Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7: DCOM Prozesstart unerwartet beendet (https://www.trojaner-board.de/183177-windows-7-dcom-prozesstart-unerwartet-beendet.html)

Myrmix 26.11.2016 12:16
Windows 7: DCOM Prozesstart unerwartet beendet
 
Hallo liebes Team des Trojaner-Boards.

Ich hatte heute während der normalen Betrieb meines PCs plötzlich die Fehlermeldung
"DCOM Prozessstart unerwartet beendet, Windows wird in 1 Minute heruntergefahren."
Danach habe ich den Neustart abgrebrochen und manuel hochgefahren, weil mir das spanisch vorkam, dabei gab es keine Probleme oder Unauffälligkeiten. (Das einzige was mir auffällt ist, dass ich in letzter Zeit mehr Spam-Mail bekomme, kA ob das damit zusammenhängt, da ich die immer ungeöffnet lösche)

Habe diese Meldung noch nie gesehen und auf Nachgooglen hin könnte es sich um ein Rootkit o.äh. handeln, deswegen ging ich lieber auf Nummer sicher und hab diesen Thread hier erstellt.

Ich kann Windows 7 in den nächsten 2 Tagen nicht neu aufsetzen (Clan-Spiele stehen an), sonst hätte ich das wohl in Betracht gezogen, da ich ein ziemlicher Laie bin, was über html hinausgeht.

Bisher habe ich mir HijackThis v2.0.4 heruntergeladen und einen Scan durchgeführt.
Beim Scan kam die Fehlermeldung "For some reason, your system denied write access to the hosts file..". Ich habe OK gedrückt und hab das Logfile gespeichert, falls es gewünscht ist (steht ja im Thread, dass ihr das nicht braucht)



FRST:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
durchgeführt von Martin (Administrator) auf MYRMIX (26-11-2016 11:55:25)
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin (Verfügbare Profile: Martin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Privoxy\privoxy.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Run: [World of Warships] => K:\Games\WOWS_PublicTest\WargamingGameUpdater.exe [3134216 2016-11-07] (Wargaming.net)
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\MountPoints2: {9dc55695-621f-11e2-8721-5404a66b46f9} - I:\setup_the_witcher_2_ee_3.0.1.17.exe
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\MountPoints2: {dd0371c7-0fa0-11e1-9384-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\MountPoints2: {fdd5ecae-0fb0-11e1-a034-5404a66b46f9} - J:\AUTORUN.EXE
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk [2012-04-03]
ShortcutTarget: Privoxy.lnk -> C:\Program Files (x86)\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter - Verknüpfung.lnk [2012-04-01]
ShortcutTarget: Rainmeter - Verknüpfung.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{AE141692-DE9B-4CC3-93A4-62B71E738879}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321848&octid=EB_ORIGINAL_CTID&ISID=MD012B8A5-8B55-4EDB-89ED-AABC7D6BB3D9&SearchSource=58&CUI=&UM=8&UP=SP60FFA5B6-C973-4FF2-A334-CD50DE2031E8&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> {A0C59A24-F50F-433C-928B-8235295514F4} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> Kein Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  Keine Datei

FireFox:
========
FF DefaultProfile: a9urom3s.default-1384358611811
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 [2016-11-26]
FF user.js: detected! => C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\user.js [2014-05-21]
FF NewTab: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> Bing Powered Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> Bing Powered Search
FF Homepage: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> www.google.at
FF Keyword.URL: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> user_pref("keyword.URL", true);
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ftp", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.socks", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ssl", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ssl_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ftp", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> http", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> http_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> socks", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ssl", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ssl_port", 8080
FF Extension: (General Crawler) - C:\Users\Martin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-03-13] [ist nicht signiert]
FF Extension: (ADB Helper) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\adbhelper@mozilla.org [2016-11-03]
FF Extension: (Advanced Cookie Manager) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\cookiemgr@jayapal.com [2016-02-22]
FF Extension: (Valence) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\fxdevtools-adapters@mozilla.org [2016-02-23]
FF Extension: (ExHentai Easy) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2013-11-24] [ist nicht signiert]
FF Extension: (Search and New Tab by Yahoo) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-11-18]
FF Extension: (YouTube Center) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2016-04-28]
FF Extension: (Shumway) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\shumway@research.mozilla.org [2015-10-15] [ist nicht signiert]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-10-10]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-11-22]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\searchplugins\bing powered search.xml [2016-08-18]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\searchplugins\trovi-search.xml [2014-12-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1031562343-2424694273-2990312000-1000: @hola.org/vlc,version=1.8.649 -> C:\Users\Martin\AppData\Local\Hola\firefox\app\vlc [2015-07-15] ()
FF Plugin HKU\S-1-5-21-1031562343-2424694273-2990312000-1000: @my.com/Games -> C:\Users\Martin\AppData\Local\MyComGames\NPMyComDetector.dll [2016-06-11] (MY.COM B.V.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Martin\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-03-13]
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - C:\Users\Martin\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-21] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-02] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-07-19] (BitRaider, LLC)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
S3 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-08-08] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-27] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-31] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-27] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S0 mv91xx; system32\DRIVERS\mv91xx.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-26 11:52 - 2016-11-26 11:53 - 00000000 ____D C:\Users\Martin\rootkit
2016-11-26 11:51 - 2016-11-26 11:52 - 00063581 _____ C:\Users\Martin\Downloads\Addition.txt
2016-11-26 11:50 - 2016-11-26 11:55 - 00019731 _____ C:\Users\Martin\Downloads\FRST.txt
2016-11-26 11:48 - 2016-11-26 11:55 - 00000000 ____D C:\FRST
2016-11-26 11:44 - 2016-11-26 11:44 - 02412032 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2016-11-26 11:20 - 2016-11-26 11:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martin\Downloads\HijackThis.exe
2016-11-20 19:17 - 2016-11-20 19:45 - 00000890 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-11-20 19:17 - 2016-11-20 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-11-20 19:16 - 2016-11-20 19:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-11-20 19:15 - 2016-11-20 19:15 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-11-20 18:45 - 2016-11-22 14:13 - 00000000 ____D C:\Users\Martin\FALL4mods
2016-11-18 17:22 - 2016-11-18 17:22 - 00276696 _____ C:\Windows\Minidump\111816-21699-01.dmp
2016-11-18 01:57 - 2016-11-26 11:05 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2016-11-18 01:33 - 2016-11-18 09:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-11 14:05 - 2016-11-11 14:05 - 00000781 _____ C:\Users\Public\Desktop\WOWS_PublicTest.lnk
2016-11-10 22:06 - 2016-11-11 13:38 - 03186048 _____ (Wargaming ) C:\Users\Martin\Downloads\WoWS_PublicTest.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-26 11:52 - 2011-11-15 16:52 - 00000000 ____D C:\Users\Martin
2016-11-26 11:44 - 2013-07-28 12:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-26 11:44 - 2011-11-15 21:17 - 00000000 ____D C:\Program Files (x86)\JDownloader
2016-11-26 11:43 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-26 11:40 - 2011-12-19 22:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\TS3Client
2016-11-26 11:20 - 2011-11-15 21:03 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Temp
2016-11-26 11:12 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-26 11:12 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-26 11:09 - 2010-11-21 07:50 - 00713806 _____ C:\Windows\system32\perfh007.dat
2016-11-26 11:09 - 2010-11-21 07:50 - 00153922 _____ C:\Windows\system32\perfc007.dat
2016-11-26 11:09 - 2009-07-14 06:13 - 01648056 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-26 11:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-26 11:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-26 11:02 - 2016-08-05 12:03 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-11-26 02:49 - 2016-08-18 19:08 - 00000000 ____D C:\Users\Martin\AppData\Local\JDownloader v2.0
2016-11-25 19:17 - 2012-07-14 13:43 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2016-11-21 20:07 - 2015-08-11 22:48 - 00000000 ___RD C:\Users\Martin\wows
2016-11-21 16:36 - 2015-10-29 13:29 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2016-11-20 20:07 - 2012-04-25 16:00 - 00218112 ___SH C:\Users\Martin\Thumbs.db
2016-11-20 19:45 - 2015-11-11 12:42 - 00000000 ____D C:\Users\Martin\AppData\Local\Fallout4
2016-11-20 19:17 - 2012-01-07 19:18 - 00000000 ____D C:\Users\Martin\Documents\Nexus Mod Manager
2016-11-20 19:17 - 2012-01-07 19:18 - 00000000 ____D C:\Users\Martin\AppData\Local\Black_Tree_Gaming
2016-11-20 19:15 - 2016-02-12 14:34 - 00000000 ____D C:\Users\Martin\AppData\Local\Downloaded Installations
2016-11-18 17:22 - 2016-08-06 11:05 - 715835735 _____ C:\Windows\MEMORY.DMP
2016-11-18 17:22 - 2012-08-15 14:01 - 00000000 ____D C:\Windows\Minidump
2016-11-18 09:37 - 2012-04-25 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-12 18:59 - 2015-12-18 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-11-11 14:05 - 2012-07-28 22:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-11-11 14:05 - 2012-07-28 22:00 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-11-11 14:05 - 2011-11-21 16:17 - 00000000 ____D C:\Games
2016-11-08 10:42 - 2014-02-20 16:15 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 10:42 - 2014-02-20 16:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 10:42 - 2011-11-16 20:36 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2016-11-08 10:42 - 2011-11-15 18:31 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 10:42 - 2011-11-15 18:31 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-28 02:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-15 14:05 - 2016-05-02 18:56 - 0000132 _____ () C:\Users\Martin\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-09-15 15:59 - 2015-09-15 15:59 - 0006682 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2012-05-11 13:46 - 2012-05-11 18:13 - 0007596 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2014-10-27 10:08 - 2014-10-27 10:08 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Martin\Drakonia Configurator.exe
C:\Users\Martin\dscaler4115.exe
C:\Users\Martin\jre-7u40-windows-x64.exe
C:\Users\Martin\Steam-reg.reg
C:\Users\Martin\SWTOR_setup.exe


Einige Dateien in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\131160172703141616.exe
C:\Users\Martin\AppData\Local\Temp\13116017278986657690.exe
C:\Users\Martin\AppData\Local\Temp\i4jdel0.exe
C:\Users\Martin\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Martin\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Martin\AppData\Local\Temp\proxy_vole396814014492711021.dll
C:\Users\Martin\AppData\Local\Temp\proxy_vole6858318936037624723.dll
C:\Users\Martin\AppData\Local\Temp\proxy_vole7448061099384327288.dll
C:\Users\Martin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Martin\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-27 13:47

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Martin (26-11-2016 11:55:40)
Gestartet von C:\Users\Martin\Downloads
Windows 7 Professional Service Pack 1 (X64) (2011-11-15 15:52:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1031562343-2424694273-2990312000-500 - Administrator - Disabled)
Gast (S-1-5-21-1031562343-2424694273-2990312000-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1031562343-2424694273-2990312000-1002 - Limited - Enabled)
Martin (S-1-5-21-1031562343-2424694273-2990312000-1000 - Administrator - Enabled) => C:\Users\Martin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version:  - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Armored Warfare MyCom (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Armored Warfare MyCom) (Version: 1.62 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
AutoIt v3.3.8.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bing Powered Search (HKLM-x32\...\BingPoweredSearch) (Version:  - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
CPUID HWMonitor 1.22 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crossfire 1.9 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Crossfire 1.9) (Version: 1.90.00.00 - SWAT-Portal)
Crossfire 2.0 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Crossfire 2.0) (Version: 2.00.00.00 - SWAT-Portal)
Curse Client (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Sten) (Version:  - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Wynne) (Version:  - )
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
FAM 1.0.0.0 (HKLM-x32\...\FAM) (Version: 1.0.0.0 - Korrd)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free CBR Reader (HKLM-x32\...\{B9240DAE-EFA1-4A0E-824F-17B3F99194F8}) (Version: 1.0.0 - Free Picture Solutions)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version:  - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
gmax (HKLM-x32\...\{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}) (Version: 4.4.0.125 - Discreet)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GUILD WARS (HKLM-x32\...\Guild Wars) (Version:  - )
HardCMP v1.0.0.23 (HKLM-x32\...\HardCMP_is1) (Version: 1.0.0.23 - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 3D 1.5.1 (HKLM-x32\...\{32A9C5B3-D166-4C6D-A11E-A54473151000}) (Version: 1.5.1 - Sun Microsystems, Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 1.61.0.1400 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.61.0.1400 - Malwarebytes Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minion (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 de)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.3 (HKLM-x32\...\{C3E9887A-23BA-4777-8080-191A5AFCAB74}) (Version: 1.2.3 - Thorvald Natvig)
My.com Game Center (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\MyComGames) (Version: 3.162 - My.com B.V.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.9 - Black Tree Gaming)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OMC ModPack Client Version 1.1.11.6 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.1.11.6 - Odem Mortis)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Parsec (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\a53dc3b81e52c50e) (Version: 1.0.0.42 - Parsec)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
paw·ned‹4›2 – Die Antwort auf alle Buildfragen (HKLM-x32\...\pawned42) (Version:  - JN-GAMES Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Pdfedit (HKLM-x32\...\{6C11089A-E23F-4E9B-B12C-316BF1A4376B}) (Version: 4.5.0.0 - PdfEdit team)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.6 - )
PlanetSide 2 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\DGC-PlanetSide 2) (Version: 1.0.3.191 - Daybreak Game Company)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version:  - )
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.2 r1116 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Slime Rancher (HKLM-x32\...\Slime Rancher0.2.4b) (Version: 0.2.4b - TheRaven1)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - Keen Software House)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
sTabLauncher (HKLM-x32\...\{9E5A4758-0189-419B-A6ED-FE4CBD255F05}) (Version: 2.2.3 - Sergio Santos)
Star Citizen Launcher (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War Thunder Launcher 1.0.1.386 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WindowsAndroid version 4.0.3 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{7E07052F-A4CE-4932-B066-B9203888439F}_is1) (Version: 4.0.3 - SocketeQ, Inc.)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Warships (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
YACReader 8.5.0 (HKLM-x32\...\YACReader_is1) (Version:  - )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{06d45639-4c61-4cab-be15-52f5e6e72d31}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{27e52464-33a3-42ab-a482-c84fab56362a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{4e9b62d8-f542-423b-8e8e-2007daeac423}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{7acd7f3b-8bb8-430f-8499-dd8077c7af97}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{7d430c4d-1b80-464c-8f5d-2d99d4ff9c85}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{8059b7ca-030b-489d-b211-5b961893bedf}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{b8be70ea-432e-4a55-ba5c-a83cd1e376b6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{b9540fcf-2d9b-4e81-8557-2c9592685a9a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{e26b586f-8643-46af-a2fc-bc81c5389766}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{e85372c0-2724-41f4-a715-0806ee361bb0}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {305492CB-4722-4BA3-BF71-A11429E75A10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {34E68465-F12F-4565-AE91-3E1D2412865B} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {35419A1B-98CE-4D48-91FD-1FBF82A10B24} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-16] (Advanced Micro Devices, Inc.)
Task: {7C2E9BA2-0CBF-4889-8C83-7DFA5A4056E8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {AAE2BC6B-1119-4222-B6C7-017DDD173F9B} - System32\Tasks\{652BC46E-1D96-4931-B893-AE3A21457C8E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/eula
Task: {B3F91BB8-7CC1-4BE6-B368-4204269BAFB6} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {EF75F260-60A6-4F74-882C-2A4CF98BD56F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-11-24 20:35 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-03-22 17:18 - 2015-08-08 17:04 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-13 01:01 - 2016-09-13 01:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2012-01-08 14:32 - 2012-01-08 14:32 - 00107720 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2012-01-08 14:32 - 2012-01-08 14:32 - 00809672 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2012-01-08 14:31 - 2012-01-08 14:31 - 00034304 _____ () C:\Program Files\Rainmeter\Plugins\QuotePlugin.dll
2012-01-08 14:31 - 2012-01-08 14:31 - 00028160 _____ () C:\Program Files\Rainmeter\Plugins\SpeedFanPlugin.dll
2012-01-08 14:31 - 2012-01-08 14:31 - 00023552 _____ () C:\Program Files\Rainmeter\Plugins\PerfMon.dll
2012-01-08 14:32 - 2012-01-08 14:32 - 00167424 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2012-01-08 14:31 - 2012-01-08 14:31 - 00025600 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
2015-11-22 18:53 - 2013-10-29 13:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2015-11-22 18:53 - 2012-12-11 11:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2011-12-27 08:40 - 2011-12-27 08:40 - 00086528 _____ () C:\Program Files (x86)\Privoxy\mgwz.dll
2015-11-22 18:53 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2015-11-22 18:53 - 2011-11-22 14:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2016-10-16 11:54 - 2016-10-16 11:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f91bd970f20123a46b575cf6e92bc441\IsdiInterop.ni.dll
2011-11-15 17:06 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\Drakonia Configurator\hid.exe
MSCONFIG\startupreg: Remote Control Editor => "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe"
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RGSC => K:\Games\GTA4\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DA14B3E4-1977-4874-9BC8-8D78BDEFA0FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D45D251F-9F78-419B-B3FB-CC129056CC7C}C:\games\call of duty black ops\blackops.exe] => (Block) C:\games\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{115987AB-3EE6-42AB-81E0-B6C843F4B95B}C:\games\call of duty black ops\blackops.exe] => (Block) C:\games\call of duty black ops\blackops.exe
FirewallRules: [{D023DD3D-B9E3-4FD4-A706-20EA6612D3D3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{10F598B7-6248-4641-A32C-7B8FAAB3B384}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{15CF0E2B-A339-4B42-99D5-37CA542D4ABD}K:\games\gw2\gw2.exe] => (Allow) K:\games\gw2\gw2.exe
FirewallRules: [UDP Query User{32719093-8BD2-44A4-856C-49B1EA2D33BE}K:\games\gw2\gw2.exe] => (Allow) K:\games\gw2\gw2.exe
FirewallRules: [{254B1476-B09C-4F89-A9F6-82A0F56FD0B5}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{D5872796-7876-49F7-A2D8-8FF6D5A53523}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{CA94F41A-DD1B-4A72-86DE-1032FE2B366D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6FD7189D-1EBA-47A4-A5EB-BF06EC520BBC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DBFEB9BB-2B08-494C-8C03-EE196D5B1F96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B0ECFFA5-FCEA-4F5E-BDB7-F52E27F0C431}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2D37DAE8-DD97-4929-8CD2-F5A8E96A2A74}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{14E6B066-CB4B-4F42-8C65-A30BD8CB40EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B5E570ED-F1A3-4F9D-B837-FF53434C629B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{32EF9C71-C0A9-4FC5-9335-654F2485208E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{95F75607-BD3A-4130-849D-35460CDFFF67}] => (Allow) LPort=80
FirewallRules: [{D5CA12CD-BD78-4A0D-8C42-96AC5B89A8DB}] => (Allow) LPort=443
FirewallRules: [{6971AD85-B1AE-4DFB-B505-CA0FBA19DF34}] => (Allow) LPort=20010
FirewallRules: [{A0FD53BC-5301-453D-9458-D8690DA6BB3A}] => (Allow) LPort=3478
FirewallRules: [{C9B4DDF2-352C-4876-9231-4759D64BD32A}] => (Allow) LPort=7850
FirewallRules: [{6BE2B612-FEC8-44EA-8511-E6821D6D8B95}] => (Allow) LPort=7852
FirewallRules: [{126E1A5D-D8E5-4B2E-A48C-35CF5EE98F8C}] => (Allow) LPort=7853
FirewallRules: [{01208F69-21AE-4235-B5EF-F23299D59698}] => (Allow) LPort=27022
FirewallRules: [{9406B5A7-ED28-45B9-9945-DB2D0112F1B1}] => (Allow) LPort=6881
FirewallRules: [{A30E663C-AF63-402A-961B-4FAB7B8F6295}] => (Allow) LPort=33333
FirewallRules: [{F8B8FA6D-E5C6-4F82-9F61-EEF5831AB045}] => (Allow) LPort=20443
FirewallRules: [{197DC96A-400A-4B7F-BF17-096C617FDC52}] => (Allow) LPort=8090
FirewallRules: [{315A91A7-50CD-4AA0-9DA4-7B3EA5AF4E41}] => (Allow) LPort=50248
FirewallRules: [{647CF977-885E-487B-AECF-0D0BCFE394FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BFF7822D-29BB-435E-B0CC-E6FB6386D6B7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{825E3A0C-7CD9-49C1-92FF-AA0B7A0D6256}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{9B1D214A-2E86-412E-9A37-508D956B75C1}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{19C193B3-0E36-4FC9-B776-EF594F2E06D7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CCFA21AF-6946-4394-9393-A7914C1EAB6A}] => (Allow) LPort=2869
FirewallRules: [{69AD3371-0624-45F5-B3F4-EDF4EB7B9AEA}] => (Allow) LPort=1900
FirewallRules: [{24E4719D-875C-4164-92CD-2358293AF128}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{65BDC62F-A6D0-4638-B54B-1A5E9635D7D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{17401A7C-6DB7-40CD-8447-D6B647F506C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4DD8C035-CD15-442C-BCBB-FDC26E1DE05D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{377EDF59-81A6-4C6E-9217-72E77BF00BAC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{E0998469-C626-45BA-9023-75797B0D51F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F4B02B17-DF19-4690-B6A3-67F46E14107D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7FE67A19-1C7C-47AF-886D-E639BF16019C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{897D2F00-3723-4C6C-B2E3-F9E10B22A695}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E63EFA4F-52DD-4E50-98F4-C64486DE5FFA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C5BA1463-92BA-436F-AC64-9C92FFF45D03}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2630B555-48AF-4038-B00E-B7D7FE02BF8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{32C8E90C-6216-433E-9875-8ACACA120F19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{AE408CFD-9E72-4673-9B80-C0E60015DBE4}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{99AC8BD9-AAB7-4808-A04F-F57E9C213FDD}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{08AD94ED-4C34-474D-A3E2-63105AB508F1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8BA530C5-C118-43C2-BA5F-846FEBCC7E1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E05AE212-44BA-4CA4-BCB3-06BDF2683ADA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D230EB6-8F4E-46C7-A4EF-DA3C02267FE5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{05FF1BE1-D9EA-4086-BAF0-54F754F95969}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{62F7182C-FD69-434C-8A3A-2C2BF7AE516A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{5EAD725D-4F20-4D72-8883-11872479E347}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9A3D1993-D693-465A-A1CD-CE941E320268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{ABE41180-295F-42A5-97F5-96096DE702EF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{692AD4BF-5BA0-414C-9421-6D95E92989C5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6E847FBB-0774-4493-A233-2174541C47DE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{FE1762B0-077E-4E00-BF76-23E75A326709}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1A163A24-C1B9-43BE-9A54-BD8DC369BE08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D3C4E0A4-631F-494A-BF04-4442AF1A7E45}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{189D7710-D8B9-4F62-9A90-D41D995B9F6C}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{6711ABB2-D72E-4416-B773-CD004256953C}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{96861C9B-1464-4C4C-B036-84D8033746A3}K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{F0C2660F-3934-4181-8948-81663C7B4FAB}K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{F1E2D9C4-30A9-44DC-9BB6-E63650A9A8CB}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{F7AB5B48-81C1-4362-9BB9-3785D2587A4A}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{94D18C8F-86D3-4AC4-98A3-2145FE0C6DCE}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{732EAB2F-453C-4DF1-9872-F7CBAD021540}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{A56EEAA9-67C5-4219-87F8-9BDE6D1AF9C6}K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{705B4100-C489-4C32-8B09-0449A4B51187}K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [{BD12A005-5430-4622-9F42-99B38B26F5F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{033717DE-391B-4088-95DF-E6BE2102BD1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{107DFFE1-EC96-4538-90EB-483687386B28}K:\games\wows_publictest\wowslauncher.exe] => (Allow) K:\games\wows_publictest\wowslauncher.exe
FirewallRules: [UDP Query User{98C38A1F-A0D5-4A4A-AFB4-85EBEA8AA13B}K:\games\wows_publictest\wowslauncher.exe] => (Allow) K:\games\wows_publictest\wowslauncher.exe
FirewallRules: [{2B51E7DB-C122-42CD-BBE0-4AE609DC6D32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{BB518C50-7E28-4A63-A098-742922983C7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{A6035418-4970-479E-9EA4-85749B68085E}] => (Allow) K:\Games\ESTU\Launcher\GameConsultant.exe
FirewallRules: [{1F20723E-7CE5-464E-8542-72EC791C4AC8}] => (Allow) K:\Games\ESTU\Launcher\Bethesda.net_Launcher.exe
FirewallRules: [TCP Query User{D4FDF617-63A5-46BE-A60E-960B2E4F1E2E}K:\games\warship\wowslauncher.exe] => (Allow) K:\games\warship\wowslauncher.exe
FirewallRules: [UDP Query User{D7E165A1-902B-4F4B-B2A9-D3AD6A00AD50}K:\games\warship\wowslauncher.exe] => (Allow) K:\games\warship\wowslauncher.exe
FirewallRules: [{D627856E-3ACF-4865-AFEA-ACF0EFFADBC0}] => (Allow) K:\Games\WT\WarThunder\launcher.exe
FirewallRules: [{C0806AFA-854B-4D6A-B5E6-96548D732351}] => (Allow) K:\Games\WT\WarThunder\launcher.exe
FirewallRules: [{A3F76B1A-5757-4FAF-9B82-9C9E68966F07}] => (Allow) K:\Games\WT\WarThunder\aces.exe
FirewallRules: [{D7BF61B9-24DB-47C1-AD5A-A1CC0346C734}] => (Allow) K:\Games\WT\WarThunder\aces.exe
FirewallRules: [TCP Query User{2FD75038-0456-428B-8104-7BBDAB2E2D71}K:\games\wt\warthunder\win64\aces.exe] => (Allow) K:\games\wt\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{A82A83EA-8EB2-4583-B15C-60CEEA771357}K:\games\wt\warthunder\win64\aces.exe] => (Allow) K:\games\wt\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{F905E323-B4DF-4C40-9231-941118005F79}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{3B08B716-9064-4E1C-B210-D840F0041E08}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{E60A25E8-D512-4DEF-998C-C98D84AF8B5A}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [UDP Query User{6C728D7F-4FB7-44B4-ACA6-00ECAEBA1BBD}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [TCP Query User{F0570CD4-A0DD-4F17-A6D8-EF1564F8BF3D}C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [UDP Query User{A38A26FB-4783-48AC-A954-8934A8A6B9E0}C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [{9455FA43-B14A-4CA0-8904-3CC6F639720B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F153E4D7-8DD4-4D5B-80E8-087C75626B6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [TCP Query User{491CFD22-984D-4134-8D92-A3F1F5B6F4A5}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{99640C1F-820D-42F7-BEE2-EE224A842DCB}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{D25E39C0-0429-4FA7-B241-549A93469372}] => (Allow) C:\Games\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{04239541-694A-4378-8948-1C13D266D278}] => (Allow) C:\Games\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{68A16BAF-1A67-478C-AA18-8C42C3613E2F}] => (Allow) C:\Games\WOWS_PublicTest\worldofwarships.exe
FirewallRules: [{C934DB75-C881-48FF-919A-C1E86685AFCF}] => (Allow) C:\Games\WOWS_PublicTest\worldofwarships.exe

