240-471E-82C7-C7F9BE6EDE82}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{BD1BCA21-FABE-4207-976C-D7580A6A992A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{684A5EB9-CBF3-4963-8B4D-88AFAE7677AF}] => (Allow) E:\Uplaygames\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{01454A0F-0DFC-4CF3-8B12-E2F065AADD88}] => (Allow) E:\Uplaygames\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{F59986D0-3DF7-4D0D-A36C-D91BA185A753}] => (Allow) E:\Uplaygames\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{6882C1E3-0605-484C-BAE4-62669CDEBA84}] => (Allow) E:\Uplaygames\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{5442AAFD-38CE-4FD3-9861-C25FA03E2DD6}] => (Allow) E:\Uplaygames\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{EAEFEE0F-5ACA-4F5B-9A7F-07529E790C79}] => (Allow) E:\Uplaygames\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{EF272CCF-6476-430E-BB52-C433A4181372}] => (Allow) E:\Uplaygames\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{7ED1F057-311B-454A-A2AA-E50BB5FDFCB9}] => (Allow) E:\Uplaygames\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{1BE2FD0A-18C2-45BE-8B7E-342833983AE9}] => (Allow) E:\Steam Spiele 1T\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{D4AD3E98-8E0F-48F2-B3E7-9DF685B6EE76}] => (Allow) E:\Steam Spiele 1T\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{EBB39658-8847-4943-9335-63F398CBBFD9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EF7C8F2F-64D2-494E-B3CF-3F1190BF534C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\eastindia.exe
FirewallRules: [{06B17213-D46B-4767-8511-10BA2FB303C8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\eastindia.exe
FirewallRules: [{43E388D0-D6FC-4C54-8A01-C15F9B4777D6}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\piratebay.exe
FirewallRules: [{7756F688-1C4E-498F-8EB1-CEAE700B5106}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\piratebay.exe
FirewallRules: [{690C93FD-0AF4-47DD-A521-B9347FEA9F31}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\privateer.exe
FirewallRules: [{6A95E5D0-836F-41D1-9B59-6822060C73FC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\privateer.exe
FirewallRules: [{B3B3D9A5-EA91-4156-A489-D5CE3AF2EBDD}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\trafalgar.exe
FirewallRules: [{7DCEBD85-5FFA-4A4C-AF9F-7E7862362868}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\trafalgar.exe
FirewallRules: [{E46218D1-83A6-45F9-9362-B1FBC0E0DCB0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\AXYOS\Binaries\Win32\UDK.exe
FirewallRules: [{75AF9F84-64D0-4F9B-B1EB-D732FF491E06}] => (Allow) E:\Steam Spiele 1T\steamapps\common\AXYOS\Binaries\Win32\UDK.exe
FirewallRules: [{51BA7E16-4EF5-4A37-A7FF-1EB6468A1CFC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{F9CBA728-4A0D-43C7-A5FF-081A4FD5D355}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{F6FA8E7C-8137-437E-A69B-CF5E4F33B060}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{3342DA9C-9B67-4DB1-909D-6C527A1106FE}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{36379EF8-9348-4508-8A1A-A81BF37CE6E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{790FFA33-5CEB-42F7-A6EC-02A56052AC48}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{1FD60434-BCF8-48E1-A638-61BCE1E812D3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DAF14697-028E-4039-ABD3-CC5175C0DA4F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{31B878B2-4DA8-4DD9-B476-3A407647C421}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer.exe
FirewallRules: [{0FC25FCB-1694-48E9-9313-BD0CDE0AB262}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer.exe
FirewallRules: [{2FBB4429-11A9-4B69-B4C0-288C9947865F}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{3F020E4B-FE2A-467C-8077-3ADE9C80D6FF}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{7AA2743B-126C-44BF-9846-69A6E63835EB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Shadwen\shadwen_launcher.exe
FirewallRules: [{2C1DE16A-18BE-4FA2-86E5-E091B48A35D1}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Shadwen\shadwen_launcher.exe
FirewallRules: [{1C3A9BC1-8948-4351-A2B8-592D7D5FECED}] => (Allow) E:\Steam Spiele 1T\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{0E9415E7-6B4E-4270-9D8B-576160F8DE03}] => (Allow) E:\Steam Spiele 1T\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{B3F5B2D6-C20D-4262-BDEB-765687B1DD06}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{DD10B4F7-99BD-4B48-840B-933DC011B6F8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{EC33B605-2B04-4E44-9775-E7AA2074B291}] => (Allow) E:\Steam Spiele 1T\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{E15461AE-B5E5-40F0-957C-13995726DF40}] => (Allow) E:\Steam Spiele 1T\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{65033EA9-F5DB-4671-85ED-78ACBF4361DF}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\2WSG.exe
FirewallRules: [{3DA56C9E-1D0B-4E1C-B70B-D65A7ED37BD9}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\2WSG.exe
StandardProfile\AuthorizedApplications: [C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

25-07-2016 20:34:09 DirectX wurde installiert
31-07-2016 13:38:43 Windows Update
02-08-2016 21:13:40 Datei in Quarantäne Ordner verschieben: ACP Application
02-08-2016 21:14:43 Datei in Quarantäne Ordner verschieben: Makes sure Spybot 2 is t
02-08-2016 22:18:34 Windows Update
02-08-2016 22:49:47 Windows-Sicherung
02-08-2016 22:50:43 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/02/2016 10:38:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 10:23:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 10:22:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 09:35:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2016 05:49:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2016 11:47:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2016 08:52:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2016 08:56:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2016 05:24:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 04:04:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/02/2016 10:37:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 11" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/02/2016 10:37:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 11 erreicht.

Error: (08/02/2016 10:36:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ACP User Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.

Error: (08/02/2016 10:22:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ACP User Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.

Error: (08/02/2016 10:19:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Intel Corporation driver update for Intel(R) HD Graphics 4600

Error: (08/02/2016 09:35:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/02/2016 09:35:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.

Error: (08/02/2016 09:34:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/02/2016 09:34:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (08/02/2016 09:33:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ACP User Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 16229.08 MB
Verfügbarer physikalischer RAM: 10472.3 MB
Summe virtueller Speicher: 32472.34 MB
Verfügbarer virtueller Speicher: 26502.06 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:320.28 GB) NTFS
Drive d: () (Fixed) (Total:596.17 GB) (Free:350.72 GB) NTFS
Drive e: (Game) (Fixed) (Total:931.51 GB) (Free:173.66 GB) NTFS
Drive f: (BenQ_LCD) (CDROM) (Total:0.63 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 83E8814D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: D126AB61)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C4DEC4DE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Warlord711 · 04.08.2016, 10:48

Ah ok. Diese Mail.ru Einträge sind also nicht gewollt ?

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 3
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Und bitte neue FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

DarthSoul · 05.08.2016, 17:24

ADWCleaner C1:

Code:

ATTFilter

# AdwCleaner v5.201 - Bericht erstellt am 05/08/2016 um 14:03:58
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-08-04.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Patrik Biasi - PATRIKBIASI-PC
# Gestartet von : D:\Patrik Daten\Downloads\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\Mail.Ru
[-] Ordner gelöscht : C:\ProgramData\SecTaskMan
[#] Ordner gelöscht : C:\ProgramData\Application Data\Mail.Ru
[#] Ordner gelöscht : C:\ProgramData\Application Data\SecTaskMan
[-] Ordner gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Ordner gelöscht : C:\Users\Patrik Biasi\AppData\Local\Mail.Ru
[-] Ordner gelöscht : C:\Users\Patrik Biasi\AppData\Local\YSearchUtil
[-] Ordner gelöscht : C:\Users\Patrik Biasi\AppData\Roaming\MailProducts
[-] Ordner gelöscht : C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj
[-] Ordner gelöscht : C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd
[-] Ordner gelöscht : C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
[-] Datei gelöscht : C:\Users\Patrik Biasi\Favorites\Mail.Ru.url
[-] Datei gelöscht : C:\Users\Patrik Biasi\Favorites\Mail.Ru Агент - используй для общения!.url

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****

[!] Verknüpfung Nicht desinfiziert : C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk

***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
[-] Schlüssel gelöscht : HKCU\Software\Google\Chrome\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj
[-] Schlüssel gelöscht : HKCU\Software\Google\Chrome\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd
[-] Schlüssel gelöscht : HKCU\Software\Google\Chrome\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\Mail.Ru
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}

***** [ Internetbrowser ] *****

[-] [C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : ccfifbojenkenpkmnbnndeadpfdiffof
[-] [C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : oelpkepjlgmehajehfeicfbjdiobdkfj
[-] [C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : ojlcebdkbpjdpiligkdbbkdkfjmchbfd

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4506 Bytes] - [05/08/2016 14:03:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [4765 Bytes] - [05/08/2016 14:03:07]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4652 Bytes] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Patrik Biasi (Administrator) on 05.08.2016 at 14:13:20,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 28 

Successfully deleted: C:\ProgramData\1470166142.bdinstall.bin (File) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Roaming\new version available (Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWOXGROB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8JE64HB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P818FJU9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9R06T92 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDKOGD07 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3MKYTHO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\THH1ZZCO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U4KXZ3JT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\prefetch\FREEALARMCLOCK.EXE-5B86D8BC.pf (File) 
Successfully deleted: C:\Windows\prefetch\FREECOUNTDOWNTIMER.EXE-85D0424D.pf (File) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWOXGROB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8JE64HB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P818FJU9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9R06T92 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QDKOGD07 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T3MKYTHO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\THH1ZZCO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U4KXZ3JT (Temporary Internet Files Folder) 



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.08.2016 at 14:15:07,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MBAM:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 05.08.2016
Suchlaufzeit: 14:20
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.08.05.04
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Patrik Biasi

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 330068
Abgelaufene Zeit: 6 Min., 33 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

hab mir erlaubt mbam nochmal laufen zu lassen (+ rootkits und die beiden anderen festplatten)...ging irgendwie zu schnell und jetzt hat er was gefunden:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 05.08.2016
Suchlaufzeit: 14:32
Protokolldatei: mbam2.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.08.05.04
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Patrik Biasi

Suchlauftyp: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 1042635
Abgelaufene Zeit: 2 Std., 48 Min., 50 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 7
Trojan.Dropper, D:\Patrik Daten\Downloads\Empire earth\Empire Earth\Sierra Update\SierraUp.exe, In Quarantäne, [a9cf7acd3d5d2412333dae3058a98977], 
CheatTool.CETTrainer, C:\Patrik Daten\Downloads\HOI\Hearts of Iron IV V1.1.0 Trainer +22 MrAntiFun.EXE, In Quarantäne, [4a2eee59e7b3ac8a6dd3b90fae539070], 
CheatTool.CETTrainer, C:\Patrik Daten\Downloads\HOI\Hearts of Iron IV V1.1.0 Trainer +22.rar, In Quarantäne, [067210376d2d3402c779497fae53be42], 
Trojan.Dropper, C:\Patrik Daten\Downloads\Empire earth\Empire Earth\Sierra Update\SierraUp.exe, In Quarantäne, [eb8d2e19cbcf1e183a3638a653aef50b], 
CheatTool.CETTrainer, C:\Patrik Daten\Downloads\far cry 3\fc4_gir489.EXE, In Quarantäne, [7ff9f651b4e62e08dc647c4c6c95dc24], 
CheatTool.CETTrainer, C:\Patrik Daten\Downloads\far cry 3\fc4_gir489.rar, In Quarantäne, [db9da99e1a80af879aa6b018917060a0], 
Trojan.Dropper, E:\Games\Empire Earth\Sierra Update\SierraUp.exe, In Quarantäne, [a3d5c38499012b0b7cf4c11d0ef316ea], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

FRST Addition aktuell:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-08-2016
durchgeführt von Patrik Biasi (2016-08-05 18:20:07)
Gestartet von C:\Users\Patrik Biasi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-12-28 13:03:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1232250440-3554339344-2704717973-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1232250440-3554339344-2704717973-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1232250440-3554339344-2704717973-1002 - Limited - Enabled)
Patrik Biasi (S-1-5-21-1232250440-3554339344-2704717973-1000 - Administrator - Enabled) => C:\Users\Patrik Biasi

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Disabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Disabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Skybox Labs)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Avira Launcher (HKLM-x32\...\{92a7fd6b-31e5-472f-862e-79214c5032ef}) (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG) Hidden
AXYOS (HKLM\...\Steam App 318100) (Version:  - Axyos Games)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefleet Gothic: Armada (HKLM\...\Steam App 363680) (Version:  - Tindalos Interactive)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.29.1517 - Bitdefender)
Black Sails (HKLM-x32\...\Steam App 373240) (Version:  - Deck13)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
DeadCore (HKLM-x32\...\Steam App 284460) (Version:  - 5 Bits Games)
Discord (HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Discord) (Version: 0.0.291 - Hammer & Chisel, Inc.)
East India Company Gold (HKLM\...\Steam App 254000) (Version:  - )
Elite Dangerous (HKLM\...\Steam App 359320) (Version:  - Frontier Developments)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version:  - Monolith Productions, Inc.)
F.E.A.R.: Extraction Point (HKLM-x32\...\Steam App 21110) (Version:  - Monolith )
F.E.A.R.: Perseus Mandate (HKLM-x32\...\Steam App 21120) (Version:  - Monolith )
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FINAL FANTASY XIII (HKLM-x32\...\Steam App 292120) (Version:  - SQUARE ENIX)
From The Depths (HKLM\...\Steam App 268650) (Version:  - Brilliant Skies Ltd.)
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version:  - Neople)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.82 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hard Reset (HKLM-x32\...\Steam App 98400) (Version:  - Flying Wild Hog)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version:  - Gearbox Software)
In Verbis Virtus (HKLM-x32\...\Steam App 242840) (Version:  - Indomitus Games)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Power Gadget 3.0 (HKLM\...\{AAFAAB45-753C-4402-A23D-3F0EA9A750EC}) (Version: 3.0.4 - Intel)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
KHOLAT (HKLM-x32\...\Steam App 343710) (Version:  - IMGN.PRO)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.493 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.493 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
METAL GEAR SOLID V: GROUND ZEROES (HKLM\...\Steam App 311340) (Version:  - Kojima Productions)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mozilla Firefox 43.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla)
Mozilla Firefox 47.0.1 (x86 de) (HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2 - Mozilla)
My Bones (HKLM-x32\...\Steam App 389700) (Version:  - Mamedov Yuriy)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Postal 3 (HKLM-x32\...\Steam App 10220) (Version:  - Trashmasters)
PROTOTYPE 2 (HKLM-x32\...\Steam App 115320) (Version:  - Radical Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.4-r114897-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Red Orchestra: Ostfront 41-45 (HKLM-x32\...\Steam App 1200) (Version:  - Tripwire Interactive)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Security Task Manager 2.1g (HKLM-x32\...\Security Task Manager) (Version: 2.1g - Neuber Software)
Shadwen (HKLM\...\Steam App 425210) (Version:  - Frozenbyte)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skyrim Script Extender (SKSE) (HKLM-x32\...\Steam App 365720) (Version:  - The SKSE Team)
Snis HitZone Installer (HKLM-x32\...\Snis HitZone Installer) (Version: 21.4.0 - Snis ModPack Installer)
Snis ModPack Installer (HKLM-x32\...\Snis ModPack Installer) (Version: 2.5.1.0 - Snis ModPack Installer)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Starpoint Gemini 2 (HKLM\...\Steam App 236150) (Version:  - Little Green Men Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Last Crown: Midnight Horror (HKLM-x32\...\Steam App 291770) (Version:  - Darkling Room)
The Lost Crown (HKLM-x32\...\Steam App 291710) (Version:  - Darkling Room)
The Stanley Parable (HKLM\...\Steam App 221910) (Version:  - Galactic Cafe)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Tom Clancy's H.A.W.X. 2 (HKLM-x32\...\Steam App 48180) (Version:  - Ubisoft Romania)
Two Worlds: Epic Edition (HKLM\...\Steam App 1930) (Version:  - Reality Pump Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Wargame: Red Dragon (HKLM-x32\...\Steam App 251060) (Version:  - Eugen Systems)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM-x32\...\Steam App 9450) (Version:  - Relic Entertainment)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00BACFF6-BAA1-4E6F-9494-0CECC8453599} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {183D3DC7-B7B4-4AF5-94D4-26DAE91DD151} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\Windows\System32\GWX\GWX.exe
Task: {1A320040-A934-4643-A8B2-7D252346C4D3} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {38323431-66EB-45D4-BFA6-6E120F119B28} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Software und Programme\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {3ACD375D-2AE2-43AB-8D06-1CC273EE6009} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-21] (Google Inc.)
Task: {420DFF1C-C132-4501-8C3F-AD887104B6D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {4BB71278-EC8F-4EB9-9393-E3E9F7F112B0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {C3E4EA5F-0137-4041-AC98-2BF68CA3518D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Software und Programme\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C47E5A5D-717F-42DE-99FE-54F22AF33AB6} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-06-14] (Bitdefender)
Task: {D3E28982-7F3C-4203-A947-658E4B5FF79F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-21] (Google Inc.)
Task: {D7168393-BC75-42A1-8BF2-4E1284E323C5} - System32\Tasks\{7F931E57-155F-43B8-B626-4E7F4BFBF2B1} => C:\Patrik Daten\Downloads\o1417en_w_scan7031.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{EC282B17-FEEB-4530-BACA-C0BB19B8C9DC}\SupportTasks\1\Support.lnk -> hxxp://www.support.vugames.com/
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{EC282B17-FEEB-4530-BACA-C0BB19B8C9DC}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.whatisfear.com/
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{220FD8FC-C027-42FD-B2DE-1F9CEFA2BF73}\SupportTasks\1\Support.lnk -> hxxp://empireearth.sierra.com/support/
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{220FD8FC-C027-42FD-B2DE-1F9CEFA2BF73}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.empireearth.com/

ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://otnofes.ru/?utm_source=startlink03&utm_content=aa10ba6431e0e87e0974fde2390a003d&utm_term=49B2ECE1B9CAC212FCB225556D05D035&utm_d=20160717"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-12-28 15:30 - 2013-05-28 18:58 - 00454656 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-05-12 22:12 - 2016-06-18 23:40 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-08-09 05:50 - 2015-08-09 05:50 - 00404376 _____ () C:\Windows\system32\igfxTray.exe
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-01-06 21:43 - 2016-01-06 21:43 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-01-06 21:43 - 2016-01-06 21:43 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-12-28 17:56 - 2014-05-13 13:04 - 00109400 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-28 17:56 - 2014-05-13 13:04 - 00416600 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-28 17:56 - 2014-05-13 13:04 - 00167768 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-28 17:56 - 2012-08-23 11:38 - 00574840 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-28 17:56 - 2012-04-03 18:06 - 00565640 _____ () C:\Software und Programme\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-03-21 15:49 - 2016-03-21 15:49 - 00186368 _____ () C:\Windows\SysWOW64\GameManager32.dll
2015-12-28 17:13 - 2016-08-03 00:08 - 00785920 _____ () C:\Software und Programme\Steam\SDL2.dll
2015-12-28 17:13 - 2016-08-03 00:10 - 04962816 _____ () C:\Software und Programme\Steam\v8.dll
2015-12-28 17:13 - 2016-08-03 00:09 - 01556992 _____ () C:\Software und Programme\Steam\icui18n.dll
2015-12-28 17:13 - 2016-08-03 00:09 - 01187840 _____ () C:\Software und Programme\Steam\icuuc.dll
2015-12-28 17:13 - 2016-08-03 02:00 - 02320160 _____ () C:\Software und Programme\Steam\video.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 02549760 _____ () C:\Software und Programme\Steam\libavcodec-56.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 00442880 _____ () C:\Software und Programme\Steam\libavutil-54.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 00491008 _____ () C:\Software und Programme\Steam\libavformat-56.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 00332800 _____ () C:\Software und Programme\Steam\libavresample-2.dll
2015-12-28 17:13 - 2016-02-09 01:14 - 00485888 _____ () C:\Software und Programme\Steam\libswscale-3.dll
2015-12-28 17:13 - 2016-08-03 01:59 - 00831776 _____ () C:\Software und Programme\Steam\bin\chromehtml.DLL
2016-03-09 06:00 - 2016-07-07 00:00 - 00266560 _____ () C:\Software und Programme\Steam\openvr_api.dll
2016-05-06 19:27 - 2016-06-14 16:34 - 01016832 _____ () C:\Software und Programme\Origin\platforms\qwindows.dll
2016-05-06 19:27 - 2016-06-14 16:34 - 00028160 _____ () C:\Software und Programme\Origin\imageformats\qgif.dll
2016-05-06 19:27 - 2016-06-14 16:34 - 00029696 _____ () C:\Software und Programme\Origin\imageformats\qico.dll
2016-05-06 19:27 - 2016-06-14 16:34 - 00256000 _____ () C:\Software und Programme\Origin\imageformats\qjpeg.dll
2016-05-06 19:27 - 2016-06-14 16:34 - 00266240 _____ () C:\Software und Programme\Origin\imageformats\qmng.dll
2016-05-06 19:27 - 2016-06-14 16:34 - 00023552 _____ () C:\Software und Programme\Origin\imageformats\qtga.dll
2016-05-06 19:27 - 2016-06-14 16:34 - 00346112 _____ () C:\Software und Programme\Origin\imageformats\qtiff.dll
2016-05-06 19:27 - 2016-06-14 16:34 - 00023552 _____ () C:\Software und Programme\Origin\imageformats\qwbmp.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-10-21 22:29 - 2015-10-21 22:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-10-21 22:29 - 2015-10-21 22:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2015-06-27 01:09 - 2015-06-27 01:09 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2016-04-19 19:08 - 2016-04-19 19:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2015-12-28 17:13 - 2016-06-14 21:14 - 49826080 _____ () C:\Software und Programme\Steam\bin\libcef.dll
2015-12-28 15:25 - 2013-09-03 17:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-08-02 20:48 - 00450771 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15463 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 213.182.224.30 - 213.182.224.35
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{1EED9DB9-12D7-420E-9C77-79573EB73974}] => (Allow) C:\Software und Programme\Firefox\firefox.exe
FirewallRules: [{80BBF87A-7300-40AA-8319-AC29BFAA182A}] => (Allow) C:\Software und Programme\Firefox\firefox.exe
FirewallRules: [{17716CD1-C795-4DF2-912D-1399D0ABE89A}] => (Allow) C:\Software und Programme\Steam\Steam.exe
FirewallRules: [{5B2D54A4-8169-462B-B628-C65F1AE77295}] => (Allow) C:\Software und Programme\Steam\Steam.exe
FirewallRules: [{01FD1050-5152-4F7C-9BEB-FB2612D50A90}] => (Allow) C:\Software und Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A2CF660A-C38D-4A78-A6AC-A7C8DC0E4A09}] => (Allow) C:\Software und Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{6DB5B0C8-20F9-488C-8E28-987F3F4FB8C7}] => (Allow) E:\Games\Wargaming\WoT\WoTLauncher.exe
FirewallRules: [{65AD2E40-3776-41CF-9357-49A6095618B6}] => (Allow) E:\Games\Wargaming\WoT\WoTLauncher.exe
FirewallRules: [{AD6710A0-FDE4-40B3-874B-D66ABC878602}] => (Allow) E:\Games\Wargaming\WoT\worldoftanks.exe
FirewallRules: [{1387C918-1AB7-4B6A-8D75-D7EB22A9F9FC}] => (Allow) E:\Games\Wargaming\WoT\worldoftanks.exe
FirewallRules: [{96E743CF-4D25-4AC0-81EF-2E73D4B15736}] => (Allow) E:\Games\Wargaming\WoWs\WoWSLauncher.exe
FirewallRules: [{7D713567-F54E-4C6B-81EA-645131837C35}] => (Allow) E:\Games\Wargaming\WoWs\WoWSLauncher.exe
FirewallRules: [{CA2B6825-2EB7-44A7-A01D-92AAD29B676D}] => (Allow) E:\Games\Wargaming\WoWs\worldofwarships.exe
FirewallRules: [{3ACA64CC-AA9E-46C7-B05B-15B182C51F28}] => (Allow) E:\Games\Wargaming\WoWs\worldofwarships.exe
FirewallRules: [{CEF40CCD-EB95-40B5-845F-BDF6136BE5B2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{95E6C9A3-4CCC-4D9A-A14D-9F89C9D8F860}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{211A9728-A355-4FA0-9004-29BCE8C8684D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3365F15C-59CA-4269-81D2-BEFA227EE97B}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E5B7EB50-C309-4BA7-8525-807513F379D1}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{E8311E00-4606-4DEE-B29C-C750D9926EAC}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{F3B0696D-A825-44D7-B08E-510DDD582939}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{15547076-18B3-4B1D-BE8A-CACFE2A4FEBC}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{CACEC709-5BC0-4C4A-8E5B-592F69840CA9}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{47F8455E-BFB7-408C-9980-32AA8D19CACF}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{CF28802F-1875-475B-9114-D8BF099A47A9}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{3269D615-A67B-4597-B4CB-E57AE0C54922}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F0FD16A5-73B0-4A68-9E70-56A8876E2728}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{845AC523-8D94-4819-9221-57656D3E6345}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{542E7216-D412-44E3-A649-65A7E11820C2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B1EB418A-062C-4D54-9527-11101529A99A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{1853736B-B984-4F15-93F6-EB4A5DBF47AB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\HardReset\hardreset.exe
FirewallRules: [{6269FD08-6281-4659-911E-E6E74B45AF7A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\HardReset\hardreset.exe
FirewallRules: [{EE01E2F8-7C5E-4D3B-9975-0172B2F2DEE2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{F65A1934-F330-4E16-BF12-1CB5F7A5162F}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{3C101777-1205-4320-9A2D-8A996F2AC8F2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{C217900D-7739-4DEA-BF5C-1DB4C99BBFC0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{1B4C9756-C62A-4855-B98C-D4ED0C4673A4}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{A3850DBD-335E-4038-B3E8-DBA2485B8AAE}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{B1773C76-1007-45F8-A7FC-D27A19825ED2}] => (Allow) E:\Steam Spiele 1T\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{74B5FF5B-4FA9-4AB8-92BE-BE7025E85E3E}] => (Allow) E:\Steam Spiele 1T\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{BBBBA739-ABE1-4F54-978C-2D61792C17A0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{57D1CFFA-7EDF-4747-B2C0-E69A7B40165F}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{7B685A09-BE77-40F1-B453-0BA3DE7409AB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{0786B62D-412E-4786-B02A-2C51EC8044B0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{BBC01307-CEC3-4B58-8F39-70A47F76AE60}] => (Allow) E:\Steam Spiele 1T\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{0EE257A5-CBAF-49AA-8B34-5571552BD00E}] => (Allow) E:\Steam Spiele 1T\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{66047CC7-5598-4867-8A8F-2D4EBF7F8F16}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{B0ECCC85-8273-4312-B059-77D28F9F4E48}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{802764B7-6264-4717-B3B3-B46BF1AFC00C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\DeadCore\DeadCore.exe
FirewallRules: [{E6D9A2F3-2B06-42C9-B529-6BD7DCEDF6F8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\DeadCore\DeadCore.exe
FirewallRules: [{A2FF501A-D374-4837-BA30-E0471267C248}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{AD437B25-DDF4-4047-A14E-8FB813FD1A99}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A72C7073-7C48-4EEC-AEF1-6133A23C2794}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{22925672-91AB-4A60-9CBE-9B1DE517E02C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{8E354F53-8ADE-4B5E-8F3F-251C1F1BEF94}] => (Allow) E:\Steam Spiele 1T\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{C9F183CF-D725-4EA6-B1EC-CE4C8B27180D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{B3E0FF26-9870-4648-826A-D717D0053616}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{1350171F-D806-471B-9F6A-1A93918C453C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe
FirewallRules: [{49CDFA04-D033-40BF-A95C-9609520402FB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C942D818-7103-451B-84CA-C35CF9992C70}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{5B53A9EB-929A-44A2-915A-26EDD96B166A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{2C1AB0B1-F9C3-4847-B060-9B7B757EB8C1}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{340F18C2-3ADC-4731-915B-439F43453124}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{3888B4D8-DEAB-4FDB-BD80-72A16AE1A34D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Afterfall InSanity\Binaries\Win32\InSanity-Win32-Shipping.exe
FirewallRules: [{9D4FC308-70B8-436B-90CA-E41C2C932004}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{28F813E3-35EC-42A1-A707-D74CC05286B1}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{C7DF6B64-06F3-4A85-9E52-6E426032139E}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Red Orchestra\System\RedOrchestra.exe
FirewallRules: [{7CDD67DB-DD0B-4372-AF61-16E911520ECF}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Red Orchestra\System\RedOrchestra.exe
FirewallRules: [{FA9C4233-8DFA-4C4C-BD93-8B6988C03CAA}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Tom Clancy's HAWX 2 EMEA\HAWX2.exe
FirewallRules: [{5B55AEBA-1C60-40D3-AD81-B756B65EB9A8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Tom Clancy's HAWX 2 EMEA\HAWX2.exe
FirewallRules: [{0448B735-3F1C-47B9-9FCF-E1800982340B}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Tom Clancy's HAWX 2 EMEA\HAWX2_DX11.exe
FirewallRules: [{F198480E-E225-4748-9DB7-EBDCD4B60B13}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Tom Clancy's HAWX 2 EMEA\HAWX2_DX11.exe
FirewallRules: [{60CEF98F-F584-48CE-AE3C-46E111301D9A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{EA789F8C-4FBE-423F-8103-76A8C83B6F53}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{E08FA49A-8AD2-488B-B321-4BC5FD26E095}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame Airland Battle\WarGame2.exe
FirewallRules: [{D89607D5-3918-4671-8A28-EC94144E6FC4}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame Airland Battle\WarGame2.exe
FirewallRules: [{BBF27D55-C69F-4B0D-8BE5-FF219BE4BB02}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{7B2A51DF-6FDF-481B-8D7A-56431539F303}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{0803DFEF-9C13-45D5-8B1D-B054FD1D2D6A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\In Verbis Virtus\Binaries\Win32\IVV.exe
FirewallRules: [{435F7C7F-8D2C-4042-87F3-DE731486B3CF}] => (Allow) E:\Steam Spiele 1T\steamapps\common\In Verbis Virtus\Binaries\Win32\IVV.exe
FirewallRules: [{A146AD6C-9990-4C91-AC1D-4428AFB958F9}] => (Allow) C:\Software und Programme\Avira\Av\avgmfapx.exe
FirewallRules: [{3BDC44B8-823D-49F3-A33F-CADA9159499E}] => (Allow) C:\Software und Programme\Avira\Av\avgmfapx.exe
FirewallRules: [TCP Query User{AB7991B7-F87E-45DD-B35B-3FF0F9F08AE2}E:\steam spiele 1t\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Allow) E:\steam spiele 1t\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [UDP Query User{AEA18431-7AEF-41C0-8BD5-E6C6BD19CEA1}E:\steam spiele 1t\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Allow) E:\steam spiele 1t\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [TCP Query User{DA02C742-877D-43F7-834C-9D04807B80B5}E:\games\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) E:\games\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{6230BD8D-2061-4BF6-8E0F-58D94D0EC317}E:\games\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) E:\games\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{D297D779-1207-4BA3-A4C1-32E961C75FCB}C:\users\patrik biasi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\patrik biasi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E0CC898D-C1A9-40C8-A493-A186002A6208}C:\users\patrik biasi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\patrik biasi\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A3BE4D7B-BE66-439C-A20E-4D9DA89180AF}] => (Allow) E:\Steam Spiele 1T\steamapps\common\My Bones\My Bones.exe
FirewallRules: [{25F3AF93-D9F4-4AC7-95C1-A0B61F64489A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\My Bones\My Bones.exe
FirewallRules: [{291F5765-048B-44FE-B0F9-C5BC81EB27AC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Lost Crown\TheLostCrown.exe
FirewallRules: [{519CA0B8-028C-4AE2-B448-590429E4616C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Lost Crown\TheLostCrown.exe
FirewallRules: [{A9EFA679-790E-461F-9A5C-0DFCC6F13007}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Midnight Horror\Launcher.exe
FirewallRules: [{F9DE9681-42B7-4156-8DF8-4345F648B948}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Midnight Horror\Launcher.exe
FirewallRules: [{DB6F799D-E561-4198-A5B9-EB9401FFFC34}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{CD308190-459C-4875-82A7-5CC8B74F9337}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{86643908-7EBB-48C9-9A9A-A7297261C338}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Prototype 2\prototype2.exe
FirewallRules: [{CCA794E2-C3D7-49CE-BD14-C870F2EA4A3B}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Prototype 2\prototype2.exe
FirewallRules: [{C66A6E31-4852-4231-8987-1A5185ADC6AC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{7EA5F85D-B89C-492D-980D-5E13F01D28CD}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{D88C099B-4597-499F-8F74-D70795AAE22D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{F738F50E-6187-4441-8BE6-1803D6817551}] => (Allow) E:\Steam Spiele 1T\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{36B457DE-C2F5-47A8-A15B-EDBBF514379F}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{BC42FD0D-EEC9-4D5F-94C7-89D9D47B50A1}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe
FirewallRules: [{9B52BAF4-1998-46CD-BC35-56ABCB4FFF47}] => (Allow) E:\Steam Spiele 1T\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [{C79A83E0-7907-4B4A-8033-7B1325212D52}] => (Allow) E:\Steam Spiele 1T\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [{088A9301-BF8F-49DE-AB55-41E09B9FDD16}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{C39E4F19-B477-4F8A-96CA-2249AD919C88}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{9B39F168-71D7-4CD2-9806-AF11730CA5FB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Postal III\p3.exe
FirewallRules: [{91605AA2-AE37-4361-9BE1-0DD879A6003A}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Postal III\p3.exe
FirewallRules: [{94726EE5-7A95-4391-8BD0-DD18B97D9F2D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{9E103FD2-1B4A-4F88-B6B8-0820D3A7D439}] => (Allow) E:\Steam Spiele 1T\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{24108AE9-97CF-4A1F-A751-42AB1FBC88BB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{704124BE-39FA-4C66-8B92-B11FF923A520}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{C0EE6CFB-E7BE-40A5-AFD2-D266DAE4106D}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{767FF953-355B-4851-B669-477B6A784770}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{4F216842-2211-4B4E-8521-CF94D0B41F28}] => (Allow) E:\Steam Spiele 1T\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{60B2E2EF-9584-4464-863E-50425383F811}] => (Allow) E:\Steam Spiele 1T\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{A66E334D-D790-4A49-A114-9BD67F4E41D0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{0ED65D03-64EE-45A6-ACB5-B194480D8BDB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{6E85AC28-0BDA-40FC-99DA-3A93B1F9AB93}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{DC1ABB69-3B4C-4FD3-B888-F4DE5246C088}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{F7005104-E4AD-4269-89CC-22E98485CF4B}E:\games\empire earth\empire earth.exe] => (Block) E:\games\empire earth\empire earth.exe
FirewallRules: [UDP Query User{CB8391D9-3911-4EA6-A1DB-666E16716748}E:\games\empire earth\empire earth.exe] => (Block) E:\games\empire earth\empire earth.exe
FirewallRules: [{F36C4BDB-DF9B-449C-9702-367886A613E2}] => (Allow) E:\origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{1CD5C018-CAD6-471F-9BA0-AB4264AE4518}] => (Allow) E:\origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{0F6DEF06-5781-4013-9EB3-50A27610672F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FD4072A4-0B95-4D82-B13E-67E5A67B23AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9FC4C60A-20BD-40AC-93F7-518C2E6520F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E3E2E792-4255-49BB-84A4-4C17FF191E87}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A24C9B38-5071-4B5B-991E-EBAB82EC18EF}] => (Allow) E:\origin\Battlefield 3\bf3.exe
FirewallRules: [{CAE2FF73-FC9B-4772-A874-4743C26BB689}] => (Allow) E:\origin\Battlefield 3\bf3.exe
FirewallRules: [{C1A6E077-3A46-4AA2-ABA8-49A9A3A583FC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{A5493F6E-23A3-40D5-B8AB-33C9C20C5C55}] => (Allow) E:\Steam Spiele 1T\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{31B4D4EE-68DC-4784-A384-7C0FAA73E832}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Carrier Command Gaea Mission\carrier.exe
FirewallRules: [{30615F86-7F64-48D2-A9F1-5E73869D1955}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Carrier Command Gaea Mission\carrier.exe
FirewallRules: [{C123A1C9-2EF1-45E8-9E08-90880DF4448D}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Alternativa\ALTERNATIVA.exe
FirewallRules: [{3BCFD2EF-E1A9-4A40-82E8-DD31A2489E13}] => (Allow) C:\Software und Programme\Steam\steamapps\common\Alternativa\ALTERNATIVA.exe
FirewallRules: [{C15E395C-5D4C-490A-92C6-D6BA693D1995}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer.exe
FirewallRules: [{FC463429-20A1-416B-BBDB-CACE986EDDAD}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer.exe
FirewallRules: [{BA2348F2-5340-4ECD-AC69-18BE78D699D8}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{CDB01618-67DB-42F9-A234-CA0E50EBFF57}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{DF365F44-3D87-40B5-9A9A-71FD868C8953}] => (Allow) E:\origin\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{C98F6289-01CD-4932-AE53-63652118585D}] => (Allow) E:\origin\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{843168AB-4965-4653-BA5A-A3FB8DBC194A}] => (Allow) E:\origin\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{A42478CB-C315-4CE2-8922-8B8A39F25529}] => (Allow) E:\origin\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [TCP Query User{7712BE76-77DE-4CCA-ADE8-93DB74BDD520}E:\steam spiele 1t\steamapps\common\arma 3\arma3.exe] => (Block) E:\steam spiele 1t\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{C16277DB-74C0-44BC-BE43-63DAAA7150A3}E:\steam spiele 1t\steamapps\common\arma 3\arma3.exe] => (Block) E:\steam spiele 1t\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{49C2C175-EA3D-47DF-9D16-FA58C8D6227C}E:\steam spiele 1t\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Block) E:\steam spiele 1t\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{61C2E3EC-5918-4416-AD91-0F12560B9887}E:\steam spiele 1t\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Block) E:\steam spiele 1t\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{3B6BB865-D080-48A9-AACD-6C94845E1DB3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BE838703-9B1B-4AE7-8654-B398B4FD20DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{537C53B1-3EF3-453F-BFCE-ED39DF23C6CD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{64955B1B-9981-4D24-982C-1209C0119440}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5711F30B-3B4A-40DF-9961-FCDCBC0DFA5E}] => (Allow) E:\Uplaygames\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{E0553681-44C3-4328-9F2F-1A37C556308D}] => (Allow) E:\Uplaygames\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [TCP Query User{195AECA6-766E-48C7-8540-1BFABA58EE41}C:\software und programme\vlc\vlc.exe] => (Block) C:\software und programme\vlc\vlc.exe
FirewallRules: [UDP Query User{DC5B1059-57F8-478F-A5BC-99C27B7C4005}C:\software und programme\vlc\vlc.exe] => (Block) C:\software und programme\vlc\vlc.exe
FirewallRules: [TCP Query User{696203F6-DB5B-485D-8053-274077A099E8}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{5CEDB9C9-64FB-4F23-9CC9-743A803F21EB}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{9334486E-A082-4210-8936-74C9EBED4101}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{FD40F0CA-AFF5-414F-A043-26FCA76D2DCD}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{90431DCB-8710-4289-96E0-6765322A8C25}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{7AA1503B-F9B5-42FC-A808-F5EB52105740}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{6051CF6F-6969-490B-AC0A-E865C2E141F8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{36451A5D-8CB3-47B5-9F4B-44253C04D11E}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{1746728A-6240-471E-82C7-C7F9BE6EDE82}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{BD1BCA21-FABE-4207-976C-D7580A6A992A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{684A5EB9-CBF3-4963-8B4D-88AFAE7677AF}] => (Allow) E:\Uplaygames\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{01454A0F-0DFC-4CF3-8B12-E2F065AADD88}] => (Allow) E:\Uplaygames\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{F59986D0-3DF7-4D0D-A36C-D91BA185A753}] => (Allow) E:\Uplaygames\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{6882C1E3-0605-484C-BAE4-62669CDEBA84}] => (Allow) E:\Uplaygames\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{5442AAFD-38CE-4FD3-9861-C25FA03E2DD6}] => (Allow) E:\Uplaygames\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{EAEFEE0F-5ACA-4F5B-9A7F-07529E790C79}] => (Allow) E:\Uplaygames\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{EF272CCF-6476-430E-BB52-C433A4181372}] => (Allow) E:\Uplaygames\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{7ED1F057-311B-454A-A2AA-E50BB5FDFCB9}] => (Allow) E:\Uplaygames\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{1BE2FD0A-18C2-45BE-8B7E-342833983AE9}] => (Allow) E:\Steam Spiele 1T\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{D4AD3E98-8E0F-48F2-B3E7-9DF685B6EE76}] => (Allow) E:\Steam Spiele 1T\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{EBB39658-8847-4943-9335-63F398CBBFD9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EF7C8F2F-64D2-494E-B3CF-3F1190BF534C}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\eastindia.exe
FirewallRules: [{06B17213-D46B-4767-8511-10BA2FB303C8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\eastindia.exe
FirewallRules: [{43E388D0-D6FC-4C54-8A01-C15F9B4777D6}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\piratebay.exe
FirewallRules: [{7756F688-1C4E-498F-8EB1-CEAE700B5106}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\piratebay.exe
FirewallRules: [{690C93FD-0AF4-47DD-A521-B9347FEA9F31}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\privateer.exe
FirewallRules: [{6A95E5D0-836F-41D1-9B59-6822060C73FC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\privateer.exe
FirewallRules: [{B3B3D9A5-EA91-4156-A489-D5CE3AF2EBDD}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\trafalgar.exe
FirewallRules: [{7DCEBD85-5FFA-4A4C-AF9F-7E7862362868}] => (Allow) E:\Steam Spiele 1T\steamapps\common\East India Company Gold\trafalgar.exe
FirewallRules: [{E46218D1-83A6-45F9-9362-B1FBC0E0DCB0}] => (Allow) E:\Steam Spiele 1T\steamapps\common\AXYOS\Binaries\Win32\UDK.exe
FirewallRules: [{75AF9F84-64D0-4F9B-B1EB-D732FF491E06}] => (Allow) E:\Steam Spiele 1T\steamapps\common\AXYOS\Binaries\Win32\UDK.exe
FirewallRules: [{51BA7E16-4EF5-4A37-A7FF-1EB6468A1CFC}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{F9CBA728-4A0D-43C7-A5FF-081A4FD5D355}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{F6FA8E7C-8137-437E-A69B-CF5E4F33B060}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{3342DA9C-9B67-4DB1-909D-6C527A1106FE}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{31B878B2-4DA8-4DD9-B476-3A407647C421}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer.exe
FirewallRules: [{0FC25FCB-1694-48E9-9313-BD0CDE0AB262}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer.exe
FirewallRules: [{2FBB4429-11A9-4B69-B4C0-288C9947865F}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{3F020E4B-FE2A-467C-8077-3ADE9C80D6FF}] => (Allow) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
FirewallRules: [{7AA2743B-126C-44BF-9846-69A6E63835EB}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Shadwen\shadwen_launcher.exe
FirewallRules: [{2C1DE16A-18BE-4FA2-86E5-E091B48A35D1}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Shadwen\shadwen_launcher.exe
FirewallRules: [{B3F5B2D6-C20D-4262-BDEB-765687B1DD06}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{DD10B4F7-99BD-4B48-840B-933DC011B6F8}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{EC33B605-2B04-4E44-9775-E7AA2074B291}] => (Allow) E:\Steam Spiele 1T\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{E15461AE-B5E5-40F0-957C-13995726DF40}] => (Allow) E:\Steam Spiele 1T\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{65033EA9-F5DB-4671-85ED-78ACBF4361DF}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\2WSG.exe
FirewallRules: [{3DA56C9E-1D0B-4E1C-B70B-D65A7ED37BD9}] => (Allow) E:\Steam Spiele 1T\steamapps\common\Two Worlds - Epic Edition\2WSG.exe
FirewallRules: [{F4C6690C-5447-4DE8-A010-9F89FD1BBCDF}] => (Allow) E:\Steam Spiele 1T\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{FDD7FA88-B3FC-4231-A600-BB0B9A8C9600}] => (Allow) E:\Steam Spiele 1T\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{1D307BC6-B5D9-4515-9C20-DC3860CE7D0D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{8CBF1489-5AB3-410E-81A8-8671407DBA63}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{92A41103-1F6D-4A88-96AE-B92936AF7087}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{A0B19A89-8974-42D0-BADA-1DF03B8F1E41}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
StandardProfile\AuthorizedApplications: [C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

31-07-2016 13:38:43 Windows Update
02-08-2016 21:13:40 Datei in Quarantäne Ordner verschieben: ACP Application
02-08-2016 21:14:43 Datei in Quarantäne Ordner verschieben: Makes sure Spybot 2 is t
02-08-2016 22:18:34 Windows Update
02-08-2016 22:49:47 Windows-Sicherung
02-08-2016 22:50:43 Windows-Sicherung
05-08-2016 14:13:23 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/05/2016 06:10:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2016 02:06:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 10:38:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 10:23:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 10:22:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 09:35:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2016 05:49:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2016 11:47:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2016 08:52:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2016 08:56:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/05/2016 06:10:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ACP User Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.

Error: (08/05/2016 02:06:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (08/05/2016 02:05:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ACP User Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.

Error: (08/05/2016 02:04:28 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056 = Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (08/05/2016 02:03:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/05/2016 02:03:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/05/2016 02:03:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/05/2016 02:03:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/05/2016 02:03:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/05/2016 02:03:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Disc Soft Lite Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16229.08 MB
Verfügbarer physikalischer RAM: 12658.77 MB
Summe virtueller Speicher: 32472.34 MB
Verfügbarer virtueller Speicher: 28573.53 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:321.06 GB) NTFS
Drive d: () (Fixed) (Total:596.17 GB) (Free:350.73 GB) NTFS
Drive e: (Game) (Fixed) (Total:931.51 GB) (Free:173.66 GB) NTFS
Drive f: (BenQ_LCD) (CDROM) (Total:0.63 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 83E8814D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: D126AB61)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C4DEC4DE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

FRST: (kommt mir irgendwie sehr kurz vor)

Code:

ATTFilter

LastRegBack: 2016-07-27 00:35

==================== Ende von FRST.txt ============================

DarthSoul · 05.08.2016, 20:42

das hier schaut schon besser aus:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
durchgeführt von Patrik Biasi (Administrator) auf PATRIKBIASI-PC (05-08-2016 18:25:02)
Gestartet von C:\Users\Patrik Biasi\Desktop
Geladene Profile: Patrik Biasi (Verfügbare Profile: Patrik Biasi & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Software und Programme\Firefox\firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(LogMeIn Inc.) C:\Software und Programme\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Software und Programme\Hamachi\x64\LMIGuardianSvc.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe
(LogMeIn Inc.) C:\Software und Programme\Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Software und Programme\Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Software und Programme\Steam\Steam.exe
(Comfort Software Group) C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe
(Comfort Software Group) C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe
(Electronic Arts) C:\Software und Programme\Origin\Origin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe
(Disc Soft Ltd) C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) C:\Software und Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Software und Programme\Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (Der Dateneintrag hat 36 mehr Zeichen).
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-02] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Software und Programme\Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [Steam] => C:\Software und Programme\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [FreeAC] => C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe [3040160 2015-12-14] (Comfort Software Group)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Patrik Biasi\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [FreeCT] => C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-01-22] (Comfort Software Group)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [EADM] => C:\Software und Programme\Origin\Origin.exe [3639280 2016-06-14] (Electronic Arts)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day0] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day1] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day2] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day3] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day4] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day5] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day6] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: F - Explorer.exe monitor.htm
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {23e2be52-ad66-11e5-8fb6-806e6f6e6963} - F:\BG_Setup.exe
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {74f0b34d-ad62-11e5-b77d-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {a21bcf5b-badb-11e5-a30c-d050991556e3} - H:\AutoRun.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{06F93FA0-CEAF-43A9-B1E7-7C4215F83BF1}: [DhcpNameServer] 213.182.224.30 213.182.224.35