==================== Wiederherstellungspunkte =========================

05-11-2016 14:49:22 Windows Update
08-11-2016 14:53:28 Windows Update
16-11-2016 10:18:26 Windows Update
18-11-2016 15:28:11 DirectX wurde installiert
24-11-2016 13:22:52 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/26/2016 11:06:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/26/2016 11:01:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23543, Zeitstempel: 0x57d2fde1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000019c59
ID des fehlerhaften Prozesses: 0x314
Startzeit der fehlerhaften Anwendung: 0x01d247c350ff0acd
Pfad der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 5687ee9c-b3bf-11e6-9641-5404a66b46f9

Error: (11/26/2016 10:00:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/25/2016 10:12:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/24/2016 01:12:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/23/2016 10:20:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/22/2016 10:29:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/21/2016 04:36:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WorldOfWarships.exe, Version: 0.5.14.1, Zeitstempel: 0x5829a280
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e
Ausnahmecode: 0x40000015
Fehleroffset: 0x000a327c
ID des fehlerhaften Prozesses: 0x10f0
Startzeit der fehlerhaften Anwendung: 0x01d24405427262ce
Pfad der fehlerhaften Anwendung: K:\Games\Warship\WorldOfWarships.exe
Pfad des fehlerhaften Moduls: K:\Games\Warship\MSVCR110.dll
Berichtskennung: 3a78a344-b000-11e6-907f-5404a66b46f9

Error: (11/21/2016 10:04:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/20/2016 09:40:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (11/26/2016 11:04:42 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mv91xx

Error: (11/26/2016 11:04:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/26/2016 11:04:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/26/2016 11:02:50 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.233.501.0

        Aktualisierungsquelle: Microsoft Update Server

        Aktualisierungsphase: Herunterladen

        Quellpfad: hxxp://www.microsoft.com

        Signaturtyp: AntiVirus

        Aktualisierungstyp: Vollständig

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion:

        Vorherige Modulversion: 1.1.13303.0

        Fehlercode: 0x8024001e

        Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

Error: (11/26/2016 11:02:50 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.233.501.0

        Aktualisierungsquelle: Microsoft Update Server

        Aktualisierungsphase: Herunterladen

        Quellpfad: hxxp://www.microsoft.com

        Signaturtyp: AntiVirus

        Aktualisierungstyp: Vollständig

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion:

        Vorherige Modulversion: 1.1.13303.0

        Fehlercode: 0x8024001e

        Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

Error: (11/26/2016 11:01:47 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Plug & Play" Korrekturmaßnahmen (Neustart des Computers) durchzuführen, ist fehlgeschlagen. Fehler:
Das Herunterfahren des Systems wurde bereits geplant.

Error: (11/26/2016 11:01:47 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Stromversorgung" Korrekturmaßnahmen (Neustart des Computers) durchzuführen, ist fehlgeschlagen. Fehler:
Das Herunterfahren des Systems wurde bereits geplant.

Error: (11/26/2016 11:01:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Stromversorgung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Computers.

Error: (11/26/2016 11:01:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Plug & Play" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Computers.

Error: (11/26/2016 11:01:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "DCOM-Server-Prozessstart" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Computers.


CodeIntegrity:
===================================
  Date: 2014-11-16 20:00:39.437
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-16 20:00:39.367
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 21:57:34.851
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 21:57:34.774
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.833
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Martin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.785
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Martin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.719
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.672
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-23 19:12:17.629
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-23 19:12:17.566
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8168.77 MB
Verfügbarer physikalischer RAM: 5416.36 MB
Summe virtueller Speicher: 16335.71 MB
Verfügbarer virtueller Speicher: 13412.6 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:491.96 GB) (Free:114.4 GB) NTFS
Drive k: (Volume) (Fixed) (Total:439.45 GB) (Free:197.85 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D7E7020)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=492 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

M-K-D-B 27.11.2016 14:14
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!






bitte beachten:
Zitat:
Gestartet von C:\Users\Martin\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Myrmix 27.11.2016 15:14
Hallo Matthias und schonmal danke für die Hilfe.

Ich habe Microsoft Security Essentials deaktiviert und ComboFix vom Desktop aus ausgeführt.
Es gab keine Fehlermeldungen während das Programm gelaufen ist.

Code:
ComboFix 16-11-13.01 - Martin 27.11.2016  14:49:58.1.4 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.43.1031.18.8169.6038 [GMT 1:00]
ausgeführt von:: c:\users\Martin\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1887373585
c:\users\Martin\AppData\Roaming\Bc
c:\users\Martin\AppData\Roaming\Bc\console.log
c:\users\Martin\AppData\Roaming\Bc\game\client\prefs.cs
c:\users\Martin\AppData\Roaming\Bc\game\server\prefs.cs
c:\users\Martin\AppData\Roaming\Bc\savegames\Spank.sgf
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\searchplugins\trovi-search.xml
c:\users\Martin\SWTOR_setup.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\SET9E05.tmp
c:\windows\SysWow64\SETB72B.tmp
.
.
(((((((((((((((((((((((  Dateien erstellt von 2016-10-27 bis 2016-11-27  ))))))))))))))))))))))))))))))
.
.
2016-11-27 13:58 . 2016-11-27 13:58        --------        d-----w-        c:\users\Default\AppData\Local\temp
2016-11-27 10:08 . 2016-11-27 10:08        75888        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{089F4904-D22D-45D8-B87F-392786873861}\offreg.1004.dll
2016-11-26 23:30 . 2016-11-10 07:44        11781064        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{089F4904-D22D-45D8-B87F-392786873861}\mpengine.dll
2016-11-26 10:52 . 2016-11-26 10:53        --------        d-----w-        c:\users\Martin\rootkit
2016-11-26 10:48 . 2016-11-26 10:55        --------        d-----w-        C:\FRST
2016-11-24 12:24 . 2016-05-11 10:48        1167568        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AAF9D2D0-ADA5-477A-9999-FBFEEBD1B0DA}\gapaengine.dll
2016-11-21 09:20 . 2016-11-10 07:44        11781064        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-11-20 18:16 . 2016-11-20 18:45        --------        d-----w-        c:\program files\Nexus Mod Manager
2016-11-20 18:15 . 2016-11-20 18:15        --------        d-----w-        c:\program files (x86)\Chip Digital GmbH
2016-11-20 17:45 . 2016-11-22 13:13        --------        d-----w-        c:\users\Martin\FALL4mods
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-27 01:28 . 2016-08-05 11:03        65536        ----a-w-        c:\windows\system32\spu_storage.bin
2016-11-08 09:42 . 2014-02-20 15:15        796352        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2016-11-08 09:42 . 2014-02-20 15:15        142528        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-10-28 01:22 . 2010-11-21 03:27        485032        ------w-        c:\windows\system32\MpSigStub.exe
2016-10-23 09:23 . 2015-03-03 09:42        97856        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-10-19 17:48 . 2011-11-23 10:20        143495576        -c--a-w-        c:\windows\system32\MRT.exe
2016-09-30 15:37 . 2016-10-14 07:12        5548264        ----a-w-        c:\windows\system32\ntoskrnl.exe
2016-09-30 15:20 . 2016-10-14 07:12        4000488        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2016-09-30 15:20 . 2016-10-14 07:12        3944680        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2016-09-16 19:42 . 2016-09-16 19:42        139720        ----a-w-        c:\windows\SysWow64\atiuxpag.dll
2016-09-16 19:42 . 2016-09-16 19:42        170072        ----a-w-        c:\windows\system32\atiuxp64.dll
2016-09-16 19:42 . 2016-09-16 19:42        7213248        ----a-w-        c:\windows\SysWow64\atiumdag.dll
2016-09-16 19:42 . 2016-09-16 19:42        8847888        ----a-w-        c:\windows\system32\atiumd64.dll
2016-09-16 19:42 . 2016-09-16 19:42        123776        ----a-w-        c:\windows\SysWow64\atiu9pag.dll
2016-09-16 19:42 . 2016-09-16 19:42        151056        ----a-w-        c:\windows\system32\atiu9p64.dll
2016-09-16 19:41 . 2016-09-16 19:41        275336        ----a-w-        c:\windows\system32\GameManager64.dll
2016-09-16 19:41 . 2016-09-16 19:41        240008        ----a-w-        c:\windows\SysWow64\GameManager32.dll
2016-09-16 19:41 . 2016-09-16 19:41        292744        ----a-w-        c:\windows\system32\dgtrayicon.exe
2016-09-16 19:41 . 2016-09-16 19:41        20360        ----a-w-        c:\windows\system32\detoured.dll
2016-09-16 19:41 . 2016-09-16 19:41        20360        ----a-w-        c:\windows\SysWow64\detoured.dll
2016-09-16 19:41 . 2016-09-16 19:41        286600        ----a-w-        c:\windows\system32\atitmm64.dll
2016-09-16 19:41 . 2016-09-16 19:41        110472        ----a-w-        c:\windows\system32\atimuixx.dll
2016-09-16 19:41 . 2016-09-16 19:41        518536        ----a-w-        c:\windows\system32\drivers\atikmpag.sys
2016-09-16 19:41 . 2016-09-16 19:41        107400        ----a-w-        c:\windows\SysWow64\atiglpxx.dll
2016-09-16 19:41 . 2016-09-16 19:41        107400        ----a-w-        c:\windows\system32\atiglpxx.dll
2016-09-16 19:41 . 2016-09-16 19:41        175496        ----a-w-        c:\windows\SysWow64\atigktxx.dll
2016-09-16 19:41 . 2016-09-16 19:41        201608        ----a-w-        c:\windows\system32\atig6txx.dll
2016-09-16 19:41 . 2016-09-16 19:41        122760        ----a-w-        c:\windows\system32\atig6pxx.dll
2016-09-16 19:41 . 2016-09-16 19:41        287112        ----a-w-        c:\windows\system32\atiesrxx.exe
2016-09-16 19:41 . 2016-09-16 19:41        523144        ----a-w-        c:\windows\system32\atieclxx.exe
2016-09-16 19:41 . 2016-09-16 19:41        230280        ----a-w-        c:\windows\system32\atieah64.exe
2016-09-16 19:41 . 2016-09-16 19:41        208264        ----a-w-        c:\windows\SysWow64\atieah32.exe
2016-09-16 19:41 . 2016-09-16 19:41        458632        ----a-w-        c:\windows\system32\atidemgy.dll
2016-09-16 19:41 . 2016-09-16 19:41        10936704        ----a-w-        c:\windows\system32\atidxx64.dll
2016-09-16 19:41 . 2016-09-16 19:41        78728        ----a-w-        c:\windows\system32\aticalrt64.dll
2016-09-16 19:41 . 2016-09-16 19:41        68488        ----a-w-        c:\windows\SysWow64\aticalrt.dll
2016-09-16 19:41 . 2016-09-16 19:41        9093504        ----a-w-        c:\windows\SysWow64\atidxx32.dll
2016-09-16 19:41 . 2016-09-16 19:41        9983912        ----a-w-        c:\windows\SysWow64\atiumdva.dll
2016-09-16 19:41 . 2016-09-16 19:41        15728008        ----a-w-        c:\windows\system32\aticaldd64.dll
2016-09-16 19:41 . 2016-09-16 19:41        1549272        ----a-w-        c:\windows\system32\aticfx64.dll
2016-09-16 19:40 . 2016-09-16 19:40        1272184        ----a-w-        c:\windows\SysWow64\aticfx32.dll
2016-09-16 19:40 . 2016-09-16 19:40        10981024        ----a-w-        c:\windows\system32\atiumd6a.dll
2016-09-16 19:40 . 2016-09-16 19:40        92328        ----a-w-        c:\windows\SysWow64\atimpc32.dll
2016-09-16 19:40 . 2016-09-16 19:40        92328        ----a-w-        c:\windows\SysWow64\amdpcom32.dll
2016-09-16 19:40 . 2016-09-16 19:40        14318984        ----a-w-        c:\windows\SysWow64\aticaldd.dll
2016-09-16 19:40 . 2016-09-16 19:40        109856        ----a-w-        c:\windows\system32\atimpc64.dll
2016-09-16 19:40 . 2016-09-16 19:40        109856        ----a-w-        c:\windows\system32\amdpcom64.dll
2016-09-16 19:40 . 2016-09-16 19:40        72072        ----a-w-        c:\windows\system32\aticalcl64.dll
2016-09-16 19:40 . 2016-09-16 19:40        65416        ----a-w-        c:\windows\SysWow64\aticalcl.dll
2016-09-16 19:40 . 2016-09-16 19:40        402312        ----a-w-        c:\windows\system32\atiapfxx.exe
2016-09-16 19:40 . 2016-09-16 19:40        141280        ----a-w-        c:\windows\system32\amdhcp64.dll
2016-09-16 19:40 . 2016-09-16 19:40        125288        ----a-w-        c:\windows\SysWow64\amdhcp32.dll
2016-09-16 19:40 . 2016-09-16 19:40        997768        ----a-w-        c:\windows\SysWow64\atiadlxy.dll
2016-09-16 19:40 . 2016-09-16 19:40        997768        ----a-w-        c:\windows\SysWow64\atiadlxx.dll
2016-09-16 19:40 . 2016-09-16 19:40        145400        ----a-w-        c:\windows\system32\amdave64.dll
2016-09-16 19:40 . 2016-09-16 19:40        1333128        ----a-w-        c:\windows\system32\atiadlxx.dll
2016-09-16 19:40 . 2016-09-16 19:40        129416        ----a-w-        c:\windows\system32\mantleaxl64.dll
2016-09-16 19:40 . 2016-09-16 19:40        59784        ----a-w-        c:\windows\system32\drivers\ati2erec.dll
2016-09-16 19:40 . 2016-09-16 19:40        124776        ----a-w-        c:\windows\SysWow64\amdave32.dll
2016-09-16 19:40 . 2016-09-16 19:40        108424        ----a-w-        c:\windows\SysWow64\mantleaxl32.dll
2016-09-16 19:40 . 2016-09-16 19:40        160136        ----a-w-        c:\windows\system32\mantle64.dll
2016-09-16 19:40 . 2016-09-16 19:40        135048        ----a-w-        c:\windows\SysWow64\mantle32.dll
2016-09-16 19:40 . 2016-09-16 19:40        349064        ----a-w-        c:\windows\system32\ATIODE.exe
2016-09-16 19:40 . 2016-09-16 19:40        67464        ----a-w-        c:\windows\system32\ATIODCLI.exe
2016-09-16 19:40 . 2016-09-16 19:40        136584        ----a-w-        c:\windows\system32\atisamu64.dll
2016-09-16 19:40 . 2016-09-16 19:40        117640        ----a-w-        c:\windows\SysWow64\atisamu32.dll
2016-09-16 19:40 . 2016-09-16 19:40        2445192        ----a-w-        c:\windows\system32\amfrt64.dll
2016-09-16 19:40 . 2016-09-16 19:40        2132872        ----a-w-        c:\windows\SysWow64\amfrt32.dll
2016-09-16 19:40 . 2016-09-16 19:40        248200        ----a-w-        c:\windows\system32\amdgfxinfo64.dll
2016-09-16 19:40 . 2016-09-16 19:40        9387400        ----a-w-        c:\windows\system32\amdvlk64.dll
2016-09-16 19:40 . 2016-09-16 19:40        221064        ----a-w-        c:\windows\SysWow64\amdgfxinfo32.dll
2016-09-16 19:40 . 2016-09-16 19:40        7571336        ----a-w-        c:\windows\SysWow64\amdvlk32.dll
2016-09-16 19:40 . 2016-09-16 19:40        305544        ----a-w-        c:\windows\system32\drivers\amdacpksd.sys
2016-09-16 19:40 . 2016-09-16 19:40        891272        ----a-w-        c:\windows\system32\coinst_16.40.dll
2016-09-16 19:40 . 2016-09-16 19:40        8741256        ----a-w-        c:\windows\system32\amdmantle64.dll
2016-09-16 19:40 . 2016-09-16 19:40        155016        ----a-w-        c:\windows\system32\amduve64.dll
2016-09-16 19:39 . 2016-09-16 19:39        134536        ----a-w-        c:\windows\SysWow64\amduve32.dll
2016-09-16 19:39 . 2016-09-16 19:39        7062920        ----a-w-        c:\windows\SysWow64\amdmantle32.dll
2016-09-16 19:39 . 2016-09-16 19:39        66952        ----a-w-        c:\windows\system32\amdmmcl6.dll
2016-09-16 19:39 . 2016-09-16 19:39        267656        ----a-w-        c:\windows\system32\hsa-thunk64.dll
2016-09-16 19:39 . 2016-09-16 19:39        749960        ----a-w-        c:\windows\system32\amdlvr64.dll
2016-09-16 19:39 . 2016-09-16 19:39        233352        ----a-w-        c:\windows\SysWow64\hsa-thunk.dll
2016-09-16 19:39 . 2016-09-16 19:39        269192        ----a-w-        c:\windows\system32\clinfo.exe
2016-09-16 19:39 . 2016-09-16 19:39        625032        ----a-w-        c:\windows\SysWow64\amdlvr32.dll
2016-09-16 19:39 . 2016-09-16 19:39        54664        ----a-w-        c:\windows\SysWow64\amdmmcl.dll
2016-09-16 19:39 . 2016-09-16 19:39        112520        ----a-w-        c:\windows\system32\OpenCL.dll
2016-09-16 19:39 . 2016-09-16 19:39        82824        ----a-w-        c:\windows\system32\amdmcl64.dll
2016-09-16 19:39 . 2016-09-16 19:39        66440        ----a-w-        c:\windows\SysWow64\amdmcl32.dll
2016-09-16 19:39 . 2016-09-16 19:39        103304        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2016-09-16 19:39 . 2016-09-16 19:39        48824200        ----a-w-        c:\windows\system32\amdocl64.dll
2016-09-16 19:39 . 2016-09-16 19:39        27489672        ----a-w-        c:\windows\system32\amdocl12cl64.dll
2016-09-16 19:39 . 2016-09-16 19:39        21640584        ----a-w-        c:\windows\SysWow64\amdocl12cl.dll
2016-09-16 19:38 . 2016-09-16 19:38        38268808        ----a-w-        c:\windows\SysWow64\amdocl.dll
2016-09-16 19:38 . 2016-09-16 19:38        27287944        ----a-w-        c:\windows\SysWow64\atioglxx.dll
2016-09-16 19:38 . 2016-09-16 19:38        33239432        ----a-w-        c:\windows\system32\atio6axx.dll
2016-09-16 19:37 . 2016-09-16 19:37        26550784        ----a-w-        c:\windows\system32\drivers\atikmdag.sys
2016-09-15 15:30 . 2016-10-14 07:12        976896        ----a-w-        c:\windows\system32\inetcomm.dll
2016-09-15 15:30 . 2016-10-14 07:12        84480        ----a-w-        c:\windows\system32\INETRES.dll
2016-09-15 15:15 . 2016-10-14 07:12        741888        ----a-w-        c:\windows\SysWow64\inetcomm.dll
2016-09-15 15:15 . 2016-10-14 07:12        84480        ----a-w-        c:\windows\SysWow64\INETRES.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"World of Warships"="k:\games\WOWS_PublicTest\WargamingGameUpdater.exe" [2016-11-07 3134216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
"GamingMouse"="c:\program files (x86)\Drakonia Configurator\hid.exe" [2013-10-29 248832]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter - Verknüpfung.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Privoxy.lnk - c:\program files (x86)\Privoxy\privoxy.exe [2011-12-27 359936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" --startup
.
R0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 BRSptStub;BitRaider Mini-Support Service Stub Loader;c:\programdata\BitRaider\BRSptStub.exe;c:\programdata\BitRaider\BRSptStub.exe [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 chip1click;chip 1-click download service;c:\program files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe;c:\program files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-02 11545192]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-08-30 1354712]
"StartCN"="c:\program files\AMD\CNext\CNext\RadeonSettings.exe" [2016-09-16 8027016]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
mStart Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Web-Suche - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\
FF - prefs.js: browser.search.selectedEngine - Bing Powered Search
FF - prefs.js: browser.startup.homepage - www.google.at
FF - prefs.js: keyword.URL - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Rockstar Games Social Club - c:\program files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
AddRemove-Slime Rancher0.2.4b - k:\games\Slime\uninstall.exe
AddRemove-Yahoo! SearchSet - c:\program files (x86)\Yahoo!\yset\{AA923BA4-7A7F-6E4B-B49F-93B543965920}\unset.exe
AddRemove-Crossfire 1.9 - k:\games\Freelancer Mod Manager\uninstall.exe
AddRemove-DG0-PlanetSide 2 - k:\games\PS2\Uninstaller.exe
AddRemove-DGC-PlanetSide 2 - k:\games\PS2\Uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\SecuROM\License information*]
"datasecu"=hex:dc,16,05,15,2f,b1,37,8f,51,0f,02,79,88,c2,cf,fd,dd,dc,7f,19,c9,
  b9,c0,b0,ef,b7,5e,8c,39,b4,aa,88,14,6e,9e,ca,78,5b,c6,6a,83,b0,96,7d,8d,4a,\
"rkeysecu"=hex:64,b6,bd,e1,3e,80,9e,c4,40,b4,90,83,87,8e,33,49
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2016-11-27  15:00:19
ComboFix-quarantined-files.txt  2016-11-27 14:00
.
Vor Suchlauf: 16 Verzeichnis(se), 123.243.560.960 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 123.575.955.456 Bytes frei
.
- - End Of File - - F248B412E6E18E592727B2195FBAA985
(Darf ich das Antivieren-Programm jetzt wieder aktivieren?)