Internet Explorer:
==================
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?pc=UE07&ocid=UE07DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000 -> {685B9D74-F043-4DBE-913C-196B3BC984F7} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-12] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000 -> Kein Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Software und Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1232250440-3554339344-2704717973-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-07-16] ()
FF Extension: WhatsApp™ Messenger - C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279\Extensions\rt42fsdty645jIidD@jetpack.xpi [2016-07-31]
FF Extension: Adblock Plus - C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-30]
StartMenuInternet: FIREFOX.EXE - C:\Software und Programme\Firefox\firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://plarium.com/de/strategiespiele/sparta-war-of-empires/spiele/
CHR Profile: C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-21]
CHR Extension: (Google Docs) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-21]
CHR Extension: (Google Drive) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-21]
CHR Extension: (YouTube) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-21]
CHR Extension: (Google Tabellen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-21]
CHR Extension: (Google Docs Offline) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-21]
CHR Extension: (Google Mail) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-21]
CHR Extension: (Chrome Media Router) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-04-07] ()
R3 Disc Soft Lite Bus Service; C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Software und Programme\Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Software und Programme\Origin\OriginClientService.exe [2122248 2016-06-14] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-18] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [991248 2016-06-22] (Bitdefender)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SDScannerService; C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Software und Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Software und Programme\Teamviewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 amdacpusrsvc; "C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-03-21] (Advanced Micro Devices)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-12-28] (ASRock Incorporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-24] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 EnergyDriver; C:\Program Files\Intel\Power Gadget 3.0\EnergyDriver.sys [15952 2016-04-15] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-05] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 MpFilter; C:\Windows\system32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-05 18:20 - 2016-08-05 18:25 - 00020616 _____ C:\Users\Patrik Biasi\Desktop\FRST.txt
2016-08-05 18:19 - 2016-08-05 18:20 - 00000000 ____D C:\Users\Patrik Biasi\Desktop\frst
2016-08-05 18:16 - 2016-08-05 18:16 - 00002162 _____ C:\Users\Patrik Biasi\Desktop\mbam2.txt
2016-08-05 14:29 - 2016-08-05 14:29 - 00001205 _____ C:\Users\Patrik Biasi\Desktop\mbam.txt
2016-08-05 14:28 - 2016-08-05 14:28 - 00001205 _____ C:\Users\Patrik Biasi\Desktop\mbamfsdfsfsdf.txt
2016-08-05 14:19 - 2016-08-05 18:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-05 14:18 - 2016-08-05 14:18 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-08-05 14:18 - 2016-08-05 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-05 14:18 - 2016-08-05 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-05 14:18 - 2016-08-05 14:18 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-08-05 14:18 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-05 14:18 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-05 14:18 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-05 14:17 - 2016-08-05 14:18 - 22851472 _____ (Malwarebytes ) C:\Users\Patrik Biasi\Desktop\mbam-setup-2.2.1.1043.exe
2016-08-05 14:15 - 2016-08-05 14:15 - 00005190 _____ C:\Users\Patrik Biasi\Desktop\JRT.txt
2016-08-05 14:12 - 2016-08-05 14:12 - 01610560 _____ (Malwarebytes) C:\Users\Patrik Biasi\Desktop\JRT.exe
2016-08-05 14:00 - 2016-08-05 14:03 - 00000000 ____D C:\AdwCleaner
2016-08-05 14:00 - 2016-08-05 14:00 - 03712064 _____ C:\Users\Patrik Biasi\Desktop\AdwCleaner_5.201.exe
2016-08-03 22:36 - 2016-08-03 22:36 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Frontier Developments
2016-08-03 22:36 - 2016-08-03 22:36 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Frontier Developments
2016-08-03 21:14 - 2016-08-05 18:20 - 00072894 _____ C:\Users\Patrik Biasi\Desktop\Addition.txt
2016-08-03 21:13 - 2016-08-05 18:25 - 00000000 ____D C:\FRST
2016-08-03 21:12 - 2016-08-03 21:12 - 02393600 _____ (Farbar) C:\Users\Patrik Biasi\Desktop\FRST64.exe
2016-08-02 22:16 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 22:16 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 22:16 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-02 22:16 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-02 22:16 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-02 22:16 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-08-02 22:16 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-08-02 22:16 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-02 22:16 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-02 22:16 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-02 22:16 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-02 21:39 - 2016-08-02 21:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\Patrik Biasi\Downloads\HijackThis_2.0.5.exe
2016-08-02 21:17 - 2016-08-02 21:17 - 00002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-08-02 21:17 - 2016-08-02 21:17 - 00001912 _____ C:\Windows\epplauncher.mif
2016-08-02 21:17 - 2016-08-02 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-08-02 21:16 - 2016-08-02 21:17 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-08-02 21:11 - 2016-08-02 21:11 - 00001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00001145 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2016-07-31 22:22 - 2016-08-03 22:45 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Frontier_Developments
2016-07-31 22:09 - 2016-07-31 22:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\LocalLow\Brilliant Skies
2016-07-31 22:08 - 2016-07-31 22:11 - 00000000 ____D C:\Users\Patrik Biasi\Documents\From The Depths
2016-07-31 21:22 - 2016-07-31 21:23 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Shadwen
2016-07-31 17:51 - 2016-07-31 17:51 - 00000415 _____ C:\Users\Patrik Biasi\AppData\Roaminguser_gensett.xml
2016-07-31 13:38 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-31 13:38 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-31 13:38 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-31 13:38 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-31 13:38 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-31 13:38 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-31 13:38 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-31 13:38 - 2016-06-11 08:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-31 13:38 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-31 13:38 - 2016-06-10 23:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-31 13:38 - 2016-06-10 23:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-31 13:38 - 2016-06-10 23:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-31 13:38 - 2016-06-10 23:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-31 13:38 - 2016-06-10 23:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-31 13:38 - 2016-06-10 23:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-31 13:38 - 2016-06-10 23:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-31 13:38 - 2016-06-10 23:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-31 13:38 - 2016-06-10 23:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-31 13:38 - 2016-06-10 23:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-31 13:38 - 2016-06-10 23:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-31 13:38 - 2016-06-10 23:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-31 13:38 - 2016-06-10 23:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-31 13:38 - 2016-06-10 23:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-31 13:38 - 2016-06-10 23:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-31 13:38 - 2016-06-10 23:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-31 13:38 - 2016-06-10 22:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-31 13:38 - 2016-06-10 22:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-31 13:38 - 2016-06-10 22:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-31 13:38 - 2016-06-10 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-31 13:38 - 2016-06-10 22:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-31 13:38 - 2016-06-10 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-31 13:38 - 2016-06-10 22:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-31 13:38 - 2016-06-10 22:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-31 13:38 - 2016-06-10 22:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-31 13:38 - 2016-06-10 22:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-31 13:38 - 2016-06-10 22:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-31 13:38 - 2016-06-10 22:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-31 13:38 - 2016-06-10 22:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-31 13:38 - 2016-06-10 22:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-31 13:38 - 2016-06-10 21:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-31 13:38 - 2016-06-10 21:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-31 13:38 - 2016-06-10 21:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-31 13:38 - 2016-06-10 21:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-31 13:38 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-31 13:38 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-31 13:38 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-31 13:38 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-31 13:38 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-31 13:38 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-31 13:38 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-31 13:38 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-31 13:38 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-31 13:38 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-31 13:38 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-31 13:38 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-31 13:38 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-31 13:38 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-31 13:38 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-31 13:38 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-31 13:38 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-31 13:38 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-31 13:38 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-31 13:38 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-31 13:38 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-31 13:38 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-31 13:38 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-31 13:38 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-31 13:38 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-31 13:38 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-31 13:38 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-31 13:38 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-07-31 13:38 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-07-31 13:38 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-07-31 13:38 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-07-31 13:38 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-07-31 13:38 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-07-31 13:38 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-31 13:38 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-31 13:38 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-31 13:38 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-31 13:38 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-31 13:38 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-31 13:38 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-31 13:38 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-31 13:38 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-31 13:38 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-31 13:38 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-07-31 13:38 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-07-31 13:38 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-31 13:38 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-07-31 13:38 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-31 13:35 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-07-31 13:35 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-07-30 14:18 - 2016-07-30 14:18 - 00000000 ____D C:\Users\Patrik Biasi\Desktop\Alte Firefox-Daten
2016-07-28 23:52 - 2016-07-28 23:52 - 00001144 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-07-25 20:36 - 2016-07-25 20:36 - 00000000 ____D C:\Users\Patrik Biasi\Documents\East India Company
2016-07-25 17:00 - 2016-07-25 17:00 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\dvdcss
2016-07-24 11:13 - 2016-07-24 10:58 - 01461467 _____ C:\Users\Patrik Biasi\Desktop\worldedit-forge-mc1.7.10-6.1.1-dist.jar
2016-07-24 11:08 - 2016-08-03 22:26 - 00000996 _____ C:\Users\Patrik Biasi\Desktop\nativelog.txt
2016-07-24 10:53 - 2016-07-24 10:53 - 00000578 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-07-24 10:53 - 2016-07-24 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-07-23 03:31 - 2016-08-02 21:29 - 00003723 _____ C:\bdlog.txt
2016-07-23 03:31 - 2016-07-23 03:31 - 00000000 ____D C:\ProgramData\bdch
2016-07-22 21:10 - 2016-07-22 21:10 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2016-07-22 21:04 - 2016-07-22 21:04 - 00000000 ____D C:\ProgramData\BDLogging
2016-07-22 21:04 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2016-07-22 21:00 - 2016-07-22 21:00 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\PlaysTV
2016-07-22 20:59 - 2016-07-24 08:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-22 20:59 - 2016-07-24 08:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-22 20:58 - 2016-07-22 20:58 - 00000784 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-07-22 20:58 - 2016-07-22 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-07-22 20:53 - 2016-07-22 20:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PlaysTV
2016-07-22 20:52 - 2016-07-22 20:52 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\library_dir
2016-07-22 20:51 - 2016-07-22 20:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2016-07-21 16:00 - 2016-08-05 18:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-21 16:00 - 2016-08-05 18:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-21 16:00 - 2016-07-29 00:10 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-21 16:00 - 2016-07-29 00:10 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-21 16:00 - 2016-07-21 16:00 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-21 16:00 - 2016-07-21 16:00 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-17 18:46 - 2015-12-28 18:36 - 00450771 _____ C:\Windows\system32\Drivers\etc\hosts.20160717-184619.backup
2016-07-17 18:44 - 2016-07-17 18:44 - 00003640 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-07-17 18:42 - 2016-08-05 18:10 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-07-17 18:42 - 2016-07-17 18:42 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-07-17 18:40 - 2016-07-17 18:41 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\QuickScan
2016-07-17 18:14 - 2016-07-17 18:14 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Вoйти в Интeрнет
2016-07-17 18:09 - 2016-07-17 18:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Поиcк в Интeрнете
2016-07-17 14:36 - 2016-07-17 14:36 - 00000000 ____D C:\Users\Patrik Biasi\Documents\Mirrors Edge Catalyst
2016-07-17 14:02 - 2016-07-17 14:02 - 00000747 _____ C:\Users\Public\Desktop\Mirror's Edge™ Catalyst.lnk
2016-07-17 14:02 - 2016-07-17 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirror's Edge™ Catalyst
2016-07-17 07:48 - 2016-07-17 09:29 - 00000689 _____ C:\Users\Patrik Biasi\Desktop\hoi4 zoigsl.txt
2016-07-14 06:46 - 2016-07-14 06:46 - 00001150 _____ C:\Users\Patrik Biasi\Desktop\FarCry4 - Verknüpfung.lnk
2016-07-11 16:14 - 2016-07-11 16:14 - 00001618 _____ C:\Users\Patrik Biasi\Documents\PwrData_2016-7-11-16-14-52.csv
2016-07-11 16:13 - 2016-07-11 16:13 - 00003073 _____ C:\Users\Patrik Biasi\Desktop\Intel® Power Gadget 3.0.lnk
2016-07-11 16:13 - 2016-07-11 16:13 - 00003027 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Intel® Power Gadget 3.0.lnk
2016-07-10 21:33 - 2016-07-10 21:33 - 00000233 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4.url
2016-07-10 21:33 - 2016-07-10 21:33 - 00000233 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4 Map Editor.url
2016-07-10 16:37 - 2016-07-10 16:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-07-10 16:21 - 2016-07-10 16:21 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\BattlEye
2016-07-06 08:28 - 2015-12-28 18:36 - 00450771 _____ C:\Windows\system32\Drivers\etc\hosts.20160706-082807.backup

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-05 18:18 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-05 18:18 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-05 18:13 - 2015-12-29 13:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-05 18:12 - 2016-07-04 18:17 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Raptr
2016-08-05 18:11 - 2016-05-21 16:38 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\LogMeIn Hamachi
2016-08-05 18:11 - 2016-05-06 19:26 - 00000000 ____D C:\ProgramData\Origin
2016-08-05 18:10 - 2015-12-30 04:22 - 00000000 __SHD C:\Users\Patrik Biasi\IntelGraphicsProfiles
2016-08-05 18:09 - 2016-07-04 18:33 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-08-05 18:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-05 14:10 - 2016-07-04 18:18 - 00002029 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-08-05 11:00 - 2016-07-04 18:14 - 00000000 ____D C:\Program Files\AMD
2016-08-03 05:49 - 2015-12-29 13:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 01:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-08-02 22:20 - 2015-12-29 08:42 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 22:20 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 21:39 - 2015-12-28 15:03 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\VirtualStore
2016-08-02 19:01 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-01 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-31 17:48 - 2009-07-14 06:45 - 00296464 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-31 13:45 - 2015-12-29 04:49 - 00000000 ____D C:\Windows\system32\MRT
2016-07-31 13:41 - 2015-12-29 04:49 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-31 13:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-31 12:54 - 2016-03-13 01:18 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\.minecraft
2016-07-28 23:52 - 2016-01-10 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-07-28 23:52 - 2015-12-28 16:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-26 14:24 - 2010-11-21 05:27 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-25 17:01 - 2016-01-01 07:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\vlc
2016-07-25 17:01 - 2011-04-12 09:43 - 00700130 _____ C:\Windows\system32\perfh007.dat
2016-07-25 17:01 - 2011-04-12 09:43 - 00149768 _____ C:\Windows\system32\perfc007.dat
2016-07-25 17:01 - 2009-07-14 07:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 16:59 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-07-24 10:58 - 2016-07-04 22:38 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\AMD
2016-07-22 21:06 - 2015-12-29 13:23 - 00000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-07-22 21:06 - 2015-12-29 13:23 - 00000865 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-07-22 20:55 - 2016-01-10 17:42 - 00000000 ____D C:\ProgramData\Avira
2016-07-22 20:51 - 2016-06-30 16:53 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-22 20:51 - 2016-06-14 16:49 - 00000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2016-07-21 16:00 - 2015-12-28 19:14 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Google
2016-07-21 16:00 - 2015-12-28 19:14 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-20 15:44 - 2015-12-28 18:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-20 15:34 - 2015-12-28 15:34 - 00000000 ____D C:\Software und Programme
2016-07-20 15:34 - 2015-12-28 15:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-20 12:08 - 2016-06-14 05:31 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-07-17 18:18 - 2016-07-04 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-07-14 05:13 - 2015-12-29 13:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 05:13 - 2015-12-29 13:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 05:13 - 2015-12-29 13:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 05:13 - 2015-12-29 13:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 05:13 - 2015-12-29 13:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-14 00:17 - 2015-12-29 13:40 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-11 16:19 - 2016-03-21 00:01 - 00007596 _____ C:\Users\Patrik Biasi\AppData\Local\Resmon.ResmonCfg
2016-07-11 16:13 - 2015-12-28 15:22 - 00000000 ____D C:\Program Files\Intel
2016-07-11 00:07 - 2016-01-15 00:03 - 00000000 ____D C:\Users\Patrik Biasi\Documents\My Games
2016-07-11 00:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-07-10 21:13 - 2015-12-29 16:43 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\CrashDumps
2016-07-10 18:08 - 2016-01-09 19:12 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Turbine
2016-07-10 16:37 - 2015-12-28 16:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-10 16:16 - 2016-01-07 19:44 - 00000000 ____D C:\Users\Patrik Biasi\Documents\StarCraft II
2016-07-10 16:16 - 2016-01-06 18:11 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\SpaceEngineers
2016-07-10 16:16 - 2015-12-28 20:05 - 00000000 ____D C:\Users\Patrik Biasi\Documents\The Witcher 3
2016-07-10 16:15 - 2016-04-28 20:34 - 00000000 ____D C:\Users\Patrik Biasi\Documents\Arma 3

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-21 00:01 - 2016-07-11 16:19 - 0007596 _____ () C:\Users\Patrik Biasi\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Patrik Biasi\AppData\Local\Temp\avgnt.exe
C:\Users\Patrik Biasi\AppData\Local\Temp\jansi-64-4714379629118050537.dll
C:\Users\Patrik Biasi\AppData\Local\Temp\jansi-64-5678666299850086384.dll
C:\Users\Patrik Biasi\AppData\Local\Temp\libeay32.dll
C:\Users\Patrik Biasi\AppData\Local\Temp\msvcr120.dll
C:\Users\Patrik Biasi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-27 00:35

==================== Ende von FRST.txt ============================

Zitat:

Zitat von DarthSoul

das hier schaut schon besser aus:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
durchgeführt von Patrik Biasi (Administrator) auf PATRIKBIASI-PC (05-08-2016 18:25:02)
Gestartet von C:\Users\Patrik Biasi\Desktop
Geladene Profile: Patrik Biasi (Verfügbare Profile: Patrik Biasi & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Software und Programme\Firefox\firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(LogMeIn Inc.) C:\Software und Programme\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Software und Programme\Hamachi\x64\LMIGuardianSvc.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe
(LogMeIn Inc.) C:\Software und Programme\Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Software und Programme\Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Software und Programme\Steam\Steam.exe
(Comfort Software Group) C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe
(Comfort Software Group) C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe
(Electronic Arts) C:\Software und Programme\Origin\Origin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe
(Disc Soft Ltd) C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) C:\Software und Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Software und Programme\Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (Der Dateneintrag hat 36 mehr Zeichen).
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-02] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Software und Programme\Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [Steam] => C:\Software und Programme\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [FreeAC] => C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe [3040160 2015-12-14] (Comfort Software Group)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Patrik Biasi\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [FreeCT] => C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-01-22] (Comfort Software Group)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [EADM] => C:\Software und Programme\Origin\Origin.exe [3639280 2016-06-14] (Electronic Arts)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day0] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day1] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day2] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day3] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day4] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day5] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day6] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: F - Explorer.exe monitor.htm
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {23e2be52-ad66-11e5-8fb6-806e6f6e6963} - F:\BG_Setup.exe
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {74f0b34d-ad62-11e5-b77d-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {a21bcf5b-badb-11e5-a30c-d050991556e3} - H:\AutoRun.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{06F93FA0-CEAF-43A9-B1E7-7C4215F83BF1}: [DhcpNameServer] 213.182.224.30 213.182.224.35