M-K-D-B 28.11.2016 16:02
Servus,


du kannst dein AV-Programm immer aktivieren, nur nicht wenn Tools laufen (weil es sonst nur stört). :daumenhoc







Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Myrmix 28.11.2016 17:24
Habe alles so durchgeführt wie gewünscht war und bei MBAM und JRT den AV deaktiviert.
MBAM hat insgesamt 16 Dateien gefunden und 8 selbstständig ausgewählt. Ich habe dennoch alle 16 entfernen (Quarantäne) lassen, da es entweder Dateien sind, die ich nicht mehr brauche oder die mir unbekannt sind.

AdwCleaner:
Code:
# AdwCleaner v6.030 - Bericht erstellt am 28/11/2016 um 16:22:58
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-28.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Martin - MYRMIX
# Gestartet von : C:\Users\Martin\Desktop\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Martin\AppData\Local\28050
[-] Ordner gelöscht: C:\Users\Martin\AppData\Local\Hola
[-] Ordner gelöscht: C:\Users\Martin\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\Users\Martin\AppData\Roaming\Babylon
[-] Ordner gelöscht: C:\Users\Martin\AppData\Roaming\Media Finder
[-] Ordner gelöscht: C:\Users\Martin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
[-] Ordner gelöscht: C:\Users\Martin\AppData\Roaming\OpenCandy
[-] Ordner gelöscht: C:\ProgramData\Babylon
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Babylon
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
[-] Datei gelöscht: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\invalidprefs.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Prod.cap
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\APN PIP
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\BabylonToolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Hola
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\InstallCore
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\MediaFinder
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\SweetIM
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\UpToDown
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\csastats
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\APN PIP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\BabylonToolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Hola
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\InstallCore
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\MediaFinder
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\UpToDown
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Babylon
[-] Schlüssel gelöscht: HKLM\SOFTWARE\PIP
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SweetIM
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\APN PIP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\BabylonToolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Hola
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\InstallCore
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\MediaFinder
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\UpToDown
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\csastats
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\SweetIM
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "extensions.xpiState" -  "{\"app-profile\":{\"adbhelper@mozilla.org\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\adbhelper@mozilla.org\",\"e\":true,\"v\":\"0.9.0\",\"st\":1478203126949,\"mt\":1478203126537},\"cookiemgr@jayapal.com\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\cookiemgr@jayapal.com\",\"e\":true,\"v\":\"5.12\",\"st\":1456178632200,\"mt\":1456177354427},\"fxdevtools-adapters@mozilla.org\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\fxdevtools-adapters@mozilla.org\",\"e\":true,\"v\":\"0.3.5\",\"st\":1456265518401,\"mt\":1456265515811},\"jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack\",\"e\":false,\"v\":\"0.1.0\",\"st\":1385254904393,\"mt\":1385254904114},\"jid1-16aeif9OQIRKxA@jetpack\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\jid1-16aeif9OQIRKxA@jetpack.xpi\",\"e\":false,\"v\":\"1.1.4\",\"st\":1479507149594},\"jid1-cwbvBTE216jjpg@jetpack\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\jid1-cwbvBTE216jjpg@jetpack.xpi\",\"e\":false,\"v\":\"2.1.0.1-signed.1-signed\",\"st\":1461838801658},\"shumway@research.mozilla.org\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\shumway@research.mozilla.org\",\"e\":false,\"v\":\"0.11.617\",\"st\":1444942524779,\"mt\":1444942524577},\"{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi\",\"e\":true,\"v\":\"2.3.4\",\"st\":1476129358056},\"{73a6fe31-595d-460b-a920-fcc0f8843232}\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi\",\"e\":false,\"v\":\"2.9.5.1\",\"st\":1479854327980},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\a9urom3s.default-1384358611811\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"e\":true,\"v\":\"2.8.2\",\"st\":1479940727790}},\"app-system-defaults\":{\"aushelper@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1479429191774},\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.5\",\"st\":1479429191583},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.5\",\"st\":1479429191560},\"webcompat@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1479429191549}},\"app-system-user\":{\"gencrawler@some.com\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Extensions\\\\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\\\\gencrawler@some.com\",\"e\":false,\"v\":\"2.5\",\"st\":1331599059968,\"mt\":1331044702000}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"50.0\",\"st\":1479429191601}}}"
[-] Firefox Einstellungen bereinigt:


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [10992 Bytes] - [28/11/2016 16:22:58]
C:\AdwCleaner\AdwCleaner[S0].txt - [6862 Bytes] - [28/11/2016 16:20:22]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [11139 Bytes] ##########
MBAM:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 28.11.2016
Suchlaufzeit: 16:31
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.02.16.06
Rootkit-Datenbank: v2016.02.08.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Martin

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 398942
Abgelaufene Zeit: 13 Min., 15 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.Generalcrawler, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dednnpigldgdbpgcdpfppmlcnnbjciel, In Quarantäne, [353179e88c0d96a0280e8066fc07c23e],
PUP.Optional.MediaFinder, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lpmkgpnbiojfaoklbkpfneikocaobfai, In Quarantäne, [f571da879dfca88efe090be5f21117e9],

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.OptimizerPro, C:\Users\Martin\Documents\Optimizer Pro, In Quarantäne, [481e2e3398013ef89b0753a4de2531cf],
Ransom.Agent.FGen, C:\Users\Martin\AppData\Roaming\hellomoto, In Quarantäne, [1b4b95cc6237201666539baaee162ed2],

Dateien: 14
PUP.Optional.InstallCore, C:\Users\Martin\Siemens\Siemens_Logo_Font_Installer.exe, In Quarantäne, [5610e37ef9a078bec2eb53e62ad7ef11],
PUP.Optional.InstallCore, C:\Users\Martin\Siemens\Siemens_Sans_Black_Font_Installer.exe, In Quarantäne, [006629381a7f02343d700e2b46bb02fe],
PUP.Optional.InstallCore, C:\Users\Martin\Siemens\Siemens_Slab_Black_Font_Installer.exe, In Quarantäne, [5214d38ef0a91521357883b6639e51af],
PUP.Optional.SofTonic, C:\Users\Martin\Skyrim\SoftonicDownloader_fuer_skyrim-performance-mod.exe, In Quarantäne, [3135b4adc9d0290db207ec5020e142be],
PUP.Optional.OpenCandy, C:\Users\Martin\DAI\CheatEngine64.exe, In Quarantäne, [2343233e267372c4c86ec7145aa7ed13],
HackTool.CheatEngine, C:\Users\Martin\Downloads\DBX_V1.01trn11.zip, In Quarantäne, [5b0b590832678fa70fc3fa2ec63a31cf],
PUP.Optional.OpenCandy, C:\Users\Martin\Downloads\DTLite4451-0236.exe, In Quarantäne, [2145e87930695cda558ad62733d1bf41],
HackTool.GamesCheat.Gen, C:\Users\Martin\Downloads\ROTWK_Trainer.rar, In Quarantäne, [0f57530ec9d0043297fb54a39371b947],
PUP.Optional.ChipDigital, C:\Users\Martin\Downloads\Everest Home Edition - CHIP-Installer.exe, In Quarantäne, [c99dc79a3f5a4fe72ca1f2e0c63eaf51],
Backdoor.Bot, C:\Users\Martin\Downloads\Cheat Engine 5.1.rar, In Quarantäne, [0d5900610d8c81b504bcb65306fc916f],
PUP.Optional.SofTonic, C:\Users\Martin\MC\SoftonicDownloader_fuer_minecraft-skinedit.exe, In Quarantäne, [8cda263b7029f3430d5691a534cd06fa],
PUP.Optional.OptimizerPro, C:\Users\Martin\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [481e2e3398013ef89b0753a4de2531cf],
Ransom.Agent.FGen, C:\Users\Martin\AppData\Roaming\hellomoto\TujP.dat, In Quarantäne, [1b4b95cc6237201666539baaee162ed2],
Ransom.Agent.FGen, C:\Users\Martin\AppData\Roaming\hellomoto\BukF.dat, In Quarantäne, [1b4b95cc6237201666539baaee162ed2],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
FRST:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
durchgeführt von Martin (Administrator) auf MYRMIX (28-11-2016 17:09:24)
Gestartet von C:\Users\Martin\Desktop
Geladene Profile: Martin (Verfügbare Profile: Martin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Run: [World of Warships] => K:\Games\WOWS_PublicTest\WargamingGameUpdater.exe [3134216 2016-11-07] (Wargaming.net)
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk [2012-04-03]
ShortcutTarget: Privoxy.lnk -> C:\Program Files (x86)\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter - Verknüpfung.lnk [2012-04-01]
ShortcutTarget: Rainmeter - Verknüpfung.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{AE141692-DE9B-4CC3-93A4-62B71E738879}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> {A0C59A24-F50F-433C-928B-8235295514F4} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: a9urom3s.default-1384358611811
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 [2016-11-28]
FF NewTab: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> Bing Powered Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> Bing Powered Search
FF Homepage: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> www.google.at
FF Keyword.URL: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> user_pref("keyword.URL", true);
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ftp", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.socks", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ssl", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ssl_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ftp", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> http", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> http_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> socks", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ssl", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ssl_port", 8080
FF Extension: (ADB Helper) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\adbhelper@mozilla.org [2016-11-03]
FF Extension: (Advanced Cookie Manager) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\cookiemgr@jayapal.com [2016-02-22]
FF Extension: (Valence) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\fxdevtools-adapters@mozilla.org [2016-02-23]
FF Extension: (ExHentai Easy) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2013-11-24] [ist nicht signiert]
FF Extension: (YouTube Center) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2016-04-28]
FF Extension: (Shumway) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\shumway@research.mozilla.org [2015-10-15] [ist nicht signiert]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-10-10]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-11-22]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1031562343-2424694273-2990312000-1000: @hola.org/vlc,version=1.8.649 -> C:\Users\Martin\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Plugin HKU\S-1-5-21-1031562343-2424694273-2990312000-1000: @my.com/Games -> C:\Users\Martin\AppData\Local\MyComGames\NPMyComDetector.dll [2016-06-11] (MY.COM B.V.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-21] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-02] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-07-19] (BitRaider, LLC)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
S3 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-08-08] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-27] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-31] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-27] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S0 mv91xx; system32\DRIVERS\mv91xx.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-28 17:09 - 2016-11-28 17:10 - 00017394 _____ C:\Users\Martin\Desktop\FRST.txt
2016-11-28 17:00 - 2016-11-28 17:00 - 00131659 _____ C:\Users\Martin\Desktop\JRT.txt
2016-11-28 16:57 - 2016-11-28 16:57 - 01631928 _____ (Malwarebytes) C:\Users\Martin\Desktop\JRT.exe
2016-11-28 16:55 - 2016-11-28 16:55 - 00003516 _____ C:\Users\Martin\Desktop\mbam.txt
2016-11-28 16:30 - 2016-11-28 16:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-28 16:30 - 2016-11-28 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-28 16:30 - 2016-11-28 16:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-28 16:30 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-28 16:30 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-28 16:29 - 2016-11-28 16:29 - 22851472 _____ (Malwarebytes ) C:\Users\Martin\Desktop\mbam-setup-2.2.1.1043.exe
2016-11-28 16:18 - 2016-11-28 16:22 - 00000000 ____D C:\AdwCleaner
2016-11-28 16:14 - 2016-11-28 16:14 - 03910208 _____ C:\Users\Martin\Desktop\AdwCleaner_6.030.exe
2016-11-27 20:36 - 2016-11-27 20:36 - 00276696 _____ C:\Windows\Minidump\112716-17487-01.dmp
2016-11-27 15:00 - 2016-11-27 15:00 - 00026564 _____ C:\ComboFix.txt
2016-11-27 14:48 - 2016-11-27 15:00 - 00000000 ____D C:\Qoobox
2016-11-27 14:48 - 2016-11-27 14:59 - 00000000 ____D C:\Windows\erdnt
2016-11-27 14:48 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-11-27 14:48 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-11-27 14:48 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-11-27 14:46 - 2016-11-27 14:46 - 05659307 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2016-11-26 11:52 - 2016-11-28 17:07 - 00000000 ____D C:\Users\Martin\rootkit
2016-11-26 11:51 - 2016-11-26 11:55 - 00063263 _____ C:\Users\Martin\Downloads\Addition.txt
2016-11-26 11:50 - 2016-11-26 11:56 - 00027727 _____ C:\Users\Martin\Downloads\FRST.txt
2016-11-26 11:48 - 2016-11-28 17:09 - 00000000 ____D C:\FRST
2016-11-26 11:44 - 2016-11-26 11:44 - 02412032 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-11-26 11:20 - 2016-11-26 11:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martin\Downloads\HijackThis.exe
2016-11-20 19:17 - 2016-11-20 19:45 - 00000890 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-11-20 19:17 - 2016-11-20 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-11-20 19:16 - 2016-11-20 19:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-11-20 19:15 - 2016-11-20 19:15 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-11-20 18:45 - 2016-11-22 14:13 - 00000000 ____D C:\Users\Martin\FALL4mods
2016-11-18 17:22 - 2016-11-18 17:22 - 00276696 _____ C:\Windows\Minidump\111816-21699-01.dmp
2016-11-18 01:57 - 2016-11-28 17:07 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2016-11-18 01:33 - 2016-11-18 09:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-11 14:05 - 2016-11-11 14:05 - 00000781 _____ C:\Users\Public\Desktop\WOWS_PublicTest.lnk
2016-11-10 22:06 - 2016-11-11 13:38 - 03186048 _____ (Wargaming ) C:\Users\Martin\Downloads\WoWS_PublicTest.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-28 17:00 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-28 17:00 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-28 16:56 - 2010-11-21 07:50 - 00713806 _____ C:\Windows\system32\perfh007.dat
2016-11-28 16:56 - 2010-11-21 07:50 - 00153922 _____ C:\Windows\system32\perfc007.dat
2016-11-28 16:56 - 2009-07-14 06:13 - 01648056 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-28 16:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-28 16:51 - 2016-08-05 12:03 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-11-28 16:51 - 2015-02-19 19:26 - 00000000 ____D C:\Users\Martin\DAI
2016-11-28 16:51 - 2014-04-01 15:41 - 00000000 ____D C:\Users\Martin\Siemens
2016-11-28 16:51 - 2013-04-18 10:33 - 00000000 ____D C:\Users\Martin\MC
2016-11-28 16:51 - 2012-05-12 09:53 - 00000000 ____D C:\Users\Martin\Skyrim
2016-11-28 16:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-28 16:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SchCache
2016-11-28 16:30 - 2012-04-20 09:49 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-28 16:30 - 2012-04-20 09:49 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Malwarebytes
2016-11-28 16:30 - 2012-04-20 09:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-28 14:34 - 2011-11-15 21:03 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Temp
2016-11-27 22:39 - 2011-12-19 22:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\TS3Client
2016-11-27 20:36 - 2016-08-06 11:05 - 673605975 _____ C:\Windows\MEMORY.DMP
2016-11-27 20:36 - 2012-08-15 14:01 - 00000000 ____D C:\Windows\Minidump
2016-11-27 15:00 - 2012-01-17 16:42 - 00000000 ____D C:\Users\Martin\AppData\Local\Apps\2.0
2016-11-27 14:58 - 2011-11-15 16:52 - 00000000 ____D C:\Users\Martin
2016-11-27 14:58 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-11-26 11:44 - 2013-07-28 12:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-26 11:44 - 2011-11-15 21:17 - 00000000 ____D C:\Program Files (x86)\JDownloader
2016-11-26 11:43 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-26 02:49 - 2016-08-18 19:08 - 00000000 ____D C:\Users\Martin\AppData\Local\JDownloader v2.0
2016-11-25 19:17 - 2012-07-14 13:43 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2016-11-21 20:07 - 2015-08-11 22:48 - 00000000 ___RD C:\Users\Martin\wows
2016-11-21 16:36 - 2015-10-29 13:29 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2016-11-20 20:07 - 2012-04-25 16:00 - 00218112 ___SH C:\Users\Martin\Thumbs.db
2016-11-20 19:45 - 2015-11-11 12:42 - 00000000 ____D C:\Users\Martin\AppData\Local\Fallout4
2016-11-20 19:17 - 2012-01-07 19:18 - 00000000 ____D C:\Users\Martin\Documents\Nexus Mod Manager
2016-11-20 19:17 - 2012-01-07 19:18 - 00000000 ____D C:\Users\Martin\AppData\Local\Black_Tree_Gaming
2016-11-20 19:15 - 2016-02-12 14:34 - 00000000 ____D C:\Users\Martin\AppData\Local\Downloaded Installations
2016-11-18 09:37 - 2012-04-25 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-12 18:59 - 2015-12-18 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-11-11 14:05 - 2012-07-28 22:00 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-11-11 14:05 - 2011-11-21 16:17 - 00000000 ____D C:\Games
2016-11-08 10:42 - 2014-02-20 16:15 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 10:42 - 2014-02-20 16:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 10:42 - 2011-11-16 20:36 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2016-11-08 10:42 - 2011-11-15 18:31 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 10:42 - 2011-11-15 18:31 - 00000000 ____D C:\Windows\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-15 14:05 - 2016-05-02 18:56 - 0000132 _____ () C:\Users\Martin\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-09-15 15:59 - 2015-09-15 15:59 - 0006682 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2012-05-11 13:46 - 2012-05-11 18:13 - 0007596 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2014-10-27 10:08 - 2014-10-27 10:08 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Martin\Drakonia Configurator.exe
C:\Users\Martin\dscaler4115.exe
C:\Users\Martin\jre-7u40-windows-x64.exe
C:\Users\Martin\Steam-reg.reg


Einige Dateien in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\libeay32.dll
C:\Users\Martin\AppData\Local\Temp\msvcr120.dll
C:\Users\Martin\AppData\Local\Temp\sqlite3.dll
C:\Users\Martin\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-27 13:47