Internet Explorer:
==================
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?pc=UE07&ocid=UE07DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000 -> {685B9D74-F043-4DBE-913C-196B3BC984F7} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-12] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000 -> Kein Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Software und Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1232250440-3554339344-2704717973-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-07-16] ()
FF Extension: WhatsApp™ Messenger - C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279\Extensions\rt42fsdty645jIidD@jetpack.xpi [2016-07-31]
FF Extension: Adblock Plus - C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-30]
StartMenuInternet: FIREFOX.EXE - C:\Software und Programme\Firefox\firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://plarium.com/de/strategiespiele/sparta-war-of-empires/spiele/
CHR Profile: C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-21]
CHR Extension: (Google Docs) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-21]
CHR Extension: (Google Drive) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-21]
CHR Extension: (YouTube) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-21]
CHR Extension: (Google Tabellen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-21]
CHR Extension: (Google Docs Offline) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-21]
CHR Extension: (Google Mail) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-21]
CHR Extension: (Chrome Media Router) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-04-07] ()
R3 Disc Soft Lite Bus Service; C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Software und Programme\Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Software und Programme\Origin\OriginClientService.exe [2122248 2016-06-14] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-18] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [991248 2016-06-22] (Bitdefender)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SDScannerService; C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Software und Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Software und Programme\Teamviewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 amdacpusrsvc; "C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-03-21] (Advanced Micro Devices)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-12-28] (ASRock Incorporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-24] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 EnergyDriver; C:\Program Files\Intel\Power Gadget 3.0\EnergyDriver.sys [15952 2016-04-15] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-05] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 MpFilter; C:\Windows\system32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-05 18:20 - 2016-08-05 18:25 - 00020616 _____ C:\Users\Patrik Biasi\Desktop\FRST.txt
2016-08-05 18:19 - 2016-08-05 18:20 - 00000000 ____D C:\Users\Patrik Biasi\Desktop\frst
2016-08-05 18:16 - 2016-08-05 18:16 - 00002162 _____ C:\Users\Patrik Biasi\Desktop\mbam2.txt
2016-08-05 14:29 - 2016-08-05 14:29 - 00001205 _____ C:\Users\Patrik Biasi\Desktop\mbam.txt
2016-08-05 14:28 - 2016-08-05 14:28 - 00001205 _____ C:\Users\Patrik Biasi\Desktop\mbamfsdfsfsdf.txt
2016-08-05 14:19 - 2016-08-05 18:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-05 14:18 - 2016-08-05 14:18 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-08-05 14:18 - 2016-08-05 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-05 14:18 - 2016-08-05 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-05 14:18 - 2016-08-05 14:18 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-08-05 14:18 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-05 14:18 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-05 14:18 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-05 14:17 - 2016-08-05 14:18 - 22851472 _____ (Malwarebytes ) C:\Users\Patrik Biasi\Desktop\mbam-setup-2.2.1.1043.exe
2016-08-05 14:15 - 2016-08-05 14:15 - 00005190 _____ C:\Users\Patrik Biasi\Desktop\JRT.txt
2016-08-05 14:12 - 2016-08-05 14:12 - 01610560 _____ (Malwarebytes) C:\Users\Patrik Biasi\Desktop\JRT.exe
2016-08-05 14:00 - 2016-08-05 14:03 - 00000000 ____D C:\AdwCleaner
2016-08-05 14:00 - 2016-08-05 14:00 - 03712064 _____ C:\Users\Patrik Biasi\Desktop\AdwCleaner_5.201.exe
2016-08-03 22:36 - 2016-08-03 22:36 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Frontier Developments
2016-08-03 22:36 - 2016-08-03 22:36 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Frontier Developments
2016-08-03 21:14 - 2016-08-05 18:20 - 00072894 _____ C:\Users\Patrik Biasi\Desktop\Addition.txt
2016-08-03 21:13 - 2016-08-05 18:25 - 00000000 ____D C:\FRST
2016-08-03 21:12 - 2016-08-03 21:12 - 02393600 _____ (Farbar) C:\Users\Patrik Biasi\Desktop\FRST64.exe
2016-08-02 22:16 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 22:16 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 22:16 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-02 22:16 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-02 22:16 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-02 22:16 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-08-02 22:16 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-08-02 22:16 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-02 22:16 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-02 22:16 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-02 22:16 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-02 21:39 - 2016-08-02 21:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\Patrik Biasi\Downloads\HijackThis_2.0.5.exe
2016-08-02 21:17 - 2016-08-02 21:17 - 00002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-08-02 21:17 - 2016-08-02 21:17 - 00001912 _____ C:\Windows\epplauncher.mif
2016-08-02 21:17 - 2016-08-02 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-08-02 21:16 - 2016-08-02 21:17 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-08-02 21:11 - 2016-08-02 21:11 - 00001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00001145 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2016-07-31 22:22 - 2016-08-03 22:45 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Frontier_Developments
2016-07-31 22:09 - 2016-07-31 22:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\LocalLow\Brilliant Skies
2016-07-31 22:08 - 2016-07-31 22:11 - 00000000 ____D C:\Users\Patrik Biasi\Documents\From The Depths
2016-07-31 21:22 - 2016-07-31 21:23 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Shadwen
2016-07-31 17:51 - 2016-07-31 17:51 - 00000415 _____ C:\Users\Patrik Biasi\AppData\Roaminguser_gensett.xml
2016-07-31 13:38 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-31 13:38 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-31 13:38 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-31 13:38 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-31 13:38 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-31 13:38 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-31 13:38 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-31 13:38 - 2016-06-11 08:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-31 13:38 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-31 13:38 - 2016-06-10 23:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-31 13:38 - 2016-06-10 23:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-31 13:38 - 2016-06-10 23:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-31 13:38 - 2016-06-10 23:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-31 13:38 - 2016-06-10 23:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-31 13:38 - 2016-06-10 23:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-31 13:38 - 2016-06-10 23:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-31 13:38 - 2016-06-10 23:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-31 13:38 - 2016-06-10 23:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-31 13:38 - 2016-06-10 23:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-31 13:38 - 2016-06-10 23:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-31 13:38 - 2016-06-10 23:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-31 13:38 - 2016-06-10 23:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-31 13:38 - 2016-06-10 23:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-31 13:38 - 2016-06-10 23:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-31 13:38 - 2016-06-10 23:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-31 13:38 - 2016-06-10 22:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-31 13:38 - 2016-06-10 22:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-31 13:38 - 2016-06-10 22:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-31 13:38 - 2016-06-10 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-31 13:38 - 2016-06-10 22:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-31 13:38 - 2016-06-10 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-31 13:38 - 2016-06-10 22:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-31 13:38 - 2016-06-10 22:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-31 13:38 - 2016-06-10 22:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-31 13:38 - 2016-06-10 22:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-31 13:38 - 2016-06-10 22:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-31 13:38 - 2016-06-10 22:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-31 13:38 - 2016-06-10 22:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-31 13:38 - 2016-06-10 22:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-31 13:38 - 2016-06-10 21:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-31 13:38 - 2016-06-10 21:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-31 13:38 - 2016-06-10 21:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-31 13:38 - 2016-06-10 21:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-31 13:38 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-31 13:38 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-31 13:38 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-31 13:38 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-31 13:38 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-31 13:38 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-31 13:38 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-31 13:38 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-31 13:38 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-31 13:38 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-31 13:38 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-31 13:38 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-31 13:38 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-31 13:38 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-31 13:38 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-31 13:38 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-31 13:38 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-31 13:38 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-31 13:38 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-31 13:38 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-31 13:38 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-31 13:38 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-31 13:38 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-31 13:38 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-31 13:38 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-31 13:38 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-31 13:38 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-31 13:38 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-07-31 13:38 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-07-31 13:38 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-07-31 13:38 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-07-31 13:38 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-07-31 13:38 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-07-31 13:38 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-31 13:38 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-31 13:38 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-31 13:38 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-31 13:38 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-31 13:38 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-31 13:38 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-31 13:38 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-31 13:38 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-31 13:38 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-31 13:38 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-07-31 13:38 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-07-31 13:38 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-31 13:38 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-07-31 13:38 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-31 13:35 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-07-31 13:35 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-07-30 14:18 - 2016-07-30 14:18 - 00000000 ____D C:\Users\Patrik Biasi\Desktop\Alte Firefox-Daten
2016-07-28 23:52 - 2016-07-28 23:52 - 00001144 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-07-25 20:36 - 2016-07-25 20:36 - 00000000 ____D C:\Users\Patrik Biasi\Documents\East India Company
2016-07-25 17:00 - 2016-07-25 17:00 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\dvdcss
2016-07-24 11:13 - 2016-07-24 10:58 - 01461467 _____ C:\Users\Patrik Biasi\Desktop\worldedit-forge-mc1.7.10-6.1.1-dist.jar
2016-07-24 11:08 - 2016-08-03 22:26 - 00000996 _____ C:\Users\Patrik Biasi\Desktop\nativelog.txt
2016-07-24 10:53 - 2016-07-24 10:53 - 00000578 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-07-24 10:53 - 2016-07-24 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-07-23 03:31 - 2016-08-02 21:29 - 00003723 _____ C:\bdlog.txt
2016-07-23 03:31 - 2016-07-23 03:31 - 00000000 ____D C:\ProgramData\bdch
2016-07-22 21:10 - 2016-07-22 21:10 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2016-07-22 21:04 - 2016-07-22 21:04 - 00000000 ____D C:\ProgramData\BDLogging
2016-07-22 21:04 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2016-07-22 21:00 - 2016-07-22 21:00 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\PlaysTV
2016-07-22 20:59 - 2016-07-24 08:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-22 20:59 - 2016-07-24 08:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-22 20:58 - 2016-07-22 20:58 - 00000784 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-07-22 20:58 - 2016-07-22 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-07-22 20:53 - 2016-07-22 20:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PlaysTV
2016-07-22 20:52 - 2016-07-22 20:52 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\library_dir
2016-07-22 20:51 - 2016-07-22 20:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2016-07-21 16:00 - 2016-08-05 18:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-21 16:00 - 2016-08-05 18:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-21 16:00 - 2016-07-29 00:10 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-21 16:00 - 2016-07-29 00:10 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-21 16:00 - 2016-07-21 16:00 - 00002269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-21 16:00 - 2016-07-21 16:00 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-17 18:46 - 2015-12-28 18:36 - 00450771 _____ C:\Windows\system32\Drivers\etc\hosts.20160717-184619.backup
2016-07-17 18:44 - 2016-07-17 18:44 - 00003640 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-07-17 18:42 - 2016-08-05 18:10 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-07-17 18:42 - 2016-07-17 18:42 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-07-17 18:40 - 2016-07-17 18:41 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\QuickScan
2016-07-17 18:14 - 2016-07-17 18:14 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Вoйти в Интeрнет
2016-07-17 18:09 - 2016-07-17 18:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Поиcк в Интeрнете
2016-07-17 14:36 - 2016-07-17 14:36 - 00000000 ____D C:\Users\Patrik Biasi\Documents\Mirrors Edge Catalyst
2016-07-17 14:02 - 2016-07-17 14:02 - 00000747 _____ C:\Users\Public\Desktop\Mirror's Edge™ Catalyst.lnk
2016-07-17 14:02 - 2016-07-17 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirror's Edge™ Catalyst
2016-07-17 07:48 - 2016-07-17 09:29 - 00000689 _____ C:\Users\Patrik Biasi\Desktop\hoi4 zoigsl.txt
2016-07-14 06:46 - 2016-07-14 06:46 - 00001150 _____ C:\Users\Patrik Biasi\Desktop\FarCry4 - Verknüpfung.lnk
2016-07-11 16:14 - 2016-07-11 16:14 - 00001618 _____ C:\Users\Patrik Biasi\Documents\PwrData_2016-7-11-16-14-52.csv
2016-07-11 16:13 - 2016-07-11 16:13 - 00003073 _____ C:\Users\Patrik Biasi\Desktop\Intel® Power Gadget 3.0.lnk
2016-07-11 16:13 - 2016-07-11 16:13 - 00003027 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Intel® Power Gadget 3.0.lnk
2016-07-10 21:33 - 2016-07-10 21:33 - 00000233 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4.url
2016-07-10 21:33 - 2016-07-10 21:33 - 00000233 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4 Map Editor.url
2016-07-10 16:37 - 2016-07-10 16:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-07-10 16:21 - 2016-07-10 16:21 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\BattlEye
2016-07-06 08:28 - 2015-12-28 18:36 - 00450771 _____ C:\Windows\system32\Drivers\etc\hosts.20160706-082807.backup

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-05 18:18 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-05 18:18 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-05 18:13 - 2015-12-29 13:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-05 18:12 - 2016-07-04 18:17 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Raptr
2016-08-05 18:11 - 2016-05-21 16:38 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\LogMeIn Hamachi
2016-08-05 18:11 - 2016-05-06 19:26 - 00000000 ____D C:\ProgramData\Origin
2016-08-05 18:10 - 2015-12-30 04:22 - 00000000 __SHD C:\Users\Patrik Biasi\IntelGraphicsProfiles
2016-08-05 18:09 - 2016-07-04 18:33 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-08-05 18:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-05 14:10 - 2016-07-04 18:18 - 00002029 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-08-05 11:00 - 2016-07-04 18:14 - 00000000 ____D C:\Program Files\AMD
2016-08-03 05:49 - 2015-12-29 13:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 01:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-08-02 22:20 - 2015-12-29 08:42 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 22:20 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 21:39 - 2015-12-28 15:03 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\VirtualStore
2016-08-02 19:01 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-01 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-31 17:48 - 2009-07-14 06:45 - 00296464 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-31 13:45 - 2015-12-29 04:49 - 00000000 ____D C:\Windows\system32\MRT
2016-07-31 13:41 - 2015-12-29 04:49 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-31 13:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-31 12:54 - 2016-03-13 01:18 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\.minecraft
2016-07-28 23:52 - 2016-01-10 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-07-28 23:52 - 2015-12-28 16:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-26 14:24 - 2010-11-21 05:27 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-25 17:01 - 2016-01-01 07:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\vlc
2016-07-25 17:01 - 2011-04-12 09:43 - 00700130 _____ C:\Windows\system32\perfh007.dat
2016-07-25 17:01 - 2011-04-12 09:43 - 00149768 _____ C:\Windows\system32\perfc007.dat
2016-07-25 17:01 - 2009-07-14 07:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 16:59 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-07-24 10:58 - 2016-07-04 22:38 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\AMD
2016-07-22 21:06 - 2015-12-29 13:23 - 00000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-07-22 21:06 - 2015-12-29 13:23 - 00000865 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-07-22 20:55 - 2016-01-10 17:42 - 00000000 ____D C:\ProgramData\Avira
2016-07-22 20:51 - 2016-06-30 16:53 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-22 20:51 - 2016-06-14 16:49 - 00000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2016-07-21 16:00 - 2015-12-28 19:14 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Google
2016-07-21 16:00 - 2015-12-28 19:14 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-20 15:44 - 2015-12-28 18:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-20 15:34 - 2015-12-28 15:34 - 00000000 ____D C:\Software und Programme
2016-07-20 15:34 - 2015-12-28 15:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-20 12:08 - 2016-06-14 05:31 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-07-17 18:18 - 2016-07-04 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-07-14 05:13 - 2015-12-29 13:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 05:13 - 2015-12-29 13:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 05:13 - 2015-12-29 13:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 05:13 - 2015-12-29 13:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 05:13 - 2015-12-29 13:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-14 00:17 - 2015-12-29 13:40 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-11 16:19 - 2016-03-21 00:01 - 00007596 _____ C:\Users\Patrik Biasi\AppData\Local\Resmon.ResmonCfg
2016-07-11 16:13 - 2015-12-28 15:22 - 00000000 ____D C:\Program Files\Intel
2016-07-11 00:07 - 2016-01-15 00:03 - 00000000 ____D C:\Users\Patrik Biasi\Documents\My Games
2016-07-11 00:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-07-10 21:13 - 2015-12-29 16:43 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\CrashDumps
2016-07-10 18:08 - 2016-01-09 19:12 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Turbine
2016-07-10 16:37 - 2015-12-28 16:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-10 16:16 - 2016-01-07 19:44 - 00000000 ____D C:\Users\Patrik Biasi\Documents\StarCraft II
2016-07-10 16:16 - 2016-01-06 18:11 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\SpaceEngineers
2016-07-10 16:16 - 2015-12-28 20:05 - 00000000 ____D C:\Users\Patrik Biasi\Documents\The Witcher 3
2016-07-10 16:15 - 2016-04-28 20:34 - 00000000 ____D C:\Users\Patrik Biasi\Documents\Arma 3

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-21 00:01 - 2016-07-11 16:19 - 0007596 _____ () C:\Users\Patrik Biasi\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Patrik Biasi\AppData\Local\Temp\avgnt.exe
C:\Users\Patrik Biasi\AppData\Local\Temp\jansi-64-4714379629118050537.dll
C:\Users\Patrik Biasi\AppData\Local\Temp\jansi-64-5678666299850086384.dll
C:\Users\Patrik Biasi\AppData\Local\Temp\libeay32.dll
C:\Users\Patrik Biasi\AppData\Local\Temp\msvcr120.dll
C:\Users\Patrik Biasi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-27 00:35

==================== Ende von FRST.txt ============================

---
nachtrag:
internet läuft mometan tadellos, cpu ist auch weniger ausgelastet als vorher (rund 6%), ram dafür etwas mehr (26%)
hab firefox mit noscript ergänzt

welcher virenscanner ist zu empfehlen?
ich dachte daran mir kaspersky oder mbam zu kaufen. weis noch nicht genau
bitdefender soll auch recht gut sein

was haltet ihr von spybot?

hab auch noch den gedanken mir ne hardware firewall / router zuzulegen. mometan hab ich nur modem vom internetanbieter und das ist für mich nicht zugänglich

Warlord711 · 08.08.2016, 09:30

Ok, so gehts weiter:
Schritt 1
Achtung ! Rechner startet neu !

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

emptytemp:
reboot:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Zitat:

welcher virenscanner ist zu empfehlen?
ich dachte daran mir kaspersky oder mbam zu kaufen. weis noch nicht genau
bitdefender soll auch recht gut sein

MBAM ist kein Virenscanner, sondern ein "On-Demand" Systemscanner. Die Pro-Variante kann etwas mehr bzw. scannt "geplant", die Free Variante muss dazu "ermutigt" werden.

Kaspersky, Bitdefender <- nichts dagegen auszusetzen.

Es gibt zudem nen Angebot für TB-User: http://www.trojaner-board.de/166031-...-produkte.html

Spybot besser durch Malwarebytes ersetzen.

DarthSoul · 08.08.2016, 21:28

FRST Fixlog:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-08-2016
durchgeführt von Patrik Biasi (2016-08-08 18:03:15) Run:1
Gestartet von C:\Users\Patrik Biasi\Desktop
Geladene Profile: Patrik Biasi (Verfügbare Profile: Patrik Biasi & Administrator)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
emptytemp:
reboot:
         
*****************


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 67155595 B
Java, Flash, Steam htmlcache => 50129358 B
Windows/system/drivers => 924396 B
Edge => 0 B
Chrome => 120146931 B
Firefox => 380587983 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558540 B
systemprofile32 => 275686 B
LocalService => 66228 B
NetworkService => 811292 B
Patrik Biasi => 30831080 B
Administrator => 568114 B

RecycleBin => 0 B
EmptyTemp: => 685.2 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:04:51 ====

Security Check
Checkup:

Code:

ATTFilter

 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Java 8 Update 73  
 Java version 32-bit out of Date! 
 Adobe Flash Player 22.0.0.209  
 Mozilla Firefox (43.0.2) 
 Google Chrome (52.0.2743.82) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Spybot Teatimer.exe is disabled! 
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Bitdefender Agent ProductAgentService.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4a1e1c9b3e34c14eacfe4698dc0a0c45
# end=init
# utc_time=2016-08-08 04:18:32
# local_time=2016-08-08 06:18:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 30360
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4a1e1c9b3e34c14eacfe4698dc0a0c45
# end=updated
# utc_time=2016-08-08 04:20:22
# local_time=2016-08-08 06:20:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4a1e1c9b3e34c14eacfe4698dc0a0c45
# engine=30360
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-08-08 07:57:15
# local_time=2016-08-08 09:57:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 520807 93673829 0 0
# scanned=733689
# found=6
# cleaned=0
# scan_time=13013
sh=107A6CBA290CE512F1181EE42493AF562CC7C949 ft=1 fh=d3a5e6f1b2c4673e vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Patrik Daten\Downloads\LogMeIn Hamachi - CHIP-Installer.exe"
sh=86DC7897FC7A314658E7C27BD4801B1AC1F41231 ft=0 fh=0000000000000000 vn="LNK/Agent.CJ Trojaner" ac=I fn="C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\Ð’oÐ¹Ñ‚Ð¸ Ð² Ð˜Ð½Ñ‚eÑ€Ð½eÑ‚.lnk"
sh=2BBC152D14BEB1691114A5908471FB75C79EFD47 ft=1 fh=2daf445944ad5a77 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\Patrik Daten\Downloads\HijackThis - CHIP-Installer.exe"
sh=107A6CBA290CE512F1181EE42493AF562CC7C949 ft=1 fh=d3a5e6f1b2c4673e vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\Patrik Daten\Downloads\LogMeIn Hamachi - CHIP-Installer.exe"
sh=343570A1A27E0E7F07064DB317232E033E4873C3 ft=0 fh=0000000000000000 vn="LNK/Agent.CJ Trojaner" ac=I fn="D:\PATRIKBIASI-PC\Backup Set 2016-08-02 225041\Backup Files 2016-08-02 225041\Backup files 29.zip"
sh=05931AD378D829E49ECE416BFAD2A80F4ADECC09 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\PATRIKBIASI-PC\Backup Set 2016-08-02 225041\Backup Files 2016-08-02 225041\Backup files 4.zip"

Warlord711 · 09.08.2016, 09:12

Mach mal bitte einen neuen FRST Scan und setz den Haken bei Shortcuts.txt, poste mir dann bitte das FRST.txt und das Shortcuts.txt

DarthSoul · 09.08.2016, 16:57

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2016
durchgeführt von Patrik Biasi (Administrator) auf PATRIKBIASI-PC (09-08-2016 17:55:21)
Gestartet von C:\Users\Patrik Biasi\Desktop
Geladene Profile: Patrik Biasi (Verfügbare Profile: Patrik Biasi & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Software und Programme\Firefox\firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Software und Programme\Teamviewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(LogMeIn Inc.) C:\Software und Programme\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Software und Programme\Hamachi\x64\LMIGuardianSvc.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Software und Programme\Steam\Steam.exe
(Comfort Software Group) C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe
(Comfort Software Group) C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe
(LogMeIn Inc.) C:\Software und Programme\Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(LogMeIn, Inc.) C:\Software und Programme\Hamachi\LMIGuardianSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Safer-Networking Ltd.) C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Disc Soft Ltd) C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Valve Corporation) C:\Software und Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Valve Corporation) C:\Software und Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Software und Programme\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Software und Programme\Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (Der Dateneintrag hat 36 mehr Zeichen).
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-05] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Software und Programme\Hamachi\hamachi-2-ui.exe [5565960 2016-07-20] (LogMeIn Inc.)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [Steam] => C:\Software und Programme\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [FreeAC] => C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe [3040160 2015-12-14] (Comfort Software Group)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Patrik Biasi\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\Run: [FreeCT] => C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-01-22] (Comfort Software Group)
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day0] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day1] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day2] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day3] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day4] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day5] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\RunOnce: [AsrOMG_Day6] => [X]
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: F - Explorer.exe monitor.htm
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {23e2be52-ad66-11e5-8fb6-806e6f6e6963} - F:\BG_Setup.exe
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {74f0b34d-ad62-11e5-b77d-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\...\MountPoints2: {a21bcf5b-badb-11e5-a30c-d050991556e3} - H:\AutoRun.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.182.224.30 213.182.224.35
Tcpip\..\Interfaces\{06F93FA0-CEAF-43A9-B1E7-7C4215F83BF1}: [DhcpNameServer] 213.182.224.30 213.182.224.35

Internet Explorer:
==================
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-1232250440-3554339344-2704717973-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?pc=UE07&ocid=UE07DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000 -> {685B9D74-F043-4DBE-913C-196B3BC984F7} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-12] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1232250440-3554339344-2704717973-1000 -> Kein Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Software und Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1232250440-3554339344-2704717973-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-07-16] ()
FF Extension: NoScript - C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-05]
FF Extension: WhatsApp™ Messenger - C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279\Extensions\rt42fsdty645jIidD@jetpack.xpi [2016-08-05]
FF Extension: Adblock Plus - C:\Users\Patrik Biasi\AppData\Roaming\Mozilla\Firefox\Profiles\70khzavf.default-1469881115279\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-30]
StartMenuInternet: FIREFOX.EXE - C:\Software und Programme\Firefox\firefox.exe

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://plarium.com/de/strategiespiele/sparta-war-of-empires/spiele/
CHR Profile: C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-21]
CHR Extension: (Google Docs) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-21]
CHR Extension: (Google Drive) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-21]
CHR Extension: (YouTube) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-21]
CHR Extension: (Google Tabellen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-21]
CHR Extension: (Google Docs Offline) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-21]
CHR Extension: (Google Mail) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-21]
CHR Extension: (Chrome Media Router) - C:\Users\Patrik Biasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-04-07] ()
R3 Disc Soft Lite Bus Service; C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Software und Programme\Hamachi\x64\hamachi-2.exe [2554376 2016-07-20] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Software und Programme\Origin\OriginClientService.exe [2122248 2016-06-14] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-18] ()
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [991248 2016-06-22] (Bitdefender)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SDScannerService; C:\Software und Programme\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Software und Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Software und Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Software und Programme\Teamviewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 amdacpusrsvc; "C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-03-21] (Advanced Micro Devices)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-12-28] (ASRock Incorporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-24] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 EnergyDriver; C:\Program Files\Intel\Power Gadget 3.0\EnergyDriver.sys [15952 2016-04-15] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-09] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-09 17:55 - 2016-08-09 17:55 - 00000000 ____D C:\Users\Patrik Biasi\Desktop\FRST-OlderVersion
2016-08-08 22:24 - 2016-08-08 22:24 - 00001544 _____ C:\Users\Patrik Biasi\Desktop\eset.txt
2016-08-08 18:09 - 2016-08-08 18:09 - 00852720 _____ C:\Users\Patrik Biasi\Desktop\SecurityCheck.exe
2016-08-08 18:03 - 2016-08-08 18:04 - 00001195 _____ C:\Users\Patrik Biasi\Desktop\Fixlog.txt
2016-08-05 18:20 - 2016-08-09 17:55 - 00021607 _____ C:\Users\Patrik Biasi\Desktop\FRST.txt
2016-08-05 18:19 - 2016-08-05 18:20 - 00000000 ____D C:\Users\Patrik Biasi\Desktop\frst
2016-08-05 18:16 - 2016-08-05 18:16 - 00002162 _____ C:\Users\Patrik Biasi\Desktop\mbam2.txt
2016-08-05 14:29 - 2016-08-05 14:29 - 00001205 _____ C:\Users\Patrik Biasi\Desktop\mbam.txt
2016-08-05 14:28 - 2016-08-05 14:28 - 00001205 _____ C:\Users\Patrik Biasi\Desktop\mbamfsdfsfsdf.txt
2016-08-05 14:19 - 2016-08-09 17:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-05 14:18 - 2016-08-05 14:18 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-08-05 14:18 - 2016-08-05 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-05 14:18 - 2016-08-05 14:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-05 14:18 - 2016-08-05 14:18 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-08-05 14:18 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-05 14:18 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-05 14:18 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-05 14:17 - 2016-08-05 14:18 - 22851472 _____ (Malwarebytes ) C:\Users\Patrik Biasi\Desktop\mbam-setup-2.2.1.1043.exe
2016-08-05 14:15 - 2016-08-05 14:15 - 00005190 _____ C:\Users\Patrik Biasi\Desktop\JRT.txt
2016-08-05 14:12 - 2016-08-05 14:12 - 01610560 _____ (Malwarebytes) C:\Users\Patrik Biasi\Desktop\JRT.exe
2016-08-05 14:00 - 2016-08-05 14:03 - 00000000 ____D C:\AdwCleaner
2016-08-05 14:00 - 2016-08-05 14:00 - 03712064 _____ C:\Users\Patrik Biasi\Desktop\AdwCleaner_5.201.exe
2016-08-03 22:36 - 2016-08-03 22:36 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Frontier Developments
2016-08-03 22:36 - 2016-08-03 22:36 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Frontier Developments
2016-08-03 21:14 - 2016-08-05 18:20 - 00072894 _____ C:\Users\Patrik Biasi\Desktop\Addition.txt
2016-08-03 21:13 - 2016-08-09 17:55 - 00000000 ____D C:\FRST
2016-08-03 21:12 - 2016-08-09 17:55 - 02393600 _____ (Farbar) C:\Users\Patrik Biasi\Desktop\FRST64.exe
2016-08-02 22:16 - 2016-06-26 02:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-02 22:16 - 2016-06-26 02:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-02 22:16 - 2016-06-22 15:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-02 22:16 - 2016-06-17 20:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-02 22:16 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-02 22:16 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-02 22:16 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-08-02 22:16 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-08-02 22:16 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-08-02 22:16 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-08-02 22:16 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-02 22:16 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-02 22:16 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-02 22:16 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-02 21:39 - 2016-08-02 21:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\Patrik Biasi\Downloads\HijackThis_2.0.5.exe
2016-08-02 21:17 - 2016-08-02 21:17 - 00002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-08-02 21:17 - 2016-08-02 21:17 - 00001912 _____ C:\Windows\epplauncher.mif
2016-08-02 21:17 - 2016-08-02 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-08-02 21:16 - 2016-08-02 21:17 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-08-02 21:11 - 2016-08-02 21:11 - 00001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00001145 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2016-08-02 21:11 - 2016-08-02 21:11 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2016-07-31 22:22 - 2016-08-03 22:45 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Frontier_Developments
2016-07-31 22:09 - 2016-07-31 22:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\LocalLow\Brilliant Skies
2016-07-31 22:08 - 2016-07-31 22:11 - 00000000 ____D C:\Users\Patrik Biasi\Documents\From The Depths
2016-07-31 21:22 - 2016-07-31 21:23 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Shadwen
2016-07-31 17:51 - 2016-07-31 17:51 - 00000415 _____ C:\Users\Patrik Biasi\AppData\Roaminguser_gensett.xml
2016-07-31 13:38 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-31 13:38 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-31 13:38 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-31 13:38 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-31 13:38 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-31 13:38 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-31 13:38 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-31 13:38 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-31 13:38 - 2016-06-11 08:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-31 13:38 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-31 13:38 - 2016-06-10 23:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-31 13:38 - 2016-06-10 23:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-31 13:38 - 2016-06-10 23:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-31 13:38 - 2016-06-10 23:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-31 13:38 - 2016-06-10 23:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-31 13:38 - 2016-06-10 23:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-31 13:38 - 2016-06-10 23:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-31 13:38 - 2016-06-10 23:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-31 13:38 - 2016-06-10 23:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-31 13:38 - 2016-06-10 23:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-31 13:38 - 2016-06-10 23:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-31 13:38 - 2016-06-10 23:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-31 13:38 - 2016-06-10 23:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-31 13:38 - 2016-06-10 23:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-31 13:38 - 2016-06-10 23:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-31 13:38 - 2016-06-10 23:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-31 13:38 - 2016-06-10 22:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-31 13:38 - 2016-06-10 22:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-31 13:38 - 2016-06-10 22:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-31 13:38 - 2016-06-10 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-31 13:38 - 2016-06-10 22:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-31 13:38 - 2016-06-10 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-31 13:38 - 2016-06-10 22:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-31 13:38 - 2016-06-10 22:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-31 13:38 - 2016-06-10 22:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-31 13:38 - 2016-06-10 22:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-31 13:38 - 2016-06-10 22:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-31 13:38 - 2016-06-10 22:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-31 13:38 - 2016-06-10 22:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-31 13:38 - 2016-06-10 22:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-31 13:38 - 2016-06-10 21:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-31 13:38 - 2016-06-10 21:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-31 13:38 - 2016-06-10 21:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-31 13:38 - 2016-06-10 21:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-31 13:38 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-31 13:38 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-31 13:38 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-31 13:38 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-31 13:38 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-31 13:38 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-31 13:38 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-31 13:38 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-31 13:38 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-31 13:38 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-31 13:38 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-31 13:38 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-31 13:38 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-31 13:38 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-31 13:38 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-31 13:38 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-31 13:38 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-31 13:38 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-31 13:38 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-31 13:38 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-31 13:38 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-31 13:38 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-31 13:38 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-31 13:38 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-31 13:38 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-31 13:38 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-31 13:38 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-31 13:38 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-31 13:38 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-07-31 13:38 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-07-31 13:38 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-07-31 13:38 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-07-31 13:38 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-07-31 13:38 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-07-31 13:38 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-07-31 13:38 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-31 13:38 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-31 13:38 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-31 13:38 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-07-31 13:38 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-31 13:38 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-31 13:38 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-31 13:38 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-31 13:38 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-31 13:38 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-31 13:38 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-31 13:38 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-31 13:38 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-31 13:38 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-07-31 13:38 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-07-31 13:38 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-07-31 13:38 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-07-31 13:38 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-07-31 13:38 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-07-31 13:38 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-07-31 13:38 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-07-31 13:35 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-07-31 13:35 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-07-30 14:18 - 2016-07-30 14:18 - 00000000 ____D C:\Users\Patrik Biasi\Desktop\Alte Firefox-Daten
2016-07-28 23:52 - 2016-07-28 23:52 - 00001144 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-07-25 20:36 - 2016-07-25 20:36 - 00000000 ____D C:\Users\Patrik Biasi\Documents\East India Company
2016-07-25 17:00 - 2016-07-25 17:00 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\dvdcss
2016-07-24 11:13 - 2016-07-24 10:58 - 01461467 _____ C:\Users\Patrik Biasi\Desktop\worldedit-forge-mc1.7.10-6.1.1-dist.jar
2016-07-24 11:08 - 2016-08-06 11:49 - 00000996 _____ C:\Users\Patrik Biasi\Desktop\nativelog.txt
2016-07-24 10:53 - 2016-07-24 10:53 - 00000578 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-07-24 10:53 - 2016-07-24 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-07-23 03:31 - 2016-08-02 21:29 - 00003723 _____ C:\bdlog.txt
2016-07-23 03:31 - 2016-07-23 03:31 - 00000000 ____D C:\ProgramData\bdch
2016-07-22 21:10 - 2016-07-22 21:10 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2016-07-22 21:04 - 2016-07-22 21:04 - 00000000 ____D C:\ProgramData\BDLogging
2016-07-22 21:04 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2016-07-22 21:00 - 2016-07-22 21:00 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\PlaysTV
2016-07-22 20:59 - 2016-07-24 08:48 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-07-22 20:59 - 2016-07-24 08:48 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-07-22 20:58 - 2016-07-22 20:58 - 00000784 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-07-22 20:58 - 2016-07-22 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-07-22 20:53 - 2016-07-22 20:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PlaysTV
2016-07-22 20:52 - 2016-07-22 20:52 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\library_dir
2016-07-22 20:51 - 2016-07-22 20:53 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2016-07-21 16:00 - 2016-08-09 17:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-21 16:00 - 2016-08-09 00:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-21 16:00 - 2016-08-08 22:16 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-21 16:00 - 2016-08-08 22:16 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-21 16:00 - 2016-07-29 00:10 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-21 16:00 - 2016-07-29 00:10 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-17 18:46 - 2015-12-28 18:36 - 00450771 _____ C:\Windows\system32\Drivers\etc\hosts.20160717-184619.backup
2016-07-17 18:44 - 2016-07-17 18:44 - 00003640 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-07-17 18:42 - 2016-08-09 17:06 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-07-17 18:42 - 2016-07-17 18:42 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-07-17 18:40 - 2016-07-17 18:41 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\QuickScan
2016-07-17 18:14 - 2016-07-17 18:14 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Вoйти в Интeрнет
2016-07-17 18:09 - 2016-07-17 18:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Поиcк в Интeрнете
2016-07-17 14:36 - 2016-07-17 14:36 - 00000000 ____D C:\Users\Patrik Biasi\Documents\Mirrors Edge Catalyst
2016-07-17 14:02 - 2016-07-17 14:02 - 00000747 _____ C:\Users\Public\Desktop\Mirror's Edge™ Catalyst.lnk
2016-07-17 14:02 - 2016-07-17 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirror's Edge™ Catalyst
2016-07-17 07:48 - 2016-07-17 09:29 - 00000689 _____ C:\Users\Patrik Biasi\Desktop\hoi4 zoigsl.txt
2016-07-14 06:46 - 2016-07-14 06:46 - 00001150 _____ C:\Users\Patrik Biasi\Desktop\FarCry4 - Verknüpfung.lnk
2016-07-11 16:14 - 2016-07-11 16:14 - 00001618 _____ C:\Users\Patrik Biasi\Documents\PwrData_2016-7-11-16-14-52.csv
2016-07-11 16:13 - 2016-07-11 16:13 - 00003073 _____ C:\Users\Patrik Biasi\Desktop\Intel® Power Gadget 3.0.lnk
2016-07-11 16:13 - 2016-07-11 16:13 - 00003027 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Intel® Power Gadget 3.0.lnk
2016-07-10 21:33 - 2016-07-10 21:33 - 00000233 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4.url
2016-07-10 21:33 - 2016-07-10 21:33 - 00000233 _____ C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4 Map Editor.url
2016-07-10 16:37 - 2016-07-10 16:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-07-10 16:21 - 2016-07-10 16:21 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\BattlEye