==================== Ende von FRST.txt ============================
Addition:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Martin (28-11-2016 17:10:42)
Gestartet von C:\Users\Martin\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-11-15 15:52:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1031562343-2424694273-2990312000-500 - Administrator - Disabled)
Gast (S-1-5-21-1031562343-2424694273-2990312000-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1031562343-2424694273-2990312000-1002 - Limited - Enabled)
Martin (S-1-5-21-1031562343-2424694273-2990312000-1000 - Administrator - Enabled) => C:\Users\Martin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version:  - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Armored Warfare MyCom (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Armored Warfare MyCom) (Version: 1.62 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
AutoIt v3.3.8.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bing Powered Search (HKLM-x32\...\BingPoweredSearch) (Version:  - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
CPUID HWMonitor 1.22 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crossfire 2.0 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Crossfire 2.0) (Version: 2.00.00.00 - SWAT-Portal)
Curse Client (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Sten) (Version:  - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Wynne) (Version:  - )
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
FAM 1.0.0.0 (HKLM-x32\...\FAM) (Version: 1.0.0.0 - Korrd)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free CBR Reader (HKLM-x32\...\{B9240DAE-EFA1-4A0E-824F-17B3F99194F8}) (Version: 1.0.0 - Free Picture Solutions)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version:  - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
gmax (HKLM-x32\...\{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}) (Version: 4.4.0.125 - Discreet)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GUILD WARS (HKLM-x32\...\Guild Wars) (Version:  - )
HardCMP v1.0.0.23 (HKLM-x32\...\HardCMP_is1) (Version: 1.0.0.23 - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 3D 1.5.1 (HKLM-x32\...\{32A9C5B3-D166-4C6D-A11E-A54473151000}) (Version: 1.5.1 - Sun Microsystems, Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minion (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 de)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.3 (HKLM-x32\...\{C3E9887A-23BA-4777-8080-191A5AFCAB74}) (Version: 1.2.3 - Thorvald Natvig)
My.com Game Center (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\MyComGames) (Version: 3.162 - My.com B.V.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.9 - Black Tree Gaming)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OMC ModPack Client Version 1.1.11.6 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.1.11.6 - Odem Mortis)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Parsec (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\a53dc3b81e52c50e) (Version: 1.0.0.42 - Parsec)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
paw·ned‹4›2 – Die Antwort auf alle Buildfragen (HKLM-x32\...\pawned42) (Version:  - JN-GAMES Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Pdfedit (HKLM-x32\...\{6C11089A-E23F-4E9B-B12C-316BF1A4376B}) (Version: 4.5.0.0 - PdfEdit team)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.6 - )
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version:  - )
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.2 r1116 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Slime Rancher (HKLM-x32\...\Slime Rancher0.2.4b) (Version: 0.2.4b - TheRaven1)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - Keen Software House)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
sTabLauncher (HKLM-x32\...\{9E5A4758-0189-419B-A6ED-FE4CBD255F05}) (Version: 2.2.3 - Sergio Santos)
Star Citizen Launcher (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War Thunder Launcher 1.0.1.386 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WindowsAndroid version 4.0.3 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{7E07052F-A4CE-4932-B066-B9203888439F}_is1) (Version: 4.0.3 - SocketeQ, Inc.)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Warships (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
YACReader 8.5.0 (HKLM-x32\...\YACReader_is1) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{06d45639-4c61-4cab-be15-52f5e6e72d31}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{27e52464-33a3-42ab-a482-c84fab56362a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{4e9b62d8-f542-423b-8e8e-2007daeac423}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{7acd7f3b-8bb8-430f-8499-dd8077c7af97}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{7d430c4d-1b80-464c-8f5d-2d99d4ff9c85}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{8059b7ca-030b-489d-b211-5b961893bedf}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{b8be70ea-432e-4a55-ba5c-a83cd1e376b6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{b9540fcf-2d9b-4e81-8557-2c9592685a9a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{e26b586f-8643-46af-a2fc-bc81c5389766}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{e85372c0-2724-41f4-a715-0806ee361bb0}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1A6475D2-A64E-4899-8D82-B7A306F8C911} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {305492CB-4722-4BA3-BF71-A11429E75A10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {35419A1B-98CE-4D48-91FD-1FBF82A10B24} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-16] (Advanced Micro Devices, Inc.)
Task: {AAE2BC6B-1119-4222-B6C7-017DDD173F9B} - System32\Tasks\{652BC46E-1D96-4931-B893-AE3A21457C8E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/eula
Task: {B3F91BB8-7CC1-4BE6-B368-4204269BAFB6} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {DE94F380-FC6D-4FCB-A615-8AB3EA0AAF16} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {EF75F260-60A6-4F74-882C-2A4CF98BD56F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-11-24 20:35 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-03-22 17:18 - 2015-08-08 17:04 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2016-10-16 11:54 - 2016-10-16 11:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f91bd970f20123a46b575cf6e92bc441\IsdiInterop.ni.dll
2011-11-15 17:06 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-11-27 14:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\Drakonia Configurator\hid.exe
MSCONFIG\startupreg: Remote Control Editor => "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe"
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RGSC => K:\Games\GTA4\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DA14B3E4-1977-4874-9BC8-8D78BDEFA0FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D45D251F-9F78-419B-B3FB-CC129056CC7C}C:\games\call of duty black ops\blackops.exe] => (Block) C:\games\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{115987AB-3EE6-42AB-81E0-B6C843F4B95B}C:\games\call of duty black ops\blackops.exe] => (Block) C:\games\call of duty black ops\blackops.exe
FirewallRules: [{D023DD3D-B9E3-4FD4-A706-20EA6612D3D3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{10F598B7-6248-4641-A32C-7B8FAAB3B384}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{15CF0E2B-A339-4B42-99D5-37CA542D4ABD}K:\games\gw2\gw2.exe] => (Allow) K:\games\gw2\gw2.exe
FirewallRules: [UDP Query User{32719093-8BD2-44A4-856C-49B1EA2D33BE}K:\games\gw2\gw2.exe] => (Allow) K:\games\gw2\gw2.exe
FirewallRules: [{254B1476-B09C-4F89-A9F6-82A0F56FD0B5}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{D5872796-7876-49F7-A2D8-8FF6D5A53523}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{CA94F41A-DD1B-4A72-86DE-1032FE2B366D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6FD7189D-1EBA-47A4-A5EB-BF06EC520BBC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DBFEB9BB-2B08-494C-8C03-EE196D5B1F96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B0ECFFA5-FCEA-4F5E-BDB7-F52E27F0C431}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2D37DAE8-DD97-4929-8CD2-F5A8E96A2A74}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{14E6B066-CB4B-4F42-8C65-A30BD8CB40EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B5E570ED-F1A3-4F9D-B837-FF53434C629B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{32EF9C71-C0A9-4FC5-9335-654F2485208E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{95F75607-BD3A-4130-849D-35460CDFFF67}] => (Allow) LPort=80
FirewallRules: [{D5CA12CD-BD78-4A0D-8C42-96AC5B89A8DB}] => (Allow) LPort=443
FirewallRules: [{6971AD85-B1AE-4DFB-B505-CA0FBA19DF34}] => (Allow) LPort=20010
FirewallRules: [{A0FD53BC-5301-453D-9458-D8690DA6BB3A}] => (Allow) LPort=3478
FirewallRules: [{C9B4DDF2-352C-4876-9231-4759D64BD32A}] => (Allow) LPort=7850
FirewallRules: [{6BE2B612-FEC8-44EA-8511-E6821D6D8B95}] => (Allow) LPort=7852
FirewallRules: [{126E1A5D-D8E5-4B2E-A48C-35CF5EE98F8C}] => (Allow) LPort=7853
FirewallRules: [{01208F69-21AE-4235-B5EF-F23299D59698}] => (Allow) LPort=27022
FirewallRules: [{9406B5A7-ED28-45B9-9945-DB2D0112F1B1}] => (Allow) LPort=6881
FirewallRules: [{A30E663C-AF63-402A-961B-4FAB7B8F6295}] => (Allow) LPort=33333
FirewallRules: [{F8B8FA6D-E5C6-4F82-9F61-EEF5831AB045}] => (Allow) LPort=20443
FirewallRules: [{197DC96A-400A-4B7F-BF17-096C617FDC52}] => (Allow) LPort=8090
FirewallRules: [{315A91A7-50CD-4AA0-9DA4-7B3EA5AF4E41}] => (Allow) LPort=50248
FirewallRules: [{647CF977-885E-487B-AECF-0D0BCFE394FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BFF7822D-29BB-435E-B0CC-E6FB6386D6B7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{825E3A0C-7CD9-49C1-92FF-AA0B7A0D6256}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{9B1D214A-2E86-412E-9A37-508D956B75C1}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{19C193B3-0E36-4FC9-B776-EF594F2E06D7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CCFA21AF-6946-4394-9393-A7914C1EAB6A}] => (Allow) LPort=2869
FirewallRules: [{69AD3371-0624-45F5-B3F4-EDF4EB7B9AEA}] => (Allow) LPort=1900
FirewallRules: [{24E4719D-875C-4164-92CD-2358293AF128}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{65BDC62F-A6D0-4638-B54B-1A5E9635D7D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{17401A7C-6DB7-40CD-8447-D6B647F506C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4DD8C035-CD15-442C-BCBB-FDC26E1DE05D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{377EDF59-81A6-4C6E-9217-72E77BF00BAC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{E0998469-C626-45BA-9023-75797B0D51F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F4B02B17-DF19-4690-B6A3-67F46E14107D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7FE67A19-1C7C-47AF-886D-E639BF16019C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{897D2F00-3723-4C6C-B2E3-F9E10B22A695}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E63EFA4F-52DD-4E50-98F4-C64486DE5FFA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C5BA1463-92BA-436F-AC64-9C92FFF45D03}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2630B555-48AF-4038-B00E-B7D7FE02BF8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{32C8E90C-6216-433E-9875-8ACACA120F19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{AE408CFD-9E72-4673-9B80-C0E60015DBE4}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{99AC8BD9-AAB7-4808-A04F-F57E9C213FDD}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{08AD94ED-4C34-474D-A3E2-63105AB508F1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8BA530C5-C118-43C2-BA5F-846FEBCC7E1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E05AE212-44BA-4CA4-BCB3-06BDF2683ADA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D230EB6-8F4E-46C7-A4EF-DA3C02267FE5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{05FF1BE1-D9EA-4086-BAF0-54F754F95969}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{62F7182C-FD69-434C-8A3A-2C2BF7AE516A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{5EAD725D-4F20-4D72-8883-11872479E347}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9A3D1993-D693-465A-A1CD-CE941E320268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{ABE41180-295F-42A5-97F5-96096DE702EF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{692AD4BF-5BA0-414C-9421-6D95E92989C5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6E847FBB-0774-4493-A233-2174541C47DE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{FE1762B0-077E-4E00-BF76-23E75A326709}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1A163A24-C1B9-43BE-9A54-BD8DC369BE08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D3C4E0A4-631F-494A-BF04-4442AF1A7E45}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{189D7710-D8B9-4F62-9A90-D41D995B9F6C}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{6711ABB2-D72E-4416-B773-CD004256953C}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{96861C9B-1464-4C4C-B036-84D8033746A3}K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{F0C2660F-3934-4181-8948-81663C7B4FAB}K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{F1E2D9C4-30A9-44DC-9BB6-E63650A9A8CB}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{F7AB5B48-81C1-4362-9BB9-3785D2587A4A}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{94D18C8F-86D3-4AC4-98A3-2145FE0C6DCE}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{732EAB2F-453C-4DF1-9872-F7CBAD021540}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{A56EEAA9-67C5-4219-87F8-9BDE6D1AF9C6}K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{705B4100-C489-4C32-8B09-0449A4B51187}K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [{BD12A005-5430-4622-9F42-99B38B26F5F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{033717DE-391B-4088-95DF-E6BE2102BD1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{107DFFE1-EC96-4538-90EB-483687386B28}K:\games\wows_publictest\wowslauncher.exe] => (Allow) K:\games\wows_publictest\wowslauncher.exe
FirewallRules: [UDP Query User{98C38A1F-A0D5-4A4A-AFB4-85EBEA8AA13B}K:\games\wows_publictest\wowslauncher.exe] => (Allow) K:\games\wows_publictest\wowslauncher.exe
FirewallRules: [{2B51E7DB-C122-42CD-BBE0-4AE609DC6D32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{BB518C50-7E28-4A63-A098-742922983C7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{A6035418-4970-479E-9EA4-85749B68085E}] => (Allow) K:\Games\ESTU\Launcher\GameConsultant.exe
FirewallRules: [{1F20723E-7CE5-464E-8542-72EC791C4AC8}] => (Allow) K:\Games\ESTU\Launcher\Bethesda.net_Launcher.exe
FirewallRules: [TCP Query User{D4FDF617-63A5-46BE-A60E-960B2E4F1E2E}K:\games\warship\wowslauncher.exe] => (Allow) K:\games\warship\wowslauncher.exe
FirewallRules: [UDP Query User{D7E165A1-902B-4F4B-B2A9-D3AD6A00AD50}K:\games\warship\wowslauncher.exe] => (Allow) K:\games\warship\wowslauncher.exe
FirewallRules: [{D627856E-3ACF-4865-AFEA-ACF0EFFADBC0}] => (Allow) K:\Games\WT\WarThunder\launcher.exe
FirewallRules: [{C0806AFA-854B-4D6A-B5E6-96548D732351}] => (Allow) K:\Games\WT\WarThunder\launcher.exe
FirewallRules: [{A3F76B1A-5757-4FAF-9B82-9C9E68966F07}] => (Allow) K:\Games\WT\WarThunder\aces.exe
FirewallRules: [{D7BF61B9-24DB-47C1-AD5A-A1CC0346C734}] => (Allow) K:\Games\WT\WarThunder\aces.exe
FirewallRules: [TCP Query User{2FD75038-0456-428B-8104-7BBDAB2E2D71}K:\games\wt\warthunder\win64\aces.exe] => (Allow) K:\games\wt\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{A82A83EA-8EB2-4583-B15C-60CEEA771357}K:\games\wt\warthunder\win64\aces.exe] => (Allow) K:\games\wt\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{F905E323-B4DF-4C40-9231-941118005F79}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{3B08B716-9064-4E1C-B210-D840F0041E08}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{E60A25E8-D512-4DEF-998C-C98D84AF8B5A}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [UDP Query User{6C728D7F-4FB7-44B4-ACA6-00ECAEBA1BBD}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [TCP Query User{F0570CD4-A0DD-4F17-A6D8-EF1564F8BF3D}C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [UDP Query User{A38A26FB-4783-48AC-A954-8934A8A6B9E0}C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [{9455FA43-B14A-4CA0-8904-3CC6F639720B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F153E4D7-8DD4-4D5B-80E8-087C75626B6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [TCP Query User{491CFD22-984D-4134-8D92-A3F1F5B6F4A5}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{99640C1F-820D-42F7-BEE2-EE224A842DCB}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{D25E39C0-0429-4FA7-B241-549A93469372}] => (Allow) C:\Games\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{04239541-694A-4378-8948-1C13D266D278}] => (Allow) C:\Games\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{68A16BAF-1A67-478C-AA18-8C42C3613E2F}] => (Allow) C:\Games\WOWS_PublicTest\worldofwarships.exe
FirewallRules: [{C934DB75-C881-48FF-919A-C1E86685AFCF}] => (Allow) C:\Games\WOWS_PublicTest\worldofwarships.exe

==================== Wiederherstellungspunkte =========================

16-11-2016 10:18:26 Windows Update
18-11-2016 15:28:11 DirectX wurde installiert
24-11-2016 13:22:52 Windows Update
27-11-2016 00:28:35 DirectX wurde installiert
28-11-2016 16:58:19 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/28/2016 05:07:39 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (11/28/2016 04:59:00 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (11/28/2016 04:53:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/28/2016 04:26:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/28/2016 12:24:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/27/2016 08:54:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/27/2016 08:38:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/27/2016 11:08:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/26/2016 11:06:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/26/2016 11:01:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23543, Zeitstempel: 0x57d2fde1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000019c59
ID des fehlerhaften Prozesses: 0x314
Startzeit der fehlerhaften Anwendung: 0x01d247c350ff0acd
Pfad der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 5687ee9c-b3bf-11e6-9641-5404a66b46f9


Systemfehler:
=============
Error: (11/28/2016 04:52:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mv91xx

Error: (11/28/2016 04:52:02 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/28/2016 04:52:02 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/28/2016 04:51:05 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.233.501.0

        Aktualisierungsquelle: Microsoft Update Server

        Aktualisierungsphase: Suchen

        Quellpfad: hxxp://www.microsoft.com

        Signaturtyp: AntiVirus

        Aktualisierungstyp: Vollständig

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion:

        Vorherige Modulversion: 1.1.13303.0

        Fehlercode: 0x8024001e

        Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

Error: (11/28/2016 04:24:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mv91xx

Error: (11/28/2016 04:24:51 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/28/2016 04:24:51 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/28/2016 04:20:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/28/2016 04:20:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/28/2016 04:20:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-11-27 14:58:08.488
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-27 14:58:08.426
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-16 20:00:39.437
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-16 20:00:39.367
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 21:57:34.851
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 21:57:34.774
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.833
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Martin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.785
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Martin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.719
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.672
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8168.77 MB
Verfügbarer physikalischer RAM: 5868.38 MB
Summe virtueller Speicher: 16335.71 MB
Verfügbarer virtueller Speicher: 13931.24 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:491.96 GB) (Free:117.33 GB) NTFS
Drive k: (Volume) (Fixed) (Total:439.45 GB) (Free:197.82 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D7E7020)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=492 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Myrmix 28.11.2016 17:26
Und noch das JRT, weils so groß war:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Professional x64
Ran by Martin (Administrator) on 28.11.2016 at 16:58:16,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1212

Successfully deleted: C:\Users\Martin\AppData\Local\{000B31CB-C31C-4FC5-BCFD-485B525DBA9A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0034C181-8315-4D1B-829B-710719F224EB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{007D005E-CC65-4E8B-B656-BB13FAAC9834} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{00A7D233-58AA-414A-AF40-26B8A1769217} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{00AC60F5-E67D-42F3-9300-73345E83F6BC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{013BDD48-42D9-4F95-BADD-BA485ACB4C57} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0153CCE7-EE12-4BF8-9E6D-7810147E4ACB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{018B549D-5966-4618-94A8-580AC7E0892D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{01B28C2A-AF35-4907-8F68-592D56DCB5C7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{01BF3E92-3252-49DC-944C-62CE103EB5D9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{02409382-4504-4BD6-ADF1-6013854849A9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{02695631-2CA4-4C87-BDDA-001903036D87} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{02C0E17B-3270-4A5E-BD67-3BB376732B04} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{031D310A-C7BE-450E-AE14-E816A6D6FA6E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0346DBED-B490-4AF1-A598-1957B6151D8F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0352C47C-8DF9-4731-8CAC-F484D1682513} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{03B77682-61F1-470F-AA1C-AF44A3BB38A3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{03D9BCCA-2C8E-436B-BE9A-8609E6886653} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{04396C4B-0AAB-4714-82DB-C44112A2AEB4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{04751BE8-C34C-4EEE-8BED-032C0907E036} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{04A5234A-A52A-4590-AF59-234A7D3072AB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{04DB7676-350E-4A88-B4E1-C90E6E15E688} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{04E1C26E-555D-4AAA-8E77-4F0FE308B2D2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{04F5918E-5738-4756-8D44-CDE5709098AF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{050C8364-9B9A-46BB-8A6D-E7E3D3646510} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{057E861A-F8DA-4C59-956B-D634097773E0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0589F8F2-84B5-4331-9584-5888A5D89F7C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{05A5D3F6-1082-46B2-81C4-4BF724A0CCBC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{066214F6-0994-4526-B74A-7F22B2C84E24} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{067C345D-A92D-428B-A221-15A3E8F0687B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{06CDAAA3-1EE0-4846-9219-4E1A08DE063B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{06E2B93B-C7A6-4032-A152-625AC44FF718} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{07841DC1-B615-4C0C-A5B4-9ACF289C19EA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{07E33DB9-DA5D-4972-8D0E-4CA6939120CD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{07ECA4C6-B0EB-47DD-81B9-FEB2C260F327} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{07F74123-28BA-48D8-81D6-C59D300F92A8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0845F36B-9791-4E56-96F4-99F6F429FBBF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{089126EA-3755-433F-954D-26BA40FC941B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{08996A25-7C5F-412E-B09F-CCECBE25193C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{08BD4DB6-353F-4E39-B7C8-E05F1B853FC7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{08C618D2-8C85-443C-8727-FA802B396DAF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{09154FA7-5E27-4932-92C6-117026D24C87} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{094FB62E-AEDF-4CCF-BC18-F7666A319BCD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0A41AF11-A733-4C57-8B38-301DD25AEBA2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0AB91D9F-9C5E-49A6-80B2-894C835B8894} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0B861FD7-B28F-40CE-9449-9026855AD342} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0D567F19-0CDA-4F97-87E2-3B05E92FAB33} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0DA6BE17-2C45-48B6-89F4-5D703B648ADB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0E31E19C-B6D6-4EE2-BC5C-26D097B56DB8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0E384122-802C-438A-8BD4-8D1C1C7663D2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0E3C6A82-71C0-4D64-A50D-7705CFDDBA7B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0E557971-2CF3-4D2C-B9B3-5A76AAF690AB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0EB6EDEA-7C1A-4739-AACB-3B7A5893055E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0F24A565-A4FD-4BE9-8096-F8D4ADA73764} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0F6FF062-BFFA-415F-AA23-B7D1A5654B7E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0F8A030E-E853-4C2D-81E5-DC2499BDF27A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0F94A1EF-24F9-44E4-A049-E2C53843547E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{0FE03E40-4DA9-4D18-9181-4A94AA5ED637} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{104950BE-312C-4EB8-A90F-132F5F7ECD5B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{10903EB1-1BD3-4C7D-A8EF-87254CAD66F2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{10A11DB8-4040-4131-A4FE-42CD3905304F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1128881F-4AE0-4514-A38D-8D59BA7CBB3D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1135A18D-0867-4F33-8D61-19E55D94A07E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1138FEF2-BA2C-4B15-8CEF-3DC332C3039E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1139332D-E034-40FA-B628-B453297873C0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1186923D-F156-4146-A753-3DF0B83D1A83} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{11BAD7FC-DAF1-49E4-80E1-58DA4931E64A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{11D48B19-332F-49CB-A054-22538DD51F88} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{11D4DEB1-2AA5-4386-AA97-EF1CF388008E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1223E6F9-77AB-4159-A8DC-D8BB08AA30A6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{12578B9E-FF3B-45CE-A763-50ACDF711C01} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{129A28C1-DB74-4D64-B9BF-B289225EB934} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{12FEE215-C7AE-4AFB-A4C3-749FAD130679} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{134122C0-E7C0-48EC-883C-067B2935114F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1345AD79-1000-4FA7-946C-B52FF8D8EA4A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1364125C-41C0-43A5-A529-F2851A485B84} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{136AAF26-5ADC-4901-8F07-150D6B253531} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1412BD2C-8ED4-409F-971B-3EF250C9FB83} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1457110C-80C5-408F-A6DC-0BB3AB1453A0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{14DBE96C-CC40-43F1-9E83-0E4E9CBF24E4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{152C7A88-7BC7-4AEC-83EC-1D2DE282C892} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{15D9CA3E-328E-4209-B3F5-F1F2917AACE2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{15EDF657-FC9B-4CA8-95A8-BD4D5E1436C5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{15F0C3E7-A84A-4D8A-898E-D1D3A72921CC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{161CE0FF-5A34-44F5-B1BB-A620CE11407A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{163C1760-CBC0-484E-8EC6-AF9E5B376536} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{16B991D3-336C-498E-BCAA-69AD5FC4ABD0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1737E6B2-54D6-42A8-8B2B-86260445E817} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{17656F3D-EA04-4BDD-9327-F64530D10F97} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{17663F30-89D3-46B1-9351-231B014FEBE5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{17E3F93D-5683-46C1-86F5-4260804129E3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{18758855-AF0A-4F6D-B542-A3F22B4A052E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{18A12AF2-2B7F-40F6-802F-2B304B564321} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{18B8F0AF-D7FF-4637-841A-975955A40BA7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{18C7C19E-21D3-4418-8F34-3D9DA0157D60} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{18D01CEB-6C86-4236-9DC1-CBBC6F77EC2B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{18E70338-01EC-4715-845A-00CE65CF3117} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{196200D5-0CC0-414E-99A5-7E89A8253CD2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{19E95C3A-1279-4C24-AC78-B4F8483F31D5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1A2670B8-A6CB-41D4-A7A2-5D8DC62FA55D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1AB3BD79-1546-43A9-8709-321C46336225} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1ACB2B4A-B71D-4084-9DE4-2B097B5F7AE5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1AD2FA6E-1F59-485A-8FB7-D39A1981F654} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1ADB5AAF-AE1C-49F5-A05B-88198E736260} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1B13E5BF-2DE9-4421-B9B9-816E87D61DA7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1B86917D-2B2B-4DC4-9CFA-24F2DA5CAE26} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1B87BC9B-AF4A-48F7-A493-F27703559826} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1BA8C966-0AFD-4C7F-A773-7B4FB36E7BCA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1C5E9195-4DA8-4231-8E9F-49FD79A83B1D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1CA7E48A-26D7-45CF-9A9D-68A3C71D7FDC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1CBC3656-5DB8-40D6-B7E8-CAAD68E97A07} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1CCC8871-EC75-486C-9432-914AB9405422} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1D1808D6-02F0-4E77-B404-0D15AC0651DE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1D67CC1B-FE27-406B-8EED-63702C9F7A68} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1D723BB9-DF6D-420A-9969-8AF2034B5761} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1D8E4FEA-2136-4969-9BE6-EF2288F11F78} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1DC41BD8-99F9-4CD7-B7C3-97370E43620D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1E44A78E-FC2C-4990-BF95-FE0D68E85153} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1E47F428-1875-4D08-A188-82187A9F64CF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1E8B9ACE-4137-48DB-978F-38C34E75D798} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1EDB9E2F-AA95-4F55-B4F3-AE93FE348CBD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1EE76600-8868-4C50-87C6-7C8866190AA4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1EF784C5-613E-4185-8F6A-14DB39B4B545} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1EF96011-7AD4-4E92-A551-844D717993C1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1F2798A5-99E1-4E3E-9DD1-AEBAFDC94472} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1F33223C-9750-4A5E-BC1B-990C6C6ECE5A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1F538EFC-9D1A-4CD9-81F3-7CD2E3A92589} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{1F7A2592-381A-4654-8A01-0403DF13ADC7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{208B69B3-C4E0-49CB-BC7E-9C1EB692BAF8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{20DA3C6A-8369-419B-856B-2AD35EBC9948} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{20EAE84E-6672-43C8-AAB4-7C0A81047B32} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{20F38F9F-DD73-47B3-9D62-CCB02CB27AF8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{21C125C4-C3EE-4B44-AD36-CDC516121A43} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{21FFCF8E-DCC1-462E-97F4-92469066D506} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{22DB01A0-67E9-42AB-8F09-A6A26D26979B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{22F0064D-7E89-4A30-AA66-A629CB2B44E5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{22FAA344-AFBE-435B-9222-F6ADD2FBA8ED} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{235A738F-4137-4DC1-8347-422BF09CF04E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{23685802-7A33-489A-B25E-42FBE474DE2F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{24518D06-3022-463B-BB58-2C3455C30873} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{24C3E1F8-42C5-4471-BCF1-539E726B5325} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{24CDA841-3C37-464E-9A7F-458B954363AE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{24E70763-8C25-4307-8750-435C17515377} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2518E18A-FAC0-4750-92FF-DF39CB3A30CE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2599A90D-AC0F-434B-AE63-C3F5B9A94808} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{25DA4F3C-A28F-4BFB-BDB5-1CB3493A9CE5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{25FD4209-A3C2-4258-AA44-E5806401C4B4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2601F4AB-1177-48B1-B113-CCF9755DA221} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{263AA877-5168-4F44-92C8-2DA19B96D0A0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{264BFABA-735A-4973-AB48-49897BBC709C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{26617F07-04A2-46D7-883F-D562E9494EDD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{266A07B6-C38B-4B45-B2F3-22D995B26750} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{267C565A-9F93-4AD0-91EF-DFC3EE7BF7EE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{268056D8-DB77-4AC6-8741-FD4B7F897227} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2694076B-0521-42C1-98BB-DDE0F54A5F6F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{26B59C9D-6E97-4CB3-9FF9-49B8C6D00947} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{26DC4353-B049-4090-A21D-7A8375DAF0AB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{26F27F5C-752E-46E3-97E7-0198DA80A7AE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2722490D-0C66-4F6B-8C61-4DB24B8659AD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{272B7631-4845-405D-8714-CC72CC4E5E7C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{27535979-C937-4639-9339-8047643E7D89} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{27A47374-B804-4068-9D2B-6B5F4AAEB274} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{27C556AA-4D91-4DFB-90CC-49D2B1824BFF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{27C59B5B-C4D7-454F-9C6C-FA5224A67348} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{27CFBA5F-9DA1-4BE4-97E2-FB6DF991D595} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{27D4379C-48D9-4929-B86E-042F35285B41} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{27E23788-F28A-4A52-8EF0-EBE5761742FA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{282EB3A6-BE77-4894-B796-077E119E92BA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2875A9E3-A910-46C0-92BC-EB9D1B391D7A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{28B9A9CE-010C-4E0E-BF99-4183521403D7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{295EED5B-5A9C-4DDD-A550-91F97DE4D7F2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2962B923-341D-45DF-A839-E72163F9311E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{29B4407F-0A97-4029-9321-AFE6BCC3FFA3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{29B4DEFE-7649-453C-897F-E36FA776A74E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{29F51532-C40E-48C7-B901-DBD103B35C8B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2A7E73D5-B3EB-4A0C-87BF-58941B8B378A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2A9131EA-1086-43BB-BFA9-8464F8D36315} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2AFCC413-EE18-48AA-90D4-2A1AE38F64D2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2B292608-2189-4D20-B68E-BAC7648B2482} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2B725083-0544-48FA-AEA5-97918B85FB10} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2B7C5B10-FDD7-46DF-AC4D-41458FD39E8D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2B8D2825-0751-462F-BEB1-B5D4A16A743E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2BFA8B9E-5923-4178-9F6D-28211FD1FF75} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2C677352-11ED-46D1-9074-A66071979050} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2D4D2448-0BFB-4961-8E38-D3D02F9FEEE5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2D55842A-FAAE-4423-8E29-5034864DBAED} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2DB998C1-2E8F-455A-A7E3-A59BCAF64C8C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2E4CE54A-7CF3-4661-AD38-E68837215EDB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2EC82056-FCEE-4B09-BA0F-A7D63E98578E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2ED95518-9434-4937-81C9-10CFDF041A80} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2F005C58-CF6B-453B-BB9E-79F1C7E26127} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2F95B968-79D6-49EE-ADE4-3FCA6DA86499} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2FE55A6D-8A98-4EC7-8827-3C12EA964295} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{2FF07BA3-1C89-4B95-AAB7-D8A69302F6F3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{30342C8C-4ED3-4F05-86A2-C6D6A17AE80A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3037EB69-5B4A-4CDF-BBAE-E8A1D8282DBD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{304916BD-D243-4AD3-8FD2-3ABB597A52C1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{305E4453-60E8-4748-9319-68D3600BF651} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{30AF5E0F-C26F-4930-9B80-7701E30A467B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{30CC0E6E-2C6C-437C-B1F6-90972CF05EE1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{30E58393-0693-4927-87F2-60B18F257EBD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{30EF0CA7-7241-40B7-B230-E007B52DACC0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{310BCEBC-E8C0-449B-B17E-D48EB5AB53E3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{31222592-7599-481F-8C37-718A7CEFCE5B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3153AC72-8C82-47DF-9172-A4E3305F3CD5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{31583623-4C2F-403B-BCEE-1C1988AC30D7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{31B8D695-C51D-4B52-914F-53CCB36BD96C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{31F3EB51-EB24-4BAC-A3DE-F44AC7F2334B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3210D83E-87AB-43DA-AFAA-E1E5BD7C4DEC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{323381B4-BFF6-412E-9429-71100261C07A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3285024D-5E79-4781-B6CC-C1B071D06B0D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{32A98C9F-C72E-4B1B-B4C5-C64459A49895} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{32BFFD5D-6A76-4988-BC5B-A753D7D9C702} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{32CD6056-595D-4561-8CA5-DB3102A11272} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{32DE49DB-7A44-4AF1-B8F0-E6C783694448} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{32F9DDCF-5089-42B4-A67F-ED88DD10A7DA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{332653B1-B505-4642-AD9A-CA2F28A3F5A5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3334169F-CF5F-4FA6-9772-20F6362D35A9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{334D3DA9-3369-4FDB-9757-C8BC437C40AB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{334E6389-E7A7-45C4-BE64-3E4F27A83A4B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{33FA2600-1C1C-4BCE-AC9F-EEE82D9B8949} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3416A556-23E7-4A8B-986F-84088C7B91E7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{34307A12-5026-4C29-8F06-4BFFD18E0AE6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{34427191-E77E-4010-9D19-C3C9E7458F57} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3495FAD6-E9FF-4123-9359-1B3E0C0B2A1E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{34D16305-AA75-451B-99CE-AE747C501823} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{34FEF2E4-6EEC-4E7C-A90D-7A298646CF08} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{352AB9E5-6B7B-4553-9B37-EE59C6A205B6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{355F5D4D-7901-4949-A4BB-17D5041282F9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3565A8A8-C0C7-4BF7-B3EF-480AA468630E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{35CE83D5-90DE-404B-B0F7-FD42FDF302C3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{35EE446F-0B9F-4CB3-8181-DEF2B551F9E3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{360EB073-906B-407B-A597-087D1C0CB245} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{361B58A0-9DCC-4593-8EB8-BED2FA931FE9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{365DF36B-2463-4ADF-A322-638E2CD528F0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{36A53634-7DD4-4A0F-AD56-EB9DFE19CEA4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{36BA5839-66EF-43D0-8403-AD377A8C3A1A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{36CD00C6-3FEC-4F06-8299-8E492E587082} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{36D1671C-2B4A-448E-AC7A-4FF950D3AA0F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3713E6E7-8C66-4311-B3DF-4A3DC26D99ED} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3780CA3E-FDF1-487B-9C29-3BB99EFC2877} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{378E8338-81BC-47F6-9937-3F6BE46CCCAF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{37A142A8-EE23-4899-960F-880EBFC445ED} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{37BADD49-74FD-4A67-A095-7603F94F9CE2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{37D40460-FEE6-433C-ADC0-EC8BFEA38A60} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{37F2D834-B1D5-4297-8E63-3AB327F2ECDE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{37F4954F-9BA9-4463-9223-63FC0A1518FB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3848C3C4-DA43-480C-A5E1-54CA344D66C5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3856EF54-1802-43EA-881E-9EE56B8D0F47} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{38642C8B-BDA1-411A-BA8C-1E88BF706948} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3881563F-C79D-49DC-89AF-3B3F6B8ECE2A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{38E34B7B-21E7-4000-9C4D-9725FEDB9033} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{38E865E2-C359-419B-8600-F7FDF206867D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{38ECCDCB-4BBD-445E-BEF1-CA0E53B993E4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{391EB286-9C94-4792-8DDF-C088C43BFC43} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{39E44073-49B9-4F21-BF26-91F4EACA219C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{39E976E7-C83B-40C6-B0F1-D29906251576} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3A810125-A3E5-4130-A7AC-4580DECFFED9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3A978F89-D247-42CD-9747-849DCC499139} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3AA75E1D-3B1F-4A25-AB23-F6AC571475D6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3B24C93B-31D7-4670-90BB-4BB250CE15D4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3B2F46AE-A28D-4590-ADD2-B12A6718ADAE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3BBC9793-A5F2-42FE-AFD8-259599EEFCEF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3BF65477-2936-40C2-B393-9795891FCAF9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3C206BC4-D38D-44CD-83E4-E4625A3A4957} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3C61647A-4FEA-47F9-A7C3-4B30B14BDDA9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3C9DFB9A-A8C7-4793-ACFD-794E7D1E7BB9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3D380DCA-A0B2-4449-9492-390E8357E7BC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3D595BED-8D39-464B-A320-5A70B07D45BC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3D712744-BAF5-4398-8F1A-2658811570B5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3D7B686F-F3B5-4F06-B80E-39C95ABC8115} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3DE86FBE-DDC7-443E-9443-87E56819588C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3E18CDB4-9E7B-4DFE-B363-15CB6B6B46C3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3E3077B4-4E0D-4D16-994D-5FCEF2C684A2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3E588BC7-D8A8-413D-BEC4-0716A81C845B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3E7996EE-7D3D-4443-8336-30D070D24A0C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3EB3DEEA-8CFB-4486-B2F8-CE7DEFD6CC49} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3F002EAC-FF38-49CF-A7AF-B32A357CF45A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3FC4B6D7-0CF9-4757-90C2-FD354E1C371D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{3FF62BD6-F56C-496C-AC73-20F16AD8317E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{402D8A31-06C7-4132-B52E-07274A76F503} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{40F483C1-3826-4314-9251-459A1AAC68C8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4188DBD3-164D-44A3-8D93-6A2E0532AAD9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{41FB24D3-A013-44DE-AC6F-2BFC57609CCB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{42313BE8-55E8-4C92-901E-E8B823EC7BBD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{42409DE1-6FC8-4066-B4EC-EDE0B0B36AA6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{42F3F683-1D39-42FD-A874-86E7251BF202} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4354E69A-0427-4565-8F71-F949F500ACC9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{436957D1-8BC0-45CC-A5FF-E669246AE110} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{438EE00E-DFCC-466E-A2E6-7BB3B4892A39} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{43CA640E-61F8-4216-9E36-6A7BBF4BF178} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4430BEA7-B782-4030-A192-4404925B25AA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4446AE8E-D54F-474A-88EC-9FA1613AD8C5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{444FFD60-E07F-427D-A0F7-3DF1C38F8626} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{44BDD544-34C4-4D3A-944A-A18C5D332249} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{452D69A8-E367-4571-8A67-9FC8AE8CAC90} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4554A331-FDBA-48F6-89A0-BA62412B5D1A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4572322C-6E69-4B1F-B0A6-A8A0C357B570} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{45EA8072-82C8-44E1-8DDD-821B162E6DA4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{45F45B20-90CD-4AC6-9E43-82CF25306A36} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{45FFC44C-462D-4AD4-9F0D-A631BBC85D55} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{46052587-1D2E-491F-9DAE-E7F51CA1666D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{465A4B8C-7F0C-4AC8-8C67-4DE995D7A330} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{467025CD-9FA2-44D3-8E89-33683A34A8B0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{467CA869-AF76-4756-BE86-C09B9EAF4026} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{46E287EF-FEDF-41F0-A70B-77C0A1E0149D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{475C6D2D-448D-4DE5-BC10-E22FD9C4964E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4761C87D-5C65-4D33-8FB5-C3D5FF782EF9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{47870587-7240-40ED-9DFD-E1021CE9F576} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{47997938-EE6E-4EE1-947C-85727CA530DF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{47BCD694-EF15-4441-A5CB-55E8EF031063} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{47E727A1-6E2F-47A1-A33D-EAB43B478830} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{48553D49-C6FB-4AA3-A98D-93EF2D445993} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4860F191-7FB6-4FF1-99D6-A268C5619FF1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{488CE1B5-B62A-4096-A789-5B41E872B6A1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{48B6D0E3-622A-4D0C-84CF-2B6BBA4A7EE1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{48CD356E-DB9D-47E0-9ADD-23738014C3B7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{48E13158-EC82-4209-B936-6393CDD6EA83} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{48E72788-E851-42D0-ADE3-80043E5C62DE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{493C017D-8384-4700-B707-396D21287FB2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{495D0B93-5A3B-465F-974F-D4C786E34FB8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{49A839E7-6988-4F79-977E-076499F001D6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4A35CDB9-D469-4D68-A0B7-03C78EF6D0E7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4A36EFEB-319B-4B53-921E-AE220BCFBBFF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4AB23E83-2E42-48C8-AB3C-A3D87BEBB7A8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4AC506C8-CBF9-4A06-B399-223A0DC2BF2E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4AFF4433-A584-411B-ACDF-85E79C906E69} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4B01371D-4B06-43A1-A6C1-872EDD27EE76} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4B163AB6-179E-4838-A35A-DE7770D5A489} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4B1D2C8C-811A-4A4D-B98F-60DC9395E501} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4B7E7BE1-45C6-4779-BAD8-EF784FC3A521} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4B8A890D-3898-448D-9C12-CCBBFA4D8D12} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4BC4CB8A-1599-4257-B7EF-75E5CF9C9597} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4BC7EBD5-7DC4-469C-A3CB-8710B85B91BA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4C49CF44-32DF-4154-A377-92B5CAB3F9B7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4C9ABBF8-FC40-4248-B15C-C92934A6EB85} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4CB7A21E-A7BD-4CA8-A821-2B4966F8E3C3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4CC27C92-528C-4F91-9C40-26F26DFA11F1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4CC5CDA9-BE9C-461E-950C-5CBF111933BB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4CEB0657-7A68-4555-88ED-69AE53C74017} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4D1DFBD9-D186-4809-A731-6C58A32B0E60} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4DE2EC76-FE24-452D-B972-99524485A62B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4E324972-E3BD-4573-B4C4-F28D0DD58165} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4E4CAA94-83A2-4B29-9FE5-A5414B504751} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4ED4DB78-F6E7-488C-9E85-3AA955ACF59E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4EDB0F12-F643-40BC-977F-46ABF2548F0D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4EFAC163-8769-4C94-9FFB-B2329393A8CE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4F9DA9E0-CE9B-41C8-A702-D3EAD82FF6F3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4FCB0548-A54D-43F4-8E28-7571BCEB8FA2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{4FE1CA3F-ACF5-476B-9E04-F4AAEDC8B3FB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{500D69A4-41F2-4158-8A14-D28619BDB084} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{504276FD-B685-4DC7-AEAA-CA82AB829FA4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{50E976B9-240D-4FFD-B8DE-B6A5763A1049} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{50F1E5DC-52E5-4E48-B630-09B73B4CD971} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5121CD4D-81EE-4572-83BB-19493931DB16} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5130E6AC-575F-496A-B5C4-DA7986B91C4D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{51AECDCB-3764-4411-8256-408F94649344} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{51B7CC56-6F6A-4903-AF67-4F1D067E43E8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{52131A9F-C1B3-472D-8AAD-6D0ABE0C0649} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{52423797-CBA5-4F04-BF2C-69E6BB24DC65} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5287C2C2-FEFE-46C9-8C07-8B0E477B3330} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{52988980-42BB-475B-81B2-DC6BAC5C3907} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{52B5C38C-F081-445A-B35A-2C05CAD13EB8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{52D477DB-C4C4-46B7-9FDF-96A96B69BEA5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5330A4BB-9EE9-49F0-9CC8-CFEA13323C4B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5353B5AA-E48C-4CBD-A568-5459D4DEAF6D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{536DAC9B-A31A-4BBA-A973-04E1235F0194} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{536E504B-FD1E-4DBB-A65E-A6EE3DC906BE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{537DFD68-1C60-4E05-B209-45DC963ECA20} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{541FB1BF-8B1B-45B2-849C-F8B0190DC035} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{54AA8F25-BD2D-4F84-B4AF-90DE1867D15D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{551BEF48-E694-459A-B639-8FFACA080776} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5553798A-1FE6-418F-9D0E-5431C7F852A8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5620AA2E-F3CB-465B-91C1-0C6358BBDB8B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5625D141-A5A9-4363-9026-DA00B59EC264} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{564AE3C2-ADA7-4F10-AD4B-DB819022187D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5659E813-3506-4CE3-804D-21BFFE2B1DEE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{56AA0F74-C423-43A3-A70A-7E940D3F5C00} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{56AF3771-6FA0-46EE-AD41-C35C1B804222} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{57474B89-30FF-49EB-95DF-D4FCFD687305} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{57CD8E06-BBB3-4B74-BAA8-E6CCB43933F6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{57D4D575-E624-4549-A373-D847FD33051B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{57D67C15-546C-4ADF-928B-50A3E859FCF8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{57EEF2E4-B04D-4777-AFF9-180FBF908AF2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5863041D-3B0F-4DC4-98E2-FC38EB4D4B37} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5899E174-4234-40AF-A485-9DE848755704} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{58CB67F1-E38D-4D77-9C2E-6C4E111835BD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{58D6795C-488A-424C-BA0F-65455EF3A5A9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{591A0E61-B444-4FB5-AF35-A49BFA403D37} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{599420F4-DB81-401B-9D6B-1EEE8DB1A9AC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{59DEB896-299C-446B-B702-0F0DDD08BF92} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5A159E57-FFB6-4728-B3CA-96D3DD494CC0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5A47D9D7-59BE-4DA4-9888-0D984443427E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5A62EDAE-38E2-4219-A582-1DA77AF4BC43} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5AD559EE-D743-49F1-94C5-4342636924C5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5B6B6656-BFA5-4F32-85B6-D0B9918441C5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5B91E5D6-E3B8-4A91-930F-AC4B686B0DC8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5B93CBEE-BB6F-47B8-B801-C214D1B94172} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5C0D9E7F-ED82-4F02-84CB-4F91BFD44E1A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5C1A8CE2-2820-4961-88E6-7B3D4ED058F6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5C23C83E-E1E0-4B8A-B5E2-BD249B5C46C7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5C3BD337-D768-4D9C-8C3A-49E7F39A77CC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5C900C07-315D-4F0F-9484-730F509CE137} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5C9ACCE7-877F-495D-B970-90C0E551E84C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5D0DCE5D-2CB1-4C7E-B9C1-5C93698210BE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5D2EF2A6-5538-4C2A-AD4E-F86AE5ADC841} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5D3B0974-41B6-4B54-9714-21A1E69EC749} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5D6858F6-9EDC-428E-B30D-500A7054EA1D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5D6A7097-9F88-47EB-86F7-FC4EB1068F74} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5DC669C6-456E-49EF-868F-92DA5FCFFE58} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5E014152-FA5A-4246-9BCD-486AE1D99B9E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5E45B08A-67D0-4149-9499-332F0C0851B7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5E6A6F61-A441-4443-B3AF-119DD6132997} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5EF7A356-47E1-4F0E-941A-999CDA8183A4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5F220270-7A52-4E9D-A4D8-040FE95D8957} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5F46F3EA-A055-4FDF-872E-26673E0BB1E3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5F56E38A-7871-4F95-85AD-521C0C59290C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{5FC7024E-7C9F-4592-8513-81C3257D6898} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{606C8D7D-F6E1-495E-BEF3-93031EA7BEA5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{607824A2-F02F-42A9-BF19-EDCB9FAE4E1D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{60ADD141-7FE3-40CF-B122-89ACCCDA7D29} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{60E9CF3E-8BA0-4C8A-825A-0F2555AA3F44} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{61ABEFD3-D52B-4D85-B1F3-D30DC06485DE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{61F91A56-6767-470D-A8E0-EA057957D536} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{624ED759-FCA6-4347-B058-A7A905FCD0BA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{627DBFD9-7FCE-4263-83BE-869F657242A1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{629D41E4-2E4E-4251-9A34-91786EF743F3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{62AA9F09-C5D1-459B-AEF7-63DF2EF4131D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{62DFF534-49F1-4585-96BF-4A93C3C00216} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{634F37D4-FB72-4897-8903-F6E42B43C931} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6366572B-0247-4AB2-8931-22DFD7D91F95} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{637A28C2-2271-474A-B747-8B13ECF9E6B8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{63C4789B-1B1B-4F3B-BA1C-4112C7D0AE79} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6417CB92-0C89-4501-BFF1-6F0AEE65A7CF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{64442DE5-70F5-4DBA-B5CB-97EC53635529} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{649EE24C-9CE3-4F96-8056-F6A83FFE4B39} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{64EA5F3A-C8C9-4D4A-BE68-03C24D0FAB71} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{64ECFA3F-719B-4687-98AE-4A339C943667} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6555A21E-8146-4A10-BD05-EA05F898A17D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{65A6807E-87EA-4517-B101-DAB45096D554} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{65C381E1-A1D4-4046-A656-7935FD026099} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{65E9016A-9628-4E71-B9F1-5BD0BC08214A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{66018F1A-D6AA-454B-838C-03B380106E18} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6612D43F-D069-4CD9-8EDD-8F537C734193} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6616A2E9-3AB3-4FC3-A9F6-FC1225382B98} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{66389A3D-E4F9-46A0-AD80-53D44560ABA4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{663D4BD8-4FCE-4208-99C5-E4E9502ECA9D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{66AF62AD-04F5-47C5-8239-145902254DE7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{66BA755A-488A-4A19-9F39-781F37974CF8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{671C992B-8E34-4C09-9C44-E71BBC1C386D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6720A78D-2638-4626-86FD-F2A354A4A531} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{67A1159A-F009-464F-88F1-6695A34A2C2D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{67BC5810-2CDB-4F1F-919C-CE6A3E547CB0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{67D6D6B8-276C-430D-9B19-C33906478A5B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6812FDAB-9DF3-4FCC-A681-D828EBB4EE1B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{68259C67-A75B-4BBF-99D2-4D3E2A1DDDBE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{687070B6-6AC4-4287-8356-24BB12744490} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{688115D3-9C05-4A32-8944-03E70FD2A28B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{68B2B961-F483-4406-8485-7EE5FD57A4A0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6926A613-F146-4C0A-9879-BF256EFBCEAC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6941F571-4265-4C09-BB05-561240CD5802} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{69C93A81-4D73-44A8-BD73-91F1CA43E615} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6A075458-4750-4480-88A8-36EC3C25E2E2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6A442C43-5E04-4844-BBF9-3B94270C25F7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6A7D0F1D-B362-489E-8747-DE381A5A65B4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6AA8A960-1A93-4369-9F1D-68E903A2D736} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6AE90111-EAD7-4424-946D-F68D2137B480} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6B01F964-1E71-476C-95DF-DDC20C349770} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6B24AA30-F8DF-405E-80E2-2D461D6BAB5F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6B932A6F-9FB3-41EC-A1F9-6CA744179B2F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6B93E231-469E-4105-B95C-5BFCF3C24F06} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6B99AFB0-A304-4F0A-B2AB-137750991CBB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6C0C39B8-94AB-4E71-B962-A6E94313BCD0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6C6AE8CD-1C88-4D30-8B7E-34CB9D7EFF62} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6CEA3DC1-8001-4801-AB3A-0B7E694EF5ED} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6CF3C409-46E7-420F-ADB3-5E47CFE6312E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6D09EA9D-E8E4-4257-84C2-7E4E94BC5090} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6D8095D6-4F89-4BEC-BD04-BBAED6ACC648} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6DBA09F0-49D1-47CB-B3F6-D1AC8140F95E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6DC43885-6A45-4B63-89C5-59CA2EFF6E4C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6E0D3D55-5D30-4A66-932D-ACAE4E8D2273} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6E606FB0-CF96-4EF6-960C-49CE26A1BACD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6E8D216B-4D67-4C3E-8FEB-7D3443C9AF09} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6E8E8BE9-FA86-47A3-BE2D-1059134C414D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6ECA53AC-B668-4FF8-9632-5EB74020D751} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6EE39C0D-3A7A-4F28-A34C-49B00A189657} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6EE981BC-231B-445F-A210-93832EF87F82} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6EF55A49-F111-48B1-9CA1-BD93A3D9C5DC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6F1162EB-070B-4359-8B3B-515999A7D140} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6F22FF2B-D2B2-4A8F-98A6-BCCB695D4A18} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6F230631-94B7-4D53-A2B9-C686C20C7ECC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6F9BFE79-6CE2-4221-B5CB-A73393F103F5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{6FAC4321-E6CA-4E39-AFBB-23C5E461CECD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{700F5AAA-FE40-433E-80AD-B454FDDC7857} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{704DEC85-BFC7-4091-9A60-BF6B7EF94A97} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{706D42A2-4B77-4EC4-8082-AC9EC3FFC60C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{709F6517-C591-4F31-900C-989F185D763D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{70E8055B-D32F-4D60-BB51-8B7F6F965B06} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{712AAF72-7163-48E0-BC82-53FCD891996B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{712CCFDC-A9C9-4A7F-BDDA-074A70CA7340} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{713F311B-A00F-4FF8-8B10-E3A6EF906F81} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7251B4C6-4B25-4173-BBE9-4B4C16B92B2F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{72B01008-4408-4A55-B01C-9F301CDB183B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7332A3A1-5B70-4624-B2D4-E642F51D4BE4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{734F9739-75DF-48C6-ADC0-D8D82B230241} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{73588EF8-838A-446B-8D71-BE6434F7E574} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{73711BD9-DBD3-4983-AF35-53928322B6A9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{73A5AC17-3558-45DC-A087-11C58270DBB2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{73AC7452-A0E7-4076-A8DD-96504E2D4FF3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{73E2C77C-489F-46B1-BB13-365A5CDF2C8A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{73FD0718-1192-4354-BA70-737F777B9CE7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{73FEDBE3-6890-4E5E-9513-62A70229DD3C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{73FF67BB-86E6-4EA2-B114-E7E2DA4BCCD0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{741833AC-7B46-461B-8EBE-34CC5688C05F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7420E079-7E9A-47A6-A43F-D9872D26181F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{749AE4A0-19A2-4627-B492-C3C95D8CCA95} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{751C4F57-CB68-46E9-BDE1-24F57E87FB0C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{751C9AFD-72DA-4654-B0FB-4911FE8DD079} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{753CB303-FC17-40BD-9CD1-EE792FA53696} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7545AF66-0838-4E3B-B35F-CFE74DEEF05B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7548ECD2-3A8B-498C-8CCC-A36F59EE3E45} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{755AA84C-477F-4EAB-985E-A462067804AB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{75686037-C16A-4C06-A2F2-A5E695508B4F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7573ACAA-9D40-47CD-8990-77A11DC7F3ED} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7580ACE3-F822-40E1-A16D-2A2469394ADB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{75A2DC7D-A936-4B9F-8048-6B626109886B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{75EB73F5-B052-48AF-A950-8BD44D67876D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{75EE8AF9-F6DA-4D9A-893E-DFC02E0B9C7B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{75F8BE11-1454-4968-9B78-123890DBD34B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{76396F90-8D29-48E7-933A-1D74337280D3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{76811556-CC13-45D2-B26C-5245301087E0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{76CB8CB3-1CC1-4654-A090-1CE1DC06A816} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{772E4FEF-AE2C-4AC2-95E9-EA8AD93A9A11} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{773DED81-7F3B-4ACB-A90A-2A22A75A908B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{77637821-009D-43EE-902E-4E26AB4EA1B1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{77F95F39-67B2-4EA2-BF00-1A02493017DF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{780F2AE9-2A3E-44C3-85C1-BA7BF8CF03EF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{78B7FCB7-972F-4038-8039-464BA882746D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{78C9954E-556A-4333-9ACB-F870911A7066} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{78F4D73C-EDA4-4A48-8563-67795B0F22C5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{791F5B1B-8BD6-4DA3-8BC2-E7677EEE840D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7922F401-2ACD-4DB4-89DC-A56611A1C07B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7986A748-6D34-4064-9A91-52A06F881209} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7A1396B6-7B80-499B-82F7-BB7270A3BC75} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7A829B64-18A7-4789-B7E4-3C3BC1C16788} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7AAC1E65-E8FD-491F-9037-8CA54ED9D488} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7AB4362B-A2AA-42FE-A0A4-F9B5F1C314FB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7AC3B18D-1ADF-445F-AA08-629E2DFD10DA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7ADEFC5E-0CEB-47A0-B46A-354D1C633024} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7B0B224B-9800-4095-86E9-C4FF55E61FA7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7B49FB23-730E-4459-A5E3-E4DBA600C5B3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7B4B5485-DB47-4362-A835-604C8D7C74EF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7B5EAA31-4FB6-49C4-AA45-FE5D38D35612} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7B6B3D65-4BB4-4601-8658-C249F867EB5F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7B760EDA-C21A-4097-943E-5B8D3F5235C8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7B99BF7C-9FDF-4FE6-B4E5-6C7B39FC5A05} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7B9C8B03-31A1-47B8-A9BC-76980F7AB8FE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7BB10FE7-4E9F-4317-9B39-2303A461F8F2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7BDFF5F3-E84F-4DBD-942C-9B72855950D3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7C0B6F42-3AED-4C05-8507-8DAEF860505D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7C5A48E2-9694-457E-90F8-2D2901938A20} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7CCD1357-E241-4A42-89BD-39402F324E25} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7CE2CB16-3923-4969-964B-E90A74D63D29} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7CEDA2DA-60C0-443E-B681-631101E471E6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7CF54268-AB5E-4188-8EAD-231E2C436659} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7D0B179B-99A9-47BD-92CD-BCBAA4D17BCE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7D6FE92B-07FA-4A7D-9F7E-300892C2E178} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7D8DC488-06D7-430C-A076-B3ACC33A5659} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7D9F5B34-89D8-46FF-AA7E-4B86FC612FB8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7DEB1945-61AD-44FF-BE8D-275E2DA59845} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7DF673B6-93F2-4E20-926C-E8F3934C8463} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7E4CF436-EE96-4902-BD99-BC9ABAE7D754} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7E8C8434-E4B8-4114-9250-BEAE4F7A931B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7EFD6670-8EBD-4C55-A237-0DD642D97291} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7F4BF03D-EB4E-44B8-B5EA-553495F70CAC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7FA02236-4000-461D-995F-831903E99FD3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{7FAE5A9D-ADB6-4B73-A78B-107450FFF80F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{802E97BC-52AF-4D6C-A41A-7B9794C08EFD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8049CACF-CFB6-4CE6-8CEB-FD292AE941C6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{80C165E1-D81A-478A-A147-1CBD5FC16BAB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{810695A0-CA01-4999-998E-1B380F0A2F62} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{82385182-AE25-42FD-9A90-32EBDE8B1484} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{825DF7A4-4B1E-4C80-830D-02B0096B4847} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{82B96389-40CE-4DC7-861D-77342BF3BDF6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{835F88E4-52F1-4785-B4BA-D99C3BC1C481} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{83AEF6EC-BBC1-403C-8761-3D4A7EAEE13A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{83B0BCF4-DFA8-4C78-BE4A-FF3B2C4AF291} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{83CA8663-62A3-4BDE-A862-659577686A49} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{83FCE19C-EC89-4AFC-B1B9-DF7FBE33FE41} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{843D3514-5430-42C7-8D4C-B192F2AE8436} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{84CA57AA-6FE2-4D59-BAAD-D4D8EFF917C7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{856A3483-08FB-4590-9FCA-2C839E144DE1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{857BA1E0-E65F-4C15-A5BF-A97CD5B9B326} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{85930B6F-5AA9-4517-AD57-91DFDE8A9B5F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{85CACAA1-2D51-43CF-92DD-12DBDFA3C66F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{85F0A7E7-444C-44C5-93E5-932412B39B8B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{861E0C47-B33F-4E8D-BF94-0B7679F07E55} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{86B3131C-24EE-47F9-8E01-CBB77C73C582} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{86C32EA8-AF8E-4358-A6DC-0F52CD9D635E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{86DB052C-B163-48D3-ACBA-F3C3D5E5608A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{872C2A7A-B9E6-4669-BEC6-1A125AC3F516} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{87732031-750E-412C-AB21-EA7953C9FE64} (Empty Folder)