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-09 17:13 - 2015-12-29 13:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-09 06:08 - 2016-07-04 18:17 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\Raptr
2016-08-08 18:15 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-08 18:15 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-08 18:07 - 2016-05-21 16:38 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\LogMeIn Hamachi
2016-08-08 18:07 - 2015-12-30 04:22 - 00000000 __SHD C:\Users\Patrik Biasi\IntelGraphicsProfiles
2016-08-08 18:05 - 2016-07-04 18:33 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-08-08 18:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-08 18:02 - 2016-07-04 18:18 - 00002029 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-08-05 23:49 - 2016-03-13 01:18 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\.minecraft
2016-08-05 23:08 - 2016-03-21 00:01 - 00007596 _____ C:\Users\Patrik Biasi\AppData\Local\Resmon.ResmonCfg
2016-08-05 22:55 - 2016-05-06 19:26 - 00000000 ____D C:\ProgramData\Origin
2016-08-05 11:00 - 2016-07-04 18:14 - 00000000 ____D C:\Program Files\AMD
2016-08-03 05:49 - 2015-12-29 13:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 01:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-08-02 22:20 - 2015-12-29 08:42 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-02 22:20 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-02 21:39 - 2015-12-28 15:03 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\VirtualStore
2016-08-02 19:01 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-01 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-31 17:48 - 2009-07-14 06:45 - 00296464 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-31 13:45 - 2015-12-29 04:49 - 00000000 ____D C:\Windows\system32\MRT
2016-07-31 13:41 - 2015-12-29 04:49 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-31 13:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-28 23:52 - 2016-01-10 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-07-28 23:52 - 2015-12-28 16:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-26 14:24 - 2010-11-21 05:27 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-25 17:01 - 2016-01-01 07:09 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\vlc
2016-07-25 17:01 - 2011-04-12 09:43 - 00700130 _____ C:\Windows\system32\perfh007.dat
2016-07-25 17:01 - 2011-04-12 09:43 - 00149768 _____ C:\Windows\system32\perfc007.dat
2016-07-25 17:01 - 2009-07-14 07:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 16:59 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-07-24 10:58 - 2016-07-04 22:38 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\AMD
2016-07-22 21:06 - 2015-12-29 13:23 - 00000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-07-22 21:06 - 2015-12-29 13:23 - 00000865 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-07-22 20:55 - 2016-01-10 17:42 - 00000000 ____D C:\ProgramData\Avira
2016-07-22 20:51 - 2016-06-30 16:53 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-22 20:51 - 2016-06-14 16:49 - 00000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2016-07-21 16:00 - 2015-12-28 19:14 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Google
2016-07-21 16:00 - 2015-12-28 19:14 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-20 15:44 - 2015-12-28 18:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-07-20 15:34 - 2015-12-28 15:34 - 00000000 ____D C:\Software und Programme
2016-07-20 15:34 - 2015-12-28 15:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-20 12:08 - 2016-06-14 05:31 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-07-17 18:18 - 2016-07-04 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-07-14 05:13 - 2015-12-29 13:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 05:13 - 2015-12-29 13:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 05:13 - 2015-12-29 13:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 05:13 - 2015-12-29 13:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 05:13 - 2015-12-29 13:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-14 00:17 - 2015-12-29 13:40 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-11 16:13 - 2015-12-28 15:22 - 00000000 ____D C:\Program Files\Intel
2016-07-11 00:07 - 2016-01-15 00:03 - 00000000 ____D C:\Users\Patrik Biasi\Documents\My Games
2016-07-11 00:07 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-07-10 21:13 - 2015-12-29 16:43 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\CrashDumps
2016-07-10 18:08 - 2016-01-09 19:12 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Local\Turbine
2016-07-10 16:37 - 2015-12-28 16:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-10 16:16 - 2016-01-07 19:44 - 00000000 ____D C:\Users\Patrik Biasi\Documents\StarCraft II
2016-07-10 16:16 - 2016-01-06 18:11 - 00000000 ____D C:\Users\Patrik Biasi\AppData\Roaming\SpaceEngineers
2016-07-10 16:16 - 2015-12-28 20:05 - 00000000 ____D C:\Users\Patrik Biasi\Documents\The Witcher 3
2016-07-10 16:15 - 2016-04-28 20:34 - 00000000 ____D C:\Users\Patrik Biasi\Documents\Arma 3

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-21 00:01 - 2016-08-05 23:08 - 0007596 _____ () C:\Users\Patrik Biasi\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-27 00:35

==================== Ende von FRST.txt ============================

DarthSoul · 09.08.2016, 16:58

Shortcut:

Code:

ATTFilter

Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 09-08-2016
durchgeführt von Patrik Biasi (2016-08-09 17:56:22)
Gestartet von C:\Users\Patrik Biasi\Desktop
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)



Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{EC282B17-FEEB-4530-BACA-C0BB19B8C9DC}\SupportTasks\1\Support.lnk -> hxxp://www.support.vugames.com/
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{EC282B17-FEEB-4530-BACA-C0BB19B8C9DC}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.whatisfear.com/
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{220FD8FC-C027-42FD-B2DE-1F9CEFA2BF73}\SupportTasks\1\Support.lnk -> hxxp://empireearth.sierra.com/support/
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{220FD8FC-C027-42FD-B2DE-1F9CEFA2BF73}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.empireearth.com/


Shortcut: C:\Users\Administrator\Links\Desktop.lnk -> C:\Users\Administrator\Desktop ()
Shortcut: C:\Users\Administrator\Links\Downloads.lnk -> C:\Users\Administrator\Downloads ()
Shortcut: C:\Users\Administrator\Links\RecentPlaces.lnk -> L ᐁ  À  䘀                         耟穭⊇㞡䘚낑�깚馼 ć 	ꀀz 匱卐뜥䟯ယ怂麌곫1 
 ἀ က 娀甀氀攀琀稀琀 戀攀猀甀挀栀琀 ⴀ Ѐ   
 Systemordner     匱卐檦⡣锽ᇒ횵쀀�퀘e  ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀　ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀        
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk -> C:\Software und Programme\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk -> C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> C:\Software und Programme\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Software und Programme\Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk -> C:\Program Files (x86)\Security Task Manager\TaskMan.exe (Neuber Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk -> C:\Program Files (x86)\Security Task Manager\SpyProtector.exe (Neuber Software - www.neuber.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk -> C:\Software und Programme\Teamviewer\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships\World of Warships entfernen.lnk -> E:\Games\Wargaming\WoWs\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships\World of Warships.lnk -> E:\Games\Wargaming\WoWs\WoWSLauncher.exe (Wargaming.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\Letzte Updates.lnk -> E:\Games\Wargaming\WoT\readme.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\Offizielle Website.lnk -> E:\Games\Wargaming\WoT\website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\Panzerkunde.lnk -> E:\Games\Wargaming\WoT\wiki.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\Spielanleitung.lnk -> E:\Games\Wargaming\WoT\game_manual.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\World of Tanks entfernen.lnk -> E:\Games\Wargaming\WoT\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\World of Tanks.lnk -> E:\Games\Wargaming\WoT\WoTLauncher.exe (Wargaming.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Software und Programme\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Software und Programme\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Software und Programme\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Software und Programme\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1\Demos\vulkaninfo.lnk -> C:\Program Files (x86)\VulkanRT\1.0.3.1\vulkaninfo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1\Demos\vulkaninfo32.lnk -> C:\Program Files (x86)\VulkanRT\1.0.3.1\vulkaninfo32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0\Demos\vulkaninfo.lnk -> C:\Program Files (x86)\VulkanRT\1.0.3.0\vulkaninfo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0\Demos\vulkaninfo32.lnk -> C:\Program Files (x86)\VulkanRT\1.0.3.0\vulkaninfo32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Software und Programme\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Software und Programme\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Software und Programme\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Software und Programme\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbine\Der Herr der Ringe Online\Der Herr der Ringe Online deinstallieren.lnk -> E:\Games\Lotro\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbine\Der Herr der Ringe Online\Der Herr der Ringe Online.lnk -> E:\Games\Lotro\TurbineInvoker.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Software und Programme\TS3\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Software und Programme\TS3\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Software und Programme\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II.lnk -> E:\Games\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Create System Report.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDLogReport.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\File Scan.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDFiles.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Immunization.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Rootkit Scan.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDRootAlyzer.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\System Scan.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr\Raptr.lnk -> C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe (Raptr, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Help.lnk -> E:\Games\Postal 2\Help.htm (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Play Postal 2 Share The Pain (Safe Mode).lnk -> E:\Games\Postal 2\System\Postal2.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Play Postal 2 Share The Pain.lnk -> E:\Games\Postal 2\System\Postal2.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Postal 2 Share The Pain Editor.lnk -> E:\Games\Postal 2\System\UnrealEd.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Advanced\Edit my Postal2.ini file.lnk -> E:\games\Postal 2\System\Postal2.ini (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Advanced\Open folder where Postal 2 is installed.lnk -> E:\Games\Postal 2 (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Deinstallieren von Origin.lnk -> C:\Software und Programme\Origin\OriginUninstall.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk -> C:\Software und Programme\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Software und Programme\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager\Nexus Mod Manager entfernen.lnk -> E:\NMM\Nexus Mod Manager\uninstall\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager\Nexus Mod Manager.lnk -> E:\NMM\Nexus Mod Manager\NexusClient.exe (Black Tree Gaming)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Editor Free\Music Editor Free.lnk -> C:\Software und Programme\Music Editor Free\MusicEditorFree.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Editor Free\Uninstall.lnk -> C:\Software und Programme\Music Editor Free\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirror's Edge™ Catalyst\Kundendienst.lnk -> E:\origin\Mirrors Edge Catalyst\Support\EA Help\Kundendienst.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirror's Edge™ Catalyst\Mirror's Edge™ Catalyst Endbenutzer-Lizenzvertrag.lnk -> E:\origin\Mirrors Edge Catalyst\Support\eula\de_DE_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirror's Edge™ Catalyst\Mirror's Edge™ Catalyst.lnk -> E:\origin\Mirrors Edge Catalyst\MirrorsEdgeCatalyst.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> E:\Games\MinecraftLauncher.exe (Mojang)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace\Games for Windows Marketplace.lnk -> C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Software und Programme\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Gaming Software 8.78.lnk -> C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Management Engine Components\Intel(R) Management and Security Status.lnk -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Battlefield 3™.lnk -> 0x4C0000000114020000000000C0000000000000468500000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000360014001F80DF8F22EDA89E704883B196B02CFE0D5220000000474653492873C4475D6D71499365E648DC349621000000000000000000000E0042006100740074006C0065006600690065006C00640020003300222128000000090000A01C00000031535053E28A5846BC4C3843BBFC139326986DCE000000000000000000000000
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -> C:\Program Files\Microsoft Games\Chess\Chess.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Crysis®3.lnk -> 0x4C0000000114020000000000C0000000000000468500000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000360014001F80DF8F22EDA89E704883B196B02CFE0D522000000047465349EF8F926B629CE945B11CA8BC0A6FB8CE000000000000000000000800430072007900730069007300AE00330028000000090000A01C00000031535053E28A5846BC4C3843BBFC139326986DCE000000000000000000000000
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FarCry 4.lnk -> 0x4C0000000114020000000000C0000000000000468500000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000360014001F80DF8F22EDA89E704883B196B02CFE0D522000000047465349B067302A833C444E890B7D6AA78E6E620000000000000000000008004600610072004300720079002000340028000000090000A01C00000031535053E28A5846BC4C3843BBFC139326986DCE000000000000000000000000
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk -> C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk -> C:\Windows\System32\gameux.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Games for Windows Marketplace.lnk -> 0x4C0000000114020000000000C0000000000000468500000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000360014001F80DF8F22EDA89E704883B196B02CFE0D522000000047465349FA5080C2D0FABA49B3E5ACF8FF988940000000000000000000001D00470061006D0065007300200066006F0072002000570069006E0064006F007700730020004D00610072006B006500740070006C0061006300650028000000090000A01C00000031535053E28A5846BC4C3843BBFC139326986DCE000000000000000000000000
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk -> C:\Program Files\Microsoft Games\Hearts\Hearts.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -> C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -> C:\Program Files\Microsoft Games\Multiplayer\Checkers\chkrzm.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -> C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -> C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk -> C:\Program Files\Microsoft Games\Minesweeper\Minesweeper.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from Microsoft.lnk -> C:\Program Files\Microsoft Games\More Games\MoreGames.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Purble Place.lnk -> C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk -> C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk -> C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\The Lord of the Rings Online™.lnk -> 0x4C0000000114020000000000C0000000000000468500000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000360014001F80DF8F22EDA89E704883B196B02CFE0D5220000000474653498CC7EE7F47E384448A18F714393BCDF2000000000000000000003A0154006800650020004C006F007200640020006F00660020007400680065002000520069006E006700730020004F006E006C0069006E00650022212000690073002000740068006500200077006F0072006C00640027007300200066006900720073007400200061006E00640020006F006E006C00790020004D004D004F00470020006200610073006500640020006F006E00200074006800650020006C006900740065007200610072007900200077006F0072006B00730020006F00660020004A002E0052002E0052002E00200054006F006C006B00690065006E002E00200050006C00610079006500720073002000630061006E00200065007800700065007200690065006E0063006500200074006800650020006D006F00730074002000660061006D006F00750073002000660061006E007400610073007900200077006F0072006C00640020006F006600200061006C006C002000740069006D0065002C0020006500780070006C006F00720069006E006700200061006E006400200061006400760065006E0074007500720069006E00670020007400680065006900720020006800650072006F006500730020007400680072006F007500670068002000740068006500200076006100730074002000720065006100630068006500730020006F00660020004D006900640064006C0065002D0065006100720074006800200069006E002000740068006500200066006900670068007400200061006700610069006E00730074002000740068006500200066006F00720063006500730020006F006600200074006800650020004400610072006B0020004C006F0072006400200053006100750072006F006E002E0028000000090000A01C00000031535053E28A5846BC4C3843BBFC139326986DCE000000000000000000000000
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Watch_Dogs.lnk -> 0x4C0000000114020000000000C0000000000000468500000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000360014001F80DF8F22EDA89E704883B196B02CFE0D522000000047465349156B5517B6EF954F9C33E4550BB458AB000000000000000000002D00450056004500520059005400480049004E004700200049005300200043004F004E004E004500430054004500440020001320200043004F004E004E0045004300540049004F004E00200049005300200050004F0057004500520028000000090000A01C00000031535053E28A5846BC4C3843BBFC139326986DCE000000000000000000000000
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Countdown Timer\Free Countdown Timer entfernen.lnk -> C:\Software und Programme\FreeCountdownTimer\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Countdown Timer\Free Countdown Timer im Internet.lnk -> C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Countdown Timer\Free Countdown Timer.lnk -> C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe (Comfort Software Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock\Free Alarm Clock entfernen.lnk -> C:\Software und Programme\Alarm Clock\FreeAlarmClock\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock\Free Alarm Clock im Internet.lnk -> C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock\Free Alarm Clock.lnk -> C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Der Bahngigant\Der Bahngigant entfernen.lnk -> E:\Games\Der Bahngigant\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Der Bahngigant\Der Bahngigant.lnk -> E:\Games\Der Bahngigant\ATrain9.exe (株式会社アートディンク)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Der Bahngigant\Konfiguration.lnk -> E:\Games\Der Bahngigant\ATrain9Config.exe (株式会社アートディンク)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DTLauncher.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3\Crysis 3 Endbenutzer-Lizenzvertrag.lnk -> E:\origin\Crysis 3\Support\eula\de_DE_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3\Crysis 3.lnk -> E:\origin\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3\Kundendienst.lnk -> E:\origin\Crysis 3\Support\EA Help\Kundendienst.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3\Readme.lnk -> E:\origin\Crysis 3\Support\readme\readme.de.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine 6.5 (32-bit).lnk -> C:\Software und Programme\Cheat Engine 6.5\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine 6.5 (64-bit).lnk -> C:\Software und Programme\Cheat Engine 6.5\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine 6.5.lnk -> C:\Software und Programme\Cheat Engine 6.5\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine help.lnk -> C:\Software und Programme\Cheat Engine 6.5\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine tutorial (64-bit).lnk -> C:\Software und Programme\Cheat Engine 6.5\Tutorial-x86_64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Cheat Engine tutorial.lnk -> C:\Software und Programme\Cheat Engine 6.5\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Reset settings.lnk -> C:\Software und Programme\Cheat Engine 6.5\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Uninstall Cheat Engine.lnk -> C:\Software und Programme\Cheat Engine 6.5\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\Kernel stuff\Unload kernel module.lnk -> C:\Software und Programme\Cheat Engine 6.5\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Battlefield 3.lnk -> E:\origin\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\EA-EULA.lnk -> E:\origin\Battlefield 3\Support\eula\de_DE_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Kundendienst.lnk -> E:\origin\Battlefield 3\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Readme.lnk -> E:\origin\Battlefield 3\Support\readme\readme.de.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Software und Programme\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility\A-Tuning\A-Tuning.lnk -> C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\ATuning.exe (ASRock Incorporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility\A-Tuning\Uninstall A-Tuning.lnk -> C:\Program Files (x86)\ASRock Utility\A-Tuning\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE\ArtMoney Manual.lnk -> C:\Software und Programme\Artmoney\ArtMoney\Help\english.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE\ArtMoney SE v7.44.lnk -> C:\Software und Programme\Artmoney\ArtMoney\am744.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE\Online Registration.lnk -> C:\Software und Programme\Artmoney\ArtMoney\register.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE\Visit ArtMoney Site.lnk -> C:\Software und Programme\Artmoney\ArtMoney\artmoney744.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Media Center\Media Center Programs\The Lord of the Rings Online.lnk -> E:\Games\Lotro\mce.mcl ()
Shortcut: C:\ProgramData\Microsoft\Internet Explorer\Quick Launch\Spybot-S&D Start Center.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Internet Explorer\Quick Launch\System Scan.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\Links\Desktop.lnk -> C:\Users\Patrik Biasi\Desktop ()
Shortcut: C:\Users\Patrik Biasi\Links\Downloads.lnk -> C:\Users\Patrik Biasi\Downloads ()
Shortcut: C:\Users\Patrik Biasi\Links\Patrik Daten.lnk -> C:\Patrik Daten ()
Shortcut: C:\Users\Patrik Biasi\Links\RecentPlaces.lnk -> L ᐁ  À  䘀                         耟穭⊇㞡䘚낑�깚馼 ć 	ꀀz 匱卐뜥䟯ယ怂麌곫1 
 ἀ က 娀甀氀攀琀稀琀 戀攀猀甀挀栀琀 ⴀ Ѐ   
 Systemordner     匱卐檦⡣锽ᇒ횵쀀�퀘e  ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀　ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀        
Shortcut: C:\Users\Patrik Biasi\Documents\StarCraft II\DarthSoul_796@2.lnk -> C:\Users\Patrik Biasi\Documents\StarCraft II\Accounts\416153065\2-S2-1-6182179 ()
Shortcut: C:\Users\Patrik Biasi\Desktop\Cheat Engine.lnk -> C:\Software und Programme\Cheat Engine 6.5\Cheat Engine.exe ()
Shortcut: C:\Users\Patrik Biasi\Desktop\Der Bahngigant.lnk -> E:\Games\Der Bahngigant\ATrain9.exe (株式会社アートディンク)
Shortcut: C:\Users\Patrik Biasi\Desktop\Der Herr der Ringe Online.lnk -> E:\Games\Lotro\TurbineInvoker.exe ()
Shortcut: C:\Users\Patrik Biasi\Desktop\Empire Earth - Verknüpfung.lnk -> E:\Games\Empire Earth\Empire Earth.exe ()
Shortcut: C:\Users\Patrik Biasi\Desktop\Intel® Power Gadget 3.0.lnk -> C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Installer\{AAFAAB45-753C-4402-A23D-3F0EA9A750EC}\_00D0D890E699AFD1C72A3F.exe ()
Shortcut: C:\Users\Patrik Biasi\Desktop\Music Editor Free.lnk -> C:\Software und Programme\Music Editor Free\MusicEditorFree.exe ()
Shortcut: C:\Users\Patrik Biasi\Desktop\Start Tor Browser.lnk -> D:\TOR\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Patrik Biasi\Desktop\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Patrik Biasi\Desktop\YandereSimJune21st - Verknüpfung.lnk -> C:\Patrik Daten\Downloads\YANDERE\YandereSimJune21st\YandereSimJune21st.exe ()
Shortcut: C:\Users\Patrik Biasi\Desktop\desktopzeug\Assassins Creed Syndicate v1.12-v1.5 Plus 21 Trainer - Verknüpfung.lnk -> C:\Patrik Daten\Downloads\assassins creed\ac syndicate\Assassins.Creed.Syndicate.v1.12-v1.5.Plus.21.Trainer-FLiNG\Assassins Creed Syndicate v1.12-v1.5 Plus 21 Trainer.exe (3DMGAME)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Intel® Power Gadget 3.0.lnk -> C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Installer\{AAFAAB45-753C-4402-A23D-3F0EA9A750EC}\_A8064362512C298577E93C.exe ()
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Music Editor Free.lnk -> C:\Software und Programme\Music Editor Free\MusicEditorFree.exe ()
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk -> D:\TOR\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Software und Programme\WinRAR\Rar.txt ()
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Software und Programme\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Software und Programme\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Software und Programme\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snis ModPack Installer\Snis_HitZone_Unistaller.lnk -> E:\Games\Wargaming\WoT\res_mods\Snis_HitZone_Uninstaller.exe (Snis ModPack)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snis ModPack Installer\Snis_ModPack_Installer.lnk -> E:\Games\Wargaming\WoT\res_mods\Snis_ModPack_Installer_0.9.13-2.5.1.0.exe (Snis ModPack)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snis ModPack Installer\Snis_ModPack_Uninstaller.lnk -> E:\Games\Wargaming\WoT\res_mods\Snis_ModPack_Uninstaller.exe (Snis ModPack)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Empire Earth™.lnk -> L ᐁ  À  䘀…                          6耟迟麨䡰놃낖︬刍  䙇䥓�∏쀧䋽�鰟ꋯ玿     
Empire Earth™( 	ꀀ 匱卐諢䙘䲼䌸ﲻ錓頦칭      
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Medal of Honor Pacific Assault™.lnk -> 0x4C0000000114020000000000C0000000000000468500000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000360014001F80DF8F22EDA89E704883B196B02CFE0D522000000047465349E19BB53ADFDD7F419031582182823CAE0000000000000000000020004D006500640061006C0020006F006600200048006F006E006F0072003A00200050006100630069006600690063002000410073007300610075006C007400222128000000090000A01C00000031535053E28A5846BC4C3843BBFC139326986DCE000000000000000000000000
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Postal 2.lnk -> 0x4C0000000114020000000000C0000000000000468500000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000360014001F80DF8F22EDA89E704883B196B02CFE0D52200000004746534945F515563E865149A57D9428C1FE075A00000000000000000000080050006F007300740061006C002000320028000000090000A01C00000031535053E28A5846BC4C3843BBFC139326986DCE000000000000000000000000
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ArtMoney SE.lnk -> C:\Software und Programme\Artmoney\ArtMoney\am744.exe ()
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Free Alarm Clock.lnk -> C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Free Countdown Timer.lnk -> C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe (Comfort Software Group)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intel® Power Gadget 3.0.lnk -> C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Installer\{AAFAAB45-753C-4402-A23D-3F0EA9A750EC}\_A8064362512C298577E93C.exe ()
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Software und Programme\Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk -> C:\Software und Programme\TS3\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Task-Manager.lnk -> C:\Windows\System32\taskmgr.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ArtMoney SE v7.44.lnk -> C:\Software und Programme\Artmoney\ArtMoney\am744.exe ()
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Steam.lnk -> C:\Software und Programme\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{EC282B17-FEEB-4530-BACA-C0BB19B8C9DC}\PlayTasks\0\Spielen.lnk -> E:\Steam Spiele 1T\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe (Monolith Productions, Inc.)
Shortcut: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Windows\GameExplorer\{220FD8FC-C027-42FD-B2DE-1F9CEFA2BF73}\PlayTasks\0\Spielen.lnk -> E:\Games\Empire Earth\Empire Earth.exe ()
Shortcut: C:\Users\Public\Desktop\A-Tuning.lnk -> C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\ATuning.exe (ASRock Incorporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\ArtMoney SE v7.44.lnk -> C:\Software und Programme\Artmoney\ArtMoney\am744.exe ()
Shortcut: C:\Users\Public\Desktop\Battle.net.lnk -> C:\Software und Programme\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\Battlefield 3.lnk -> E:\origin\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
Shortcut: C:\Users\Public\Desktop\CDBurnerXP.lnk -> C:\Software und Programme\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Public\Desktop\Crysis 3.lnk -> E:\origin\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH)
Shortcut: C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> C:\Software und Programme\Deamon Tools Lite\DAEMON Tools Lite\DTLauncher.exe (Disc Soft Ltd)
Shortcut: C:\Users\Public\Desktop\Free Alarm Clock.lnk -> C:\Software und Programme\Alarm Clock\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\Users\Public\Desktop\Free Countdown Timer.lnk -> C:\Software und Programme\FreeCountdownTimer\FreeCountdownTimer.exe (Comfort Software Group)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> C:\Software und Programme\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Minecraft.lnk -> E:\Games\MinecraftLauncher.exe (Mojang)
Shortcut: C:\Users\Public\Desktop\Mirror's Edge™ Catalyst.lnk -> E:\origin\Mirrors Edge Catalyst\MirrorsEdgeCatalyst.exe (EA Digital Illusions CE AB)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Software und Programme\Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Nexus Mod Manager.lnk -> E:\NMM\Nexus Mod Manager\NexusClient.exe (Black Tree Gaming)
Shortcut: C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Public\Desktop\Origin.lnk -> C:\Software und Programme\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\Raptr.lnk -> C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe (Raptr, Inc)
Shortcut: C:\Users\Public\Desktop\Security Task Manager.lnk -> C:\Program Files (x86)\Security Task Manager\TaskMan.exe (Neuber Software)
Shortcut: C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk -> C:\Software und Programme\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\Users\Public\Desktop\StarCraft II.lnk -> E:\Games\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Software und Programme\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Software und Programme\TS3\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Public\Desktop\TeamViewer 11.lnk -> C:\Software und Programme\Teamviewer\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Software und Programme\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Public\Desktop\World of Tanks.lnk -> E:\Games\Wargaming\WoT\WoTLauncher.exe (Wargaming.net)
Shortcut: C:\Users\Public\Desktop\World of Warships.lnk -> E:\Games\Wargaming\WoWs\WoWSLauncher.exe (Wargaming.net)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Play Postal 2 Share The Pain Online with GameSpy Arcade.lnk -> C:\Software und Programme\Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.gamespyarcade.com/features/launch.asp?svcname=postal2&distID=918
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Online Links\Postal 2 Share The Pain Official Web Site.lnk -> C:\Software und Programme\Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.postal2.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Online Links\Postal 2 Share The Pain Tech Support.lnk -> C:\Software und Programme\Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.postal2.com/support
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://otnofes.ru/?utm_source=startlink03&utm_content=aa10ba6431e0e87e0974fde2390a003d&utm_term=49B2ECE1B9CAC212FCB225556D05D035&utm_d=20160717"


ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Software und Programme\Teamviewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Software und Programme\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Software und Programme\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Share The Pain\Advanced\Delete my Postal2.ini file.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c if exist "e:\games\Postal 2\System\Postal2.ini" del "e:\games\Postal 2\System\Postal2.ini"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager\Nexus Mod Manager (Trace Mode).lnk -> E:\NMM\Nexus Mod Manager\NexusClient.exe (Black Tree Gaming) -> -trace
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {FE12FC92-B1A7-4131-AA2B-94DF2E6B37DF} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5\main.lua.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Software und Programme\Cheat Engine 6.5\main.lua
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Software und Programme\Teamviewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Patrik Biasi\Desktop\Discord.lnk -> C:\Users\Patrik Biasi\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Patrik Biasi\Desktop\FarCry4 - Verknüpfung.lnk -> E:\Uplaygames\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment) -> -skipintro 1
ShortcutWithArgument: C:\Users\Patrik Biasi\Desktop\Kill WOT.lnk -> C:\Windows\System32\taskkill.exe (Microsoft Corporation) -> /IM WorldOfTanks.exe /F
ShortcutWithArgument: C:\Users\Patrik Biasi\Desktop\Snis WOT-Launcher.lnk -> E:\Games\Wargaming\WoT\Snis_AutoUpdater_1.3.2.0.exe () -> -StartLauncher
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snis ModPack Installer\Snis WOT-Launcher.lnk -> E:\Games\Wargaming\WoT\Snis_AutoUpdater_1.3.2.0.exe () -> -StartLauncher
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc\Discord.lnk -> C:\Users\Patrik Biasi\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Software und Programme\Teamviewer\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Public\Desktop\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui


InternetURL: C:\Users\Administrator\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Editor Free\More Free Tools.url -> URL: hxxp://www.freeaudiovideosoft.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Editor Free\Music Editor Free on the Web.url -> URL: hxxp://www.music-editor.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxp://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Der Bahngigant\Der Bahngigant im Internet.url -> URL: hxxp://www.uieg.de
InternetURL: C:\Users\Patrik Biasi\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Patrik Biasi\Favorites\Windows Live\Windows Live Ideas.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Patrik Biasi\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Patrik Biasi\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Patrik Biasi\Favorites\MSN-Websites\MSN Auto.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Patrik Biasi\Favorites\MSN-Websites\MSN Fernsehen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Patrik Biasi\Favorites\MSN-Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Patrik Biasi\Favorites\MSN-Websites\MSN Nachrichten.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Patrik Biasi\Favorites\MSN-Websites\MSN Sport.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Patrik Biasi\Favorites\MSN-Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Patrik Biasi\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Patrik Biasi\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Patrik Biasi\Favorites\Microsoft-Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Patrik Biasi\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Patrik Biasi\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Patrik Biasi\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\Patrik Biasi\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Patrik Biasi\Favorites\Links\Vorgeschlagene Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Patrik Biasi\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Patrik Biasi\Favorites\Links\Интернет.url -> URL: hxxp://otnofes.ru/?utm_source=favorites03&utm_content=81b1e4140e8a81c89a114ef62c92d3c4&utm_term=49B2ECE1B9CAC212FCB225556D05D035&utm_d=20160717
InternetURL: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4 Map Editor.url -> URL: uplay://launch/420/1
InternetURL: C:\Users\Patrik Biasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry 4.url -> URL: uplay://launch/420/0

==================== Ende von Shortcut.txt =============================

Warlord711 · 10.08.2016, 08:04

Hmm, das macht mich grad stutzig, der Eintrag den ESET gefunden hat, erscheint hier nicht. Hast du nachträglich von etwas gelöscht ?

Bitte diesen Fix ausführen:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

folder: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\
InternetURL: C:\Users\Patrik Biasi\Favorites\Links\Интернет.url -> URL: hxxp://otnofes.ru/?utm_source=favorites03&utm_content=81b1e4140e8a81c89a114ef62c92d3c4&utm_term=49B2ECE1B9CAC212FCB225556D05D035&utm_d=20160717
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://otnofes.ru/?utm_source=startlink03&utm_content=aa10ba6431e0e87e0974fde2390a003d&utm_term=49B2ECE1B9CAC212FCB225556D05D035&utm_d=20160717"

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

DarthSoul · 11.08.2016, 15:00

bis auf borderlands 2 per steam und noscript bei firefox hab ich nix deinstalliert/installiert

laut den eigenschaften wurde die datei am 17. juli erstellt

hier das fixlog:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
durchgeführt von Patrik Biasi (2016-08-11 15:58:59) Run:2
Gestartet von C:\Users\Patrik Biasi\Desktop
Geladene Profile: Patrik Biasi (Verfügbare Profile: Patrik Biasi & Administrator)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
folder: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\
InternetURL: C:\Users\Patrik Biasi\Favorites\Links\Интернет.url -> URL: hxxp://otnofes.ru/?utm_source=favorites03&utm_content=81b1e4140e8a81c89a114ef62c92d3c4&utm_term=49B2ECE1B9CAC212FCB225556D05D035&utm_d=20160717
ShortcutWithArgument: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://otnofes.ru/?utm_source=startlink03&utm_content=aa10ba6431e0e87e0974fde2390a003d&utm_term=49B2ECE1B9CAC212FCB225556D05D035&utm_d=20160717"
         
*****************


========================= folder: C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\ ========================

2016-07-17 18:17 - 2016-07-17 18:17 - 0032038 ___SH () C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.ico
2016-07-17 18:17 - 2016-07-17 18:17 - 0002026 ___SH () C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk

====== Ende von Folder: ======

C:\Users\Patrik Biasi\Favorites\Links\Интернет.url => erfolgreich verschoben
C:\Users\Patrik Biasi\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk => Verknüpfung Eigenschaft erfolgreich entfernt.

==== Ende von Fixlog 15:58:59 ====

Warlord711 · 11.08.2016, 15:40

Ok, sollte so passen.

Zitat:

sh=343570A1A27E0E7F07064DB317232E033E4873C3 ft=0 fh=0000000000000000 vn="LNK/Agent.CJ Trojaner" ac=I fn="D:\PATRIKBIASI-PC\Backup Set 2016-08-02 225041\Backup Files 2016-08-02 225041\Backup files 29.zip"
sh=05931AD378D829E49ECE416BFAD2A80F4ADECC09 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\PATRIKBIASI-PC\Backup Set 2016-08-02 225041\Backup Files 2016-08-02 225041\Backup files 4.zip

Da sind noch Reste drin, die kann ich allerdings nicht aus dem Backup löschen, bitte im Gedächtnis behalten, falls du mal aus diesen Backups etwas zurückspielen solltest.

Wie verhält sich das System denn aktuell ?

09.08.2016, 09:12	#10
Warlord711 /// TB-Ausbilder	Internet sehr oft sehr sehr langsam Virebefall? Mach mal bitte einen neuen FRST Scan und setz den Haken bei Shortcuts.txt, poste mir dann bitte das FRST.txt und das Shortcuts.txt __________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie \| Spende \| Lob & Kritik

Internet sehr oft sehr sehr langsam Virebefall?

Log-Analyse und Auswertung: Internet sehr oft sehr sehr langsam Virebefall?