Myrmix 28.11.2016 17:27
(musste es 2-teilen)

Code:
Successfully deleted: C:\Users\Martin\AppData\Local\{8835103F-2DF0-4904-A7C0-A5926FF55F1E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{88A62B96-6A2E-411A-8AD1-4D860E8F39EC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{88B4EA55-6A47-4DE7-9173-C622D7332378} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{88B83E87-FB0D-40B0-AD84-06FE736550EC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{88BF565F-8CAD-483A-9BDC-403745A9CEBD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{88C73083-AB88-4E0B-B5AD-194D317A6E2E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{88C8138E-6755-4045-A8B6-B56D9FEA8243} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{88D969FD-0A22-45F4-8D17-D4CA68A0DCBC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{890B3A05-48C2-4511-BADD-5EBD3B7250FB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8920860F-E0B4-450F-9C73-D9DDC07EC5C3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{894D39E3-989A-4D28-89BC-28F58C7526F3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{895E5227-849D-4A37-80D2-0888D2C7EBDD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{89755091-7C93-4F74-BF1B-3310DABFE025} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{897C05C6-44D2-4D28-9E23-D0FCD373B323} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{89C9BFDE-E13A-42C0-ACA0-DE52E78A54EB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{89DCC0CA-9F7A-4438-9FC3-D07F69F6C313} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{89F7FF34-F86C-423C-9E8E-03D7142B31E3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8A004BA3-557F-4402-AF9C-204DD1EBFDF2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8A8D2EBB-E720-424B-BA46-B038B3A65AE9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8AE0C392-A5C3-4FC1-A314-9A740DE93050} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8B72330A-483D-4B1D-B735-B99E54436500} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8B7278F1-6DE5-4333-9B2C-6E6E05B016C4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8B90ED51-DC51-44B9-A8A8-C29CA7A0006D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8C14FA15-BF9E-4E3B-AD96-6D525F5C988A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8C539572-23E6-456B-81E6-06E97A2D58B5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8C7E6A73-53A2-4CCB-9BEF-23AD34B321DE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8D07E08B-92FE-4AFD-A989-87CEECD6E631} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8D1A3552-CE1E-444B-9595-EDD89A5EE774} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8D2418CD-E4BE-4BF2-BE95-198389D13E81} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8D3DCE8D-536C-41EE-8848-643820E85336} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8D53A7AA-FE5D-4A11-B490-0DD2109447FE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8D58803A-07AC-4D0D-A59F-974965422453} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8D5B9C50-8752-4A0B-B846-C111BF6B017F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8D6CDA56-4DEE-48B6-8E0A-81C63F317218} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8D883C9A-17FC-423F-9638-DAFAB7EA2E92} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8E280B3B-7709-433E-B26F-91DCCED28E14} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8E7F43E7-1BAD-43B9-811F-466D8854E838} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8EBBA257-CDC9-4901-80EE-57A67970E03E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8EC0A1BC-2616-4C34-BEF0-803903D99DB1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8ED2D92B-BB2E-4976-B12E-477483126D71} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8EE3A75A-22F8-408E-886A-87C811FF8C90} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8F2047C0-D2D5-4F31-B655-8EB309DE308F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8F2A7740-ED60-4BA1-8A80-D5AB0004B810} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8F639ECF-0C33-4B66-B230-2484D050852D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8F640E57-65EF-4A61-BB03-D9975CE874F8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8FA9AF8B-1EFF-4421-A393-E601CAC3608C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8FAC0719-E7F5-4DB1-A768-91DC0F745C25} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8FAC88B2-9FC3-4201-A3E4-2BC716BBB70C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8FCE97CE-7B6E-48FF-9638-E543669C05BB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{8FF8C62F-5343-4D78-B1D2-DF16EA264C10} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{901CA46B-1321-4DF6-9D73-82C90BD92924} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{901D9E83-48D8-44D5-B0D0-19746B834C03} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{90249D25-D1BF-4113-960C-5EEA44937EDF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{906226A3-4CEB-4BF6-966F-284F55F08CA4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{90C345A2-9D58-487C-83CB-D17FEF3C12A7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{910D389E-C256-42BF-BBA0-0C88053DE3F4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{912C84FC-13F8-4E58-8771-E2CD961F95E6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9221676A-E1BA-4E59-8061-4F581B986F0F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{922EB01F-9380-46F4-973C-E464B0AC7EA7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{928F8ABC-CA85-4528-9091-AA0933A60852} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{929A8D9E-742A-40B9-AD9D-8EA5DA12CB33} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{92C375A4-3CBE-4E42-8ED1-B00138435283} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{92D0641E-5128-4F96-BDBB-7A0C404D65D1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{92EDECA7-E82F-4BFF-94FB-B35338A02437} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{935128D8-8C7E-4BF7-9201-3D4029B95322} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9365DD40-130A-4C42-9615-97DE667777A5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{93749CAB-AD18-452E-8814-9E39A6B01E9C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{93786E2D-763B-4FB8-8CA8-B9488314D3AC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{939E80D3-5EDC-4C29-ADCF-7BCEB1ED6BA8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{93ED7FF0-DF68-4E5E-8C5A-ADD1886DC89D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{93FD5E06-8FB9-44B1-9F78-AB8593B1DF57} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{94589397-D8E8-43D3-A780-A138A3D7633B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{94A83812-AC2D-4BD6-B57D-57B2C40C9165} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{94D0F96B-53B7-4ABE-A84F-11145BDDD052} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{94DA617B-29F4-4509-A3AF-49C9E0770D8A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{94E3B2D1-90D1-4CDE-A26A-A0AD7665601F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{94EDCC46-3CE5-4209-8062-D5D18CB54840} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{95195D25-4C5A-4D39-880B-96AAE77EA00D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9543601A-7B4F-43B4-8785-16A749D1FC4A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{957EA581-2FF7-4999-8B4F-1A290DBDA746} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{959BC1A6-E628-482A-808D-4D38FC325F81} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{959D6417-2918-4D64-8EA1-911D15E49F41} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{95DAA2AF-35E6-440D-A98E-3FA470055E4F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{95DC2148-BE97-411B-AEE7-15E937D67E1F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{962C1E77-9227-4074-9B8D-D10F4765EE16} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{96745036-85F9-4E7F-94C2-FFCC670420A2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{967C83B4-52D5-4219-91A7-E1D4CDB67776} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{96C2157A-505D-4DB1-98CA-CB1E17EB9D38} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{96D41BCB-196C-447F-AE48-245E4AD5659F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{96F1E66F-6638-4A26-9F11-4EDF8C8B5719} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9720FB93-74D1-42DB-A464-0020C72665D1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{97623E75-3BF4-4A36-9744-D183365BBA28} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{977CEF87-F53F-4AC6-9229-C9CFAD59C6C9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{977FE900-EDCF-4C93-A91B-5D67426426CC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9795B19F-C28A-4D6A-AE35-4DEC26F21425} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{97A64ED3-692E-40A4-82F7-9B685693A1CB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{97DDFD8D-8840-49E1-AB1A-A6982AB1DFF0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{97EFD4A7-4402-4DF8-BCA9-A73130587964} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{97FE8CD9-EA4D-4E2C-BE1C-8726CA183157} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{98576F05-32DA-4CDC-BB1C-115C542DAF15} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{989313FC-D175-47D5-A89D-83A98D203FA1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{98A40568-EC27-4BD8-B9CA-921C56A8C99B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{98CC8825-559D-4E15-B010-49AE2CC86C28} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9900040F-1022-4842-9F0A-28205D5032CC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9913CA13-0CAD-47DD-BBD8-12DC499168C4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{993CE215-73B7-4C6A-A19F-44DBC8D23739} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9972AD26-33B8-497C-9276-6A1BC16680BD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{999EC177-2C81-4210-8580-2D5CA581CDEF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{99A6139F-62F5-44BA-B24F-6E99D0640B77} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{99A92E5B-3F82-4E0C-AEFF-9C2D63514A63} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{99BDC5DF-B473-4856-AF4B-AC85D4F931D9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9A1F9EFE-3EDD-4189-B304-D5B3CADD2A1D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9A7AD660-4EBA-417C-85DB-E8A62CB7C685} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9AC0A024-D59C-4FDC-BB2F-3E182BDC2553} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9AE29C84-B907-4F31-B4D9-A22FB7F64F61} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9B57FFF3-B8DF-4302-9F45-5F70A40F9091} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9B7AD396-2CD8-4057-8EDD-4504A643FF67} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9C288DBE-2D01-4F5E-9C86-99892FED6B15} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9C3CED36-CB9D-4AB8-A51B-1EF8FF7906CE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9C6A606A-18B9-408C-A335-6B18D66CDED0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9CB25156-4E94-4246-A99F-6A32651109A2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9CC18674-2E72-4373-B784-809742F40EC2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9CDBE367-A6A5-4A9C-A624-408E240E5159} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9CE87BC0-24D2-44D9-8DB9-CE4187721EAF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9CFDF18A-D96E-4342-A541-9867F9404522} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9D6377AA-9E7C-4D72-9711-996C1ABD6552} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9E1D2A80-DB3B-4949-BA13-669E86D8623E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9E26D63C-E309-4D69-BE5A-F27D8CFEDB1F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9E58F5FC-2CEB-4C51-937F-F352EF4C162C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9E6192F1-7A67-4148-833E-12B6C8FF15AE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9E905253-553A-4A05-AB4F-79C1072C854A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9E908EB9-75C4-46F6-AD0C-F9566A5D14B8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9E9EE769-57C0-4D8D-ABBE-6E60AEAA65CE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9EDE9779-F151-4722-81CB-786057B23F5A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9F056FCD-57BF-4633-9915-ED6C3EB5C4DA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9F125E05-2322-4CB8-B77F-A15E79B2109E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{9F4757E3-7987-4359-9F94-78551C9081D0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A01DCBB8-F367-4303-A01C-BF2B0150237B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A026879A-75A2-4A88-9C85-DE8EE2FAFE93} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A050A33C-02A0-4F8E-920A-FF044493FFEA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A06B6E36-A6FF-40D6-9DD6-6C42E64E80CA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A08F48DC-83C3-4618-A741-3860C91FE189} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A12FAD3B-A4BF-4B2D-AEB2-BEE7F55E7073} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A19E40BA-DA68-4FA2-A3DF-A4DC9BC6847A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A1B1558F-749A-4922-9367-B8D8A45A24AE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A1EE9060-AD61-4ECC-B44C-7E69B170964F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A1F6CD30-09A3-4444-B26D-664FA51F900F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A2054C89-C351-422E-B6E3-C8FCAA742D31} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A20ACBD8-6568-4D5C-B0FA-C6CEE82EA6AC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A24C0610-9538-4AE0-B4E6-18C496D84717} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A2CD3418-8179-484F-8CEA-F0BBE9146CF3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A2CD798D-515B-4109-8731-1F3378BA071F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A2D6D2EE-1767-42FC-BCCF-9DE4864A92EB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A2DBCCF8-8E5A-40E2-960E-579B22785A6A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A2E8C5BD-B8AA-4E6F-A9AE-220175985982} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A323F269-87B9-4CA5-B69B-6B4C0E1C4F0C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A3D1D7EB-3BDA-43CD-80C5-9B903CE73F14} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A3D76A80-A195-49E8-B38F-A8C7DC2C2437} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A4079943-271D-4AE1-8874-F9158AE013B8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A4215C43-E7B0-4DAB-BD52-17A846A7E05D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A43A3D60-CD6B-4867-BA0A-F39DFAE634D8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A45B20E2-8675-4F9B-BCB1-1A771D082668} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A518E1B6-7649-4D0D-A0BE-34615F14FF31} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A535D1DC-B0F3-4C1F-9D27-00AC3B30B084} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A542F0CC-C94E-47B9-A0BA-9B94EF6D7A8B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A555EE66-B0F4-4A19-8C05-CAF6E145D029} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A568C932-C3CD-4BA2-8EA5-963E6AC0F029} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A571A553-579B-43D8-AE10-33F81C4AB132} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A5F184E3-1292-4FD1-803F-F38D69CAD1C0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A61DC2DF-69F1-425E-B7CD-F61A5F94994D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A63894CA-130F-4774-BA27-ED1A7E810CA6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A64E69C5-37FB-4D94-97AF-30388B222076} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A67EA420-67B8-420E-8438-A93E719C3AA8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A68C7A24-CE98-4A51-BD83-2E2D73F7393F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A6F1DA61-76EA-4287-8919-B6F1AF70BD80} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A7003368-4177-47F1-9D3A-E04E01D44911} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A71D9291-DB48-4277-BC0B-29C36E4012D1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A7BAF79F-F62B-42AC-8DF4-D1D196392FE2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A7BCBA7F-1A68-4B67-904C-FA8782FDD107} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A7D427CD-7F6D-4A14-9CA8-FDC0220FFC79} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A859EFBF-A93A-4509-B596-0BE1FA389C51} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{A8E7EE4B-18FD-4A5F-BD3C-21F05012286A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AA38B50E-8AD8-4DA0-9BCC-C64D34257DD4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AA5D4E1C-C061-4CF9-A33B-ADF5FEDD81C8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AA6A70CD-D7CE-4982-8CB5-14A3420C5AC6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AA842A90-012A-477D-8162-8FE7FEB5B065} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AA9B8122-EB0D-4DC6-A242-41603171FF88} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AAB9AD2A-5F60-460D-8E42-B1CCE5C1D1BA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AB033066-7F9D-4BDD-BA4F-7787D04F3278} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AB32C86F-D607-4461-A099-C05F1C3DA7E0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AB3FEF83-1A85-4454-A28E-C6BA81193029} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AB8BDE8F-277D-4D32-BDFB-E3A3E103B0D0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{ABAF20C2-16A6-4BB9-8AF4-CA3CBC4E9524} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{ABAFE55B-0410-4A32-B6DC-BD97A3AA2B04} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{ABCB69E5-3351-437D-853C-447172F80A55} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{ABF47DF3-D06B-4E11-8B57-41AC57EF426A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{ABFB72D3-9BC2-4C2C-8871-0B6CCAABBEAF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AC1F08EB-F5AF-450C-B327-D8ACDC0B58F1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AC6A24EA-E084-4187-87BD-A84096639901} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AC88B706-6510-4184-AB79-BC5F6C245D1D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{ACD6E7CD-ED9F-4B6C-B7ED-C94DD33260F8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{ACE46C56-3AFF-4BEE-A1F9-C82616480579} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{ADDA0B2A-110F-45EE-951C-356387811432} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AE02BEE3-CD06-400E-B982-BBED002B26A6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AE227D7D-30D3-4D0E-8A4E-49F88FDCDE8D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AE3E7A6A-9098-4274-BE18-2B4041882FC1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AE5A4130-9491-4FC5-8204-1F21CA96958C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AEAF568E-D9CE-463E-AB59-B890B6B557E4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AEF2A8E2-2B33-4FB2-A9F1-4620F5518B14} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AFA7973D-FD39-41C9-AE71-775E2EAC4C75} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AFBFAA98-5EB0-4162-87EF-8537B5B3358F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AFC0EC4B-BAD4-4916-884B-D6C8D57E6783} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AFC81D21-E432-431A-AA15-24631EDE014B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AFF0C773-D959-4135-878D-5499FDC69803} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{AFFA853C-F5F9-422E-BF6F-C8B454E23AAF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B002CCD8-77A5-43B7-9275-D221E72C22D0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B0AE29C2-2405-42D5-890A-9900492AC2BD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B12DF6A3-0834-4469-A03F-EE032A01C799} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B16CA871-2632-437A-A2DE-0E44656C7489} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B17FB9AC-0248-4A2E-833A-13E4E78B11BD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B1E7A707-80FC-46BD-8B75-93237600398E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B1EDA393-C527-485C-B437-8BBCF4B359C5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B237050D-F102-4A9E-A0D2-2CA4AEB38A8E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B2396254-84D4-447B-A238-C512564DEE27} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B23B47D0-1132-4119-A836-B43D3335BB05} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B26E8164-3D53-4264-80FF-3E9B0E33CA3D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B2FCBE28-18B4-43F3-A279-F8FF18224794} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B329ABDD-822F-4B95-8690-280F2E8B3E7B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B3BDCBC7-A68E-41A7-AF22-B3C9B7455BEB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B3F355AA-867A-4686-B725-7B6758ADC3BA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B41AE773-768C-4D50-911E-CCABE62DCA2D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B43572A4-92D6-47D9-8993-2FF3484D17AC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B44C4423-2D8D-4507-A8C4-629D54E24EDD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B4589910-5F5F-4BC3-B4CE-CD23B789EC18} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B478CC1E-0F84-4881-83EA-D668DF20047E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B488F014-1613-487A-8060-7432EB5DE943} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B4D57667-7E1B-4945-8210-4E1A2A221132} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B4F7959B-E414-400D-9086-67571F1C3674} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B5101E3E-2C8C-43EF-B29C-0EC815960F44} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B520EDC6-BB93-4B21-9993-E3B2DC13CD58} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B5468532-5914-4D33-968E-849B2A46A77A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B54B2321-42F1-4587-B3B1-0B1723897855} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B571FDE5-BDC1-4712-8930-E4CAA90F9D16} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B58137A2-4240-4ACA-A292-AEC5D2D154BD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B5888EF1-7010-4C9B-A4D5-7DC6372E5E62} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B589DC6E-0F57-405E-96A9-626CB7418D65} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B5B5DB94-28E5-4DE2-9683-D40F0F78C180} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B5B8FDBB-042C-47BF-B5F2-8170478875DD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B5CF8D76-D1C7-4460-8D6A-660089213323} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B5FE650E-73B8-40F1-9E94-80031E211F41} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B62D75B8-2909-4752-AFC3-7223D72B1904} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B638ABD8-74B6-4D44-B4F1-79C3EB98C75E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B67ABB90-20CE-4BF5-9DAD-3A7891EDA1A9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B687D6D7-6496-438F-AE47-B89F15099194} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B7184687-0600-4AC8-82A6-8485F658BC70} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B72B85DF-CB3C-4F41-BCC3-64DEE63286C2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B7836955-ED6D-46F0-8D54-8492CD17CFA0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B79CF665-7751-4A2D-9256-07E74B5C9AB0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B850841F-DABF-4DB5-9CDD-9CAD6772FDE6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B8589DA0-A67F-4F88-ADD4-BF64C21D6C21} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B8B1E953-161D-481B-9F6D-E2FA4663A884} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B8E502D5-B38C-44B5-ADFE-72CE661C7D9F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B938C384-F3BA-424E-94B7-40D28F980E0F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B99712E7-8472-44DE-B084-B780CD232E67} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B9B736BC-50CC-4A15-A216-7159EB69A6C8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B9F59FDA-328A-421E-B1B8-7164E09A8E3C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{B9F8A4CF-FC56-4666-9636-3218C9422120} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BA18D865-1FE7-45DC-A520-C3EB001E169B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BA1DA679-CEE5-448A-AA46-B5578E2DEB93} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BA3FA773-B3C6-4362-85E2-797B531B9C90} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BB22F7BF-2CB4-4C0C-998A-A46ADB68FDC6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BB5A5A86-9BB3-4F27-87A7-50B8ECE0F9A7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BB6E4237-6BD3-4336-8BFE-B7DFB1825C9F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BB8BBDC0-9934-4751-AE09-E823F77F3848} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BC189A9D-5B37-4B17-A287-EDD3408556AE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BC68F848-7116-446F-8C4D-74F1305D78CC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BC84FAEB-38E4-43D9-925F-2A5C5805C1B1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BD2387F8-EB11-4A5A-9E7C-5EADE1552A39} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BD245ECA-05EB-4B3E-B9EE-D4D6161FB8CD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BD4B8DDB-FDC0-433F-B0F8-AAD2E2C9BA5D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BD5B78C0-A916-4B37-B26F-E687CD18A54D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BD9B5EB8-EA0D-4007-8393-14057723B78F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BDB120DA-FE34-4348-9147-FFEC6F4BEFB0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BE0E3CE2-B475-4A3B-9305-D8E2D3DD1B42} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BE1748DA-1291-49E0-A2E1-1C5BB4BDB309} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BE2D7081-EAB8-4487-ACEC-3BF2DE083F3B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BE86EE30-F0C0-4B87-9B16-B50F71A493AC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BEEF01F2-A6EB-4CDA-97DD-17ED0AA91385} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BF1D2F44-4F7B-41AC-A3B1-B7D7B7F72625} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BF739148-44B4-492C-970C-933E18091625} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BFD75C5C-5200-4269-8D1D-3BC4B619A103} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{BFEACC73-7797-4916-934B-E6DB030E741E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C06565D9-A6AF-4EEF-B74D-9183A8E57149} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C08834E9-DBB8-4892-823E-1F388A1FEA01} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C0DBFCE2-5B86-4504-B49A-7BEF4B3C603B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C0E03BB1-7F4A-4AE0-B384-492CAFC67B37} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C132BC72-8D3C-42E4-AB4E-735132465E07} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C16DEAE8-F63F-47B7-A567-3CC458ADF415} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C181875B-0EE0-447D-AC98-951252A02A74} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C19F1121-F227-491B-966C-C13AA4FCF2CB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C1E7B001-62B4-441D-9618-516C4B8B1531} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C2018D60-537A-40CC-8A14-759CCD441A86} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C210039C-F120-4C65-B251-E2746EAB8913} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C21276C5-71CD-4FD2-8E53-262109BC47BB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C236F9D0-F11F-42BC-B3BE-3618B8C66AD3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C280F9B4-2E35-4C71-861F-89392E11122E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C29539D3-5638-4C74-84A8-03BBA17ADB42} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C2A0B6D4-353D-4D03-9FFA-C6E3C1E1B081} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C2C1ECFA-2BAD-40C8-BEF7-E019143C579F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C2E5FA41-67CC-433E-B7B6-97EF32F9A82D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C2F0AABA-4750-40A2-8184-8B4E1D0C0454} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C31F83EB-C69D-496F-AF4E-E0B610DFD75F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C3AC07B1-F9F0-4B91-8DD2-1FF24AAC4951} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C430B84D-9801-4058-A68A-247D60178185} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C4341608-AC97-41D5-BEB5-8D22C18ADF15} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C45F0FB0-5F3C-42E7-9433-04603C625D92} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C4B9D5A9-BF83-49C3-98A9-AE629EE08462} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C500DF29-3780-477F-A1D3-811AFBDF6825} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C51492D6-13DD-4B35-BDEC-9956A199E6D4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C5393A2E-12F8-4122-8D2F-02EEC554EE9B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C566440B-B7A4-4730-90D1-CE62A8EB339A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C5B2694D-9EAB-4675-BB00-81D04D0B71D2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C5D4E67A-DD46-4245-8A7B-0690D584593E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C637DC23-7A3C-4EEC-88CE-3381151E1926} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C63FCB43-5070-430D-9C88-62C02598EE18} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C64E5412-9717-4587-B2C3-4D206091EA47} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C679DEA3-BF7C-4F8D-9A14-23EBDADA4736} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C68C22EC-5D11-4C67-8F6F-9E447DDF3B78} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C6A35494-5260-4968-8F70-C606A11E44B0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C6CB8F42-3407-42EE-88D1-2B48ED877FC9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C6E91F3C-A386-4B02-816C-916302F43450} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C780DF7E-379F-4734-826F-D7A3FCC01C0E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C7A70CBC-23CA-4DD4-BE93-36FAFDB6DDD0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C8265DD4-9A12-407E-B9C6-DB1C4C438CB9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C82BC09D-AD77-4E4D-839E-52E9BBA55F64} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C85FAA2E-08A0-4A46-9E4C-20F255140FB4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C8663738-FFF8-41D4-BC7B-2C904D965397} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C8B124D3-4534-4F67-B740-8EE202F7FBE8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C8B7A3AF-306A-45F5-B3FA-0BB6A1785BAE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C8C67384-6DBB-40FB-AAFC-0659FFD150A5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C9250C4D-3AF3-4767-9FD3-1DC4BA20A5A3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C93E2377-A3BA-4DFC-A8B7-669166CB9632} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C972C375-7B2B-4F08-90CD-E608429C0F38} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C97499F6-E0D6-4C47-8810-6CDEE6FD5F00} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C97D75C6-B191-4469-B594-A09FE5311E3C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C985E0CD-BE3E-4733-A53F-EB8851207BCB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C990130F-00CC-452E-A662-BA25BB26FAC9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{C9B7CFBD-98B5-4D1F-AB73-9072B6276B66} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CA295F70-D6E2-471B-BA07-207BAFE0BE13} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CA5BA17D-289D-4D14-8E37-4F1282C54E75} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CA7D1880-1857-46CB-956D-C3B7C815BE3C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CB1871B8-714E-4E84-8AE7-A89B533C9454} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CB1B4FDB-8CAD-48EB-9B36-A8E86D73E737} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CB44AB4B-43BA-48E0-A080-3900768407B8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CB8F42E3-D31E-41BB-8741-CA69D4FDCC95} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CB9D9691-747C-4B1F-9A17-6F22A9424D20} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CC57AD6C-84B1-44A9-94AE-E311E196EFD7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CC85480D-9F64-494A-B59D-4958FE2E7614} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CCE9F4B9-9FAC-430D-A6CE-F717E787648A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CD0F1461-DB76-477F-9874-24A6C1162005} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CD27E18D-B012-4B13-88C9-3C641D49E596} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CE30A3ED-0715-4D6E-AAB7-E82F0078F6EC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CE9A3E96-71F7-4773-B737-9D6F1DE11FA8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CEC99B2A-7F1F-46B0-BFA8-4A87985AD9D8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CF1C6632-826C-4D34-8A71-BEEB7988A7C6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CF53A3DD-C7F3-4A71-830D-85775D8C5E53} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CF5E26A9-DDB0-4660-983A-6FE0D0015810} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CF851145-B956-48F5-B6D3-EE5E60CB67AD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CF99D3A0-2AC5-4213-A975-1773D352CFA3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CFA5B47F-F7C3-43D0-B2FD-1D29033710EF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CFACF238-86ED-4CF0-A4CE-C8FA1A354375} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CFD330DA-CDE1-4548-B5D4-3DB99D6A4B11} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{CFDA5FC1-0C7E-401D-B191-EAF3A32231D0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D079FDFB-2192-4436-AD96-B95A306A8B6C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D09C4694-3B76-4FFC-9448-AD9BE790E2E4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D0E6E690-52CF-49AF-A191-D476EB714336} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D158CDFE-8F97-48A0-BF7E-0C2128C79E7C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D18EE5CC-9C81-4FFF-B45B-6936F9ABFB11} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D1AFD9FC-FA5B-43DB-AD32-954960ED8D53} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D1B19212-317B-4463-BF98-DAF426E70B0A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D1DD7F3E-5639-44C0-A3B2-5637D26908C6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D1DE56B5-F6B9-4BDA-B0B3-7B62F9DAAF83} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D25C41A4-5574-475E-99E4-5D80C8638DF6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D2B91AD7-A5D2-434E-9D77-C298BEE27F38} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D2FB864E-1D02-46FF-B3F9-D95B5A5FEEFD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D35ECE62-4B3B-4E44-AC21-933264D579FE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D36B9D0D-17D0-4E60-9EC0-35AAF4C67356} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D36F525C-D975-4DF1-AFBD-7804B8064356} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D375777D-B13E-44D0-9A09-FCF81594344E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D3985881-92D2-49D4-BCF2-16A8E1A6B2B7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D399E48A-CFC9-4D82-A31D-19CF3917B6F1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D3EF45EB-BB0F-4C32-8EC0-1BA002E0B4A3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D46AB67C-45FE-46B7-BDAC-73BBF57A166E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D4878FCD-C56D-4E07-BCC0-FD84CB1E8315} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D4907DED-8123-4907-853B-7AF2D33AE5D6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D4D2CC37-0845-4888-86CE-0F7878AF1A3D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D50830F7-B77C-4FF3-B0AB-5356F0EEAE5A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D50FDCB9-45B3-4EB9-AC55-1FBFF7DDE6ED} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D53DBB41-0447-47C8-A737-EB5E83858235} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D5760D7B-DE83-4679-BE7C-7E33A750D253} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D5AC926F-681A-4E9B-9DBF-DF38B88DCB24} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D5DAB822-F7D1-47E2-8DBC-85AC736B1B71} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D612405F-95E5-4DD1-B927-4D5385DAEB13} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D6237006-33F2-4330-97B5-E95B96E5E52B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D6D73A60-4186-44FD-BC0A-39BE00AE72D2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D6E58FC7-BFFD-41EA-92AE-B82B0674CCA2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D70FFBCB-1F5B-43FE-A425-B8AE753F907E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D72B1778-3C8C-4D8A-97F1-F4ADC944288D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D7650AC8-DB43-48EB-A34B-AF8E9253400D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D80CA78B-73E4-4196-AF74-C1179F0249DE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D83A8DDD-C750-4A79-A9A6-0E413B45CBC5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D83F9CF5-6F4B-47EC-8258-5B2646490F0E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D84B0563-EFE2-404C-8CE1-AFB206322159} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D85E1952-F80D-4872-B0D0-C7391DDA6952} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D86CEEBB-07BE-4B36-9B4B-5CAFA9E64F58} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D8AEEC99-0352-4FF6-874E-19DDA5FBF7B3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D8E6BEC7-04B7-4B0B-856E-7370C67D3046} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D979DE16-BCF9-4559-BD53-08F5661C6565} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D9907FA4-443D-4358-8DAD-F8BEA6AB0887} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D9A80ECB-F636-4C50-8E74-747F38FEC12D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{D9AFBF6F-E29E-4934-9C85-9FB8A9C3F6BD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DA39AE2D-1324-4E42-83D6-CC73618E409C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DA3C880A-41F2-449B-8C28-58E1CED2EFFF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DA46F525-C127-4FD9-A46C-9BCEF7CD4294} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DA4B6D90-6419-458A-BABB-C5482DC81B66} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DA70C049-D385-4038-9B17-0049ACCE7F52} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DA86CB87-A54D-44E6-B226-24E20EDE745C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DA99E85B-71CA-4DDA-914F-5DC5C2791F74} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DAAECB7D-8209-42AE-86B6-3DE9B20B26BD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DAD8B549-1897-4B09-B0DC-5B2253544653} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DB3018A9-30DD-4236-8DA6-170A11EAB1A0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DB51A2F6-12B3-4BDD-859F-CE6E48518CFE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DBA0959C-F78F-4A40-B783-FDBE397DB78D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DC11EDDA-C8EB-4C56-838A-1B59179BCC18} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DC8FB7EC-93A2-4BDA-8CBC-C591C5E45F73} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DCC8C8B3-AEA8-4548-96F0-E40ABA322F9D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DCCCD6B1-5F45-434F-899B-68E601A61E06} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DCD78514-6696-4C0A-B004-2FB55C121CB1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DCDE27A7-93FA-428B-BDE2-B29F26F1F672} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DCF92118-F35E-4DC3-8E43-75ED9D691AA4} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DD4EE582-2A71-4AD9-8727-C69259CEB894} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DD4F015C-B9B1-4054-81AA-192A8F407901} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DD88D735-88FA-488B-9A43-6D8CB2BB674B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DDB18ACA-DCD8-4896-846D-ECFFFD808CB9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DDB960C3-46BA-4CDA-B45E-A6D52FB2D91D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DE2B6390-2A87-4991-A2A9-B045F3135B92} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DE57B0A4-1DEF-4E98-93AB-90A98585EEE2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DE78C2E8-C2D2-40F7-86D4-CA75A470E578} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DEB4A189-2630-424A-A6FC-C0EB47D25D3A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DEF8AFA4-1999-4987-9675-E617792CDE4A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DF25C96D-857E-4BCE-935C-8CEE4E20FC34} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DF7638E2-49FF-4670-92C3-CEDC94EF25EB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DFB0FCF0-44C6-4923-AD70-225BBE066597} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{DFC9CB42-266F-4767-8BBB-CA5602CA6217} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E00CDFE1-5483-42EB-A880-E8CFB6D896DD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E0163B7E-A338-4C93-A714-B1A0E25B46D3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E04E2CE8-C5A5-403A-89A6-FAB89555788A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E06291C7-E02E-4E59-A20B-52F2D93284EB} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E14FCB6A-2355-449D-8B5C-C95AF021DA74} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E15BD3F3-728C-447B-99B1-44351E72D242} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E1BF9C37-76BE-4BB4-B9E7-9195C158F63B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E1E2EF1D-A7B6-4B31-8911-DC71A887BBC1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E1EA937B-1AFF-4239-8C72-1BCD2EE4EC3D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E20FA8CE-1F2E-4BDA-9094-D2DDA9C9606D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E24BF1F8-0D3F-4B38-8B6F-A82045B78667} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E2726833-12D4-409B-B614-139DA3D8D11A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E2891F99-4C19-443B-B64B-253DBDDB05CA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E2B65C5E-168F-490F-B612-016E92ADDFA0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E323254B-4F30-44F1-BD5F-E0F0D89EE882} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E3466311-2A84-474D-9012-68CD476A101E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E356BE04-BD14-4F61-A952-AB6F46DBD2AF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E3987096-E4E9-42F8-922C-BD473AC7F85B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E3D57CE1-BF14-4342-B9A9-64406E775C53} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E3F7081B-333D-4A4E-91CF-ED2B41F4C0B0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E44882D3-7F14-4D89-965E-FD47BD8CB64F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E47BB9B0-9E59-4A07-8B78-A4CAFB23E423} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E5815631-4680-486C-A503-662B0B60B208} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E614B2A4-2DBD-46D9-89F3-B4E9F05B1337} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E61E565C-0C6F-4E47-8241-2E2C3082957D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E652AE2B-58A5-4CDD-809F-4211978B2B64} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E72FDA69-409C-4BC5-8FB3-2F1790FEBDC1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E8641563-F08C-4526-8606-018C9DF00A0F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E8DD1F79-40E4-4C26-9165-969F6D33B38B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E9127CFA-EC2C-45F5-937C-1CA5514399F6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E936EA23-29BC-46A1-B099-F3113EB1C974} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E9592B8E-6AA5-4A0B-9811-29BFAD008A06} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E95ADD43-55A7-46B6-B71D-A5342C222F00} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E99014C7-08F4-40C6-9220-4E487AF3D2B8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{E9DAB3DF-D06B-4652-A4BE-D44764BC80C9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EA101A55-0A2E-4DD0-BC96-6F890AB8A517} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EA2106FE-C022-4DA7-9008-B7E9845737BF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EACBBCCD-BEC1-464E-A851-62B7DC382164} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EB2A1E2B-27B2-4D97-9949-891997C3DF99} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EB2C8801-1F71-4F78-8C13-7D4D1673B016} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EB30CBCC-C734-4FBA-8C5D-4548342547FE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EB4E1A6B-F8C7-4A69-BC6B-98AA47836AF7} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EB88E3F7-B7FC-4804-835B-D813A8693125} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EBAFF085-431B-4CED-9247-4C78F133E566} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EBDE11A9-04AA-4D27-8D43-95BE19C1290B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EBE522BA-4288-4ADD-BC99-5F1C3B130256} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EBFEA13C-3210-457B-8AFC-2A2B6A32D500} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EC011FD1-5F24-4F4E-8703-666590448B58} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EC536EFC-A9EC-4050-85D3-D135C305EED8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{ECA41F5A-A4D2-43E6-A7D0-21CD3C5E2C2D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EDA25299-5A3B-4AB6-BC51-A26EFC16A6E9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EE376E20-A798-4C97-BB0A-AE9B6CEB97ED} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EE3E9377-712A-491A-8C41-984553583444} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EE6121EC-F5EF-4808-8D5B-C8F9D1C609D5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EE927103-7460-4B6E-B14A-8B60323DF4D6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EEAB3546-CE9E-4CB9-B104-8C15678403CF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EEB34073-062B-449A-B11C-0B5DF6DFA2CE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EEEBA6D6-F915-457E-801E-D9574DE43EA9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EF40E72C-80CA-468A-B4D6-5CF3DFB4DFA1} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EF4CCED1-2221-4EC1-9B4E-3A7BBA69A752} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EF7975F9-0DF4-4359-9FE2-244A5DE4BC12} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EFD35CCB-3EA2-4110-A6DA-432E77439124} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{EFF8BC36-510F-4511-A840-7EF01C82F117} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F013B254-DAC6-4124-AD6C-55B3001412C6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F0205B98-0ACE-4A61-86D3-326962505463} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F0336AE2-5668-4527-ACAA-87ADFB39E465} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F06701FB-8F4E-42C5-B4B1-3F3B4ED3790C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F071108E-CAD4-42DE-BA94-57DD171A055A} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F0855192-35F1-499D-916C-4687E279B2FD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F0878134-C20D-4EE2-A4A6-8B56D333D466} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F08D3FC9-8A6C-402E-AEC0-FDB65540ACFA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F0C6F220-15FA-42D4-8D61-07C17871373F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F0F1F0EE-ADA2-493F-8F80-B0B3B098EBA2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F1029D53-CC38-41F3-80AD-E0D2BEB80467} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F1747E10-5274-442A-8970-6E459C0B525C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F1DEBFC3-7537-4113-8A69-9307BDE7EB8D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F1E275AF-90A3-4AEF-9525-CDFB69CFD5AD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F1E93B52-87B4-4D1E-964F-B64CB937DF0E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F1EF76A2-FBF9-4C7D-A7B2-07FF7C89F665} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F1F1BA84-096F-4040-ADD1-AE065BDB66F3} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F206E4FC-22A6-4DD5-8438-54165831CB31} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F226CB2B-24C0-4BE4-A60E-12E769435EBF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F22CCEE3-9E8A-43E3-8EA1-FD4E3A6D6927} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F303347F-B636-4C19-BB49-9EB3EBF5DAB8} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F308EA3F-4712-4751-8616-B8437FD58D7B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F396807D-7904-449F-A466-E45B095D5477} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F39F9CFA-51A5-4C53-8711-B8841A64AED2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F3D20111-837F-4DE3-B08E-DE3DA0F54802} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F434EE7E-3341-4747-AF78-5B64A6898333} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F4925202-04B5-4BF3-9DE5-5BA7A368C5D6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F5008B85-541C-4192-869C-575E58D8A94D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F50FE6E5-6B65-4BA1-9339-B98732C4CE57} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F55EBAAD-2C98-4430-ACBD-474D33871D02} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F593AB81-A94F-44A6-923E-630D97E54222} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F5CA48AB-6B85-485B-9F00-070C5D3430DF} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F6DC1315-B698-4D22-8642-CF6C60A2AD32} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F6F727D9-937D-46F2-B43D-94270876ACB6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F7803D83-3D85-4F75-8CD8-2DBDA21BFBA2} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F7A8D180-15F6-46BE-BCA3-0B780FB6FE0E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F84EBAE3-1254-42A2-A70B-AC023C5FD859} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F86144A2-4C63-44CD-8B4B-C424843ED7DD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F86ABA7A-D0AA-461E-8417-CDDCB410E90D} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F8F7809B-C4F3-4351-A498-DBFC74C120FD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F914AA82-9CC7-4C7F-8698-0B7553E8C49F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F93DDB8D-A819-43C5-82D8-AF28DBBFDB8B} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F942D1DC-2569-40B7-826B-5393B0585C87} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F9CCE76B-EFB2-4DA2-8272-78EDE5A2DD57} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{F9D7297E-369B-435E-B30F-E1AEA65A4B29} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FA2457E6-223C-4409-B130-D595534AEF16} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FA6405C7-3E18-413B-86E6-F42DE1E650BA} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FB0E8EC1-3BAB-48EE-AB85-7DA0498A4E6C} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FB941C3D-8363-4127-B676-5EFBB6B77FD9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FBA8E2F8-4AF0-45A2-BDEC-E5BFF191DE58} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FBC2937D-1208-48A7-A4A6-59404B3210E5} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FBD3C796-FEB2-46F1-AB24-625DF093ACC6} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FC3F9570-2EA9-446A-BD87-76B28E786F00} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FC7DAF9F-3E92-4A4C-8A41-1B86F6BCC4DC} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FC85D864-A347-4652-9D04-AF7AA6295B68} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FD0672B0-042D-4606-9A5C-D41E8EC1C241} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FD26EFBC-CABE-478D-96B4-6A59BF9DF7A9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FD891513-C27F-4A74-B09C-4B3EDB5EEF27} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FD8CE804-5B6E-40AF-9D28-9915395D9E8F} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FDFAC7F7-4AF2-4C26-AC35-B1A05B996D8E} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FEA42E4C-DBD9-4F8E-BD07-1ECE659DAFF0} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FEAEE6E6-D64F-422D-B968-D6CA3F3C38DD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FEBE6A60-F848-44B3-BA79-7E0990D194DD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FEEA3464-AE70-4D1B-BC64-B158F84E23AE} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FEFFF184-66E9-4E71-99C1-2988B56733A9} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\{FF23E2F0-A3BA-4181-92AD-2A4FC22096FD} (Empty Folder)
Successfully deleted: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\searchplugins\bing powered search.xml (File)
Successfully deleted: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\user.js (File)
Successfully deleted: C:\Users\Martin\AppData\Roaming\pdfforge (Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Z25EP9A (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66AZBXF4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8MPF3ZS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LVC8FONP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O418YEFE (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TGYYRIC1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIUW2HXR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKTSUEZJ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Z25EP9A (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66AZBXF4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8MPF3ZS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LVC8FONP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O418YEFE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TGYYRIC1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIUW2HXR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKTSUEZJ (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.11.2016 at 17:00:00,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

M-K-D-B 29.11.2016 15:40
Servus,





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
FF Plugin HKU\S-1-5-21-1031562343-2424694273-2990312000-1000: @hola.org/vlc,version=1.8.649 -> C:\Users\Martin\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    :filefind
    YSearchUtil
    Hola
    OpenCandy
    Media Finder
    Babylon
    Softonic
    SweetIM
    Optimizer Pro

    :folderfind
    YSearchUtil
    Hola
    OpenCandy
    Media Finder
    Babylon
    Softonic
    SweetIM
    Optimizer Pro

    :regfind
    YSearchUtil
    Hola
    OpenCandy
    Media Finder
    Babylon
    Softonic
    SweetIM
    Optimizer Pro
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Myrmix 29.11.2016 17:33
Beim Ausführen von FRST ist folgende Fehlermeldung aufgegangen:
"Failed to update (5)"

Fixlog:
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Martin (29-11-2016 17:00:20) Run:1
Gestartet von C:\Users\Martin\Desktop
Geladene Profile: Martin (Verfügbare Profile: Martin)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
FF Plugin HKU\S-1-5-21-1031562343-2424694273-2990312000-1000: @hola.org/vlc,version=1.8.649 -> C:\Users\Martin\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
       
*****************

Prozess erfolgreich geschlossen.
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => Wert erfolgreich entfernt
"HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\MozillaPlugins\@hola.org/vlc,version=1.8.649" => Schlüssel erfolgreich entfernt
FF Plugin HKU\S-1-5-21-1031562343-2424694273-2990312000-1000: @hola.org/vlc,version=1.8.649 -> C:\Users\Martin\AppData\Local\Hola\firefox\app\vlc [Keine Datei] => nicht gefunden.

========= dir "%ProgramFiles%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9A2A-3E46

 Verzeichnis von C:\Program Files

20.11.2016  19:16    <DIR>          .
20.11.2016  19:16    <DIR>          ..
17.07.2015  08:34    <DIR>          Adobe
20.10.2016  14:43    <DIR>          AMD
19.08.2014  09:56    <DIR>          ATI
27.10.2014  10:06    <DIR>          Autodesk
27.08.2016  14:46    <DIR>          Blender Foundation
26.11.2015  15:36    <DIR>          CCleaner
22.07.2016  22:54    <DIR>          CDisplayEx
15.12.2015  17:39    <DIR>          Cloud Imperium Games
01.06.2015  15:49    <DIR>          Common Files
27.04.2013  20:46    <DIR>          CPUID
21.11.2010  08:01    <DIR>          DVD Maker
23.09.2016  13:34    <DIR>          GIMP 2
19.10.2016  19:41    <DIR>          Internet Explorer
06.01.2012  19:16    <DIR>          LoL
21.11.2011  13:05    <DIR>          Microsoft Office
19.10.2016  18:44    <DIR>          Microsoft Security Client
19.10.2016  19:44    <DIR>          Microsoft Silverlight
21.06.2012  18:45    <DIR>          Microsoft SQL Server Compact Edition
14.07.2009  06:32    <DIR>          MSBuild
20.11.2016  19:45    <DIR>          Nexus Mod Manager
12.05.2012  16:01    <DIR>          NTCore
19.08.2014  09:55    <DIR>          NVIDIA Corporation
21.09.2016  22:02    <DIR>          Paint.NET
31.03.2012  22:09    <DIR>          Rainmeter
15.11.2011  17:07    <DIR>          Realtek
14.07.2009  06:32    <DIR>          Reference Assemblies
21.10.2012  11:16    <DIR>          TeamSpeak 3 Client
11.07.2013  11:47    <DIR>          Windows Defender
19.10.2016  19:41    <DIR>          Windows Journal
04.12.2014  15:40    <DIR>          Windows Live
21.11.2010  07:50    <DIR>          Windows Mail
19.10.2016  19:42    <DIR>          Windows Media Player
15.11.2011  16:52    <DIR>          Windows NT
21.11.2010  07:50    <DIR>          Windows Photo Viewer
21.11.2010  04:31    <DIR>          Windows Portable Devices
21.11.2010  07:50    <DIR>          Windows Sidebar
04.01.2016  12:50    <DIR>          WinRAR
              0 Datei(en),              0 Bytes
              39 Verzeichnis(se), 125.552.791.552 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9A2A-3E46

 Verzeichnis von C:\Program Files (x86)

28.11.2016  16:30    <DIR>          .
28.11.2016  16:30    <DIR>          ..
27.02.2012  01:07    <DIR>          2K Games
22.12.2015  12:58    <DIR>          7-Zip
02.01.2012  18:58    <DIR>          ADLSoft UnCompressor
17.07.2015  08:35    <DIR>          Adobe
07.12.2014  19:00    <DIR>          AGEIA Technologies
25.05.2016  11:23    <DIR>          AMD
19.03.2015  22:37    <DIR>          AMD AVT
15.11.2011  17:09    <DIR>          ASM104xUSB3
12.02.2015  01:20    <DIR>          Autodesk
11.10.2012  19:33    <DIR>          AutoIt3
17.06.2016  17:15    <DIR>          Battle.net
08.08.2015  16:59    <DIR>          Battlelog Web Plugins
20.11.2016  19:15    <DIR>          Chip Digital GmbH
03.01.2013  12:59    <DIR>          Cisco Systems
27.11.2016  14:56    <DIR>          Common Files
18.11.2011  15:32    <DIR>          CyberLink
31.08.2014  20:35    <DIR>          DAEMON Tools Lite
22.11.2015  18:53    <DIR>          Drakonia Configurator
07.10.2015  23:09    <DIR>          EveHQ
20.02.2014  11:12    <DIR>          Foxit Software
15.04.2016  22:26    <DIR>          Free PDF to Word Doc Converter
31.12.2014  17:30    <DIR>          Free Picture Solutions
06.04.2015  16:17    <DIR>          Freelancer Mod Manager
15.04.2012  12:17    <DIR>          GameSpy Arcade
24.11.2011  20:55    <DIR>          gs
19.12.2011  13:33    <DIR>          GUILD WARS
29.04.2015  20:42    <DIR>          HardCMP Editor
15.03.2012  01:17    <DIR>          Hex-Editor MX
23.02.2012  18:56    <DIR>          id Software
17.11.2011  00:19    <DIR>          Intel
19.10.2016  19:41    <DIR>          Internet Explorer
10.05.2012  14:13    <DIR>          IrfanView
23.10.2016  10:23    <DIR>          Java
26.11.2016  11:44    <DIR>          JDownloader
03.03.2015  10:43    <DIR>          Knuddels
28.11.2016  16:30    <DIR>          Malwarebytes Anti-Malware
15.11.2011  17:09    <DIR>          Marvell
21.11.2011  13:05    <DIR>          Microsoft Analysis Services
06.04.2015  19:39    <DIR>          Microsoft Games
04.12.2011  15:54    <DIR>          Microsoft Games for Windows - LIVE
21.11.2011  13:06    <DIR>          Microsoft Office
19.10.2016  18:43    <DIR>          Microsoft Security Client
19.10.2016  19:44    <DIR>          Microsoft Silverlight
04.12.2014  15:41    <DIR>          Microsoft SQL Server Compact Edition
24.11.2011  01:47    <DIR>          Microsoft.NET
18.11.2016  09:37    <DIR>          Mozilla Firefox
18.11.2016  09:37    <DIR>          Mozilla Maintenance Service
14.07.2009  06:32    <DIR>          MSBuild
17.11.2011  11:16    <DIR>          MSXML 4.0
29.07.2012  14:15    <DIR>          Mumble
21.03.2012  22:44    <DIR>          Night
20.02.2014  11:16    <DIR>          Nitro
19.08.2014  09:55    <DIR>          NVIDIA Corporation
03.01.2015  20:13    <DIR>          OMC ModPack Client
15.11.2011  19:57    <DIR>          OpenOffice.org 3
22.05.2014  09:12    <DIR>          Pando Networks
07.12.2012  20:53    <DIR>          pawúned<4>2
07.10.2015  23:11    <DIR>          PDF Blender
26.11.2015  15:38    <DIR>          PDFCreator
06.08.2012  21:12    <DIR>          Pidgin
03.04.2012  11:14    <DIR>          Privoxy
09.03.2012  21:32    <DIR>          RADVideo
03.10.2015  10:38    <DIR>          Raptr
15.11.2011  17:08    <DIR>          Realtek
14.07.2009  06:32    <DIR>          Reference Assemblies
18.06.2015  09:47    <DIR>          Repair File
06.03.2012  16:20    <DIR>          Resource Hacker
04.05.2015  12:42    <DIR>          Rockstar Games
10.05.2016  12:09    <DIR>          Skype
22.05.2012  10:29    <DIR>          Smart Projects
31.03.2012  23:39    <DIR>          sTabLauncher
26.11.2016  11:44    <DIR>          Steam
16.09.2015  19:26    <DIR>          SystemRequirementsLab
19.07.2016  15:56    <DIR>          TeamSpeak 3 Client
01.12.2014  14:16    <DIR>          Trillian
19.06.2013  12:57    <DIR>          TuneUp Utilities 2013
20.03.2014  00:37    <DIR>          Ubisoft
26.06.2012  13:49    <DIR>          Valve
23.09.2012  20:38    <DIR>          Ventrilo
16.11.2011  11:27    <DIR>          VideoLAN
20.10.2016  14:47    <DIR>          VulkanRT
10.05.2012  19:44    <DIR>          windirstat
11.07.2013  11:47    <DIR>          Windows Defender
04.12.2014  15:40    <DIR>          Windows Live
21.11.2010  07:50    <DIR>          Windows Mail
19.10.2016  19:42    <DIR>          Windows Media Player
14.07.2009  06:32    <DIR>          Windows NT
21.11.2010  07:50    <DIR>          Windows Photo Viewer
21.11.2010  04:31    <DIR>          Windows Portable Devices
21.11.2010  07:50    <DIR>          Windows Sidebar
04.01.2016  01:30    <DIR>          WinRAR
18.05.2016  19:45    <DIR>          YACReader
              0 Datei(en),              0 Bytes
              94 Verzeichnis(se), 125.552.787.456 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9A2A-3E46

 Verzeichnis von C:\ProgramData

28.11.2016  16:22    <DIR>          .
28.11.2016  16:22    <DIR>          ..
20.06.2016  11:24    <DIR>          .minecraft
02.06.2015  11:01    <DIR>          Adobe
19.03.2015  22:37    <DIR>          AMD
17.08.2015  09:51    <DIR>          Ark Savegame Manager
23.07.2016  11:55    <DIR>          ATI
01.12.2014  10:39    <DIR>          Autodesk
28.02.2016  12:45    <DIR>          Battle.net
02.10.2015  15:52    <DIR>          BitRaider
11.06.2016  13:38    <DIR>          Blizzard Entertainment
15.09.2014  00:09    <DIR>          BlueStacksSetup
18.01.2014  19:46    <DIR>          Bohemia Interactive Studio
19.11.2011  15:14    <DIR>          CyberLink
23.05.2012  23:14    <DIR>          DAEMON Tools Lite
23.03.2013  13:57    <DIR>          dbg
15.08.2013  17:10    <DIR>          EA Core
15.08.2013  20:52    <DIR>          EA Logs
16.03.2014  00:10    <DIR>          Elder Scrolls Online
15.08.2013  15:12    <DIR>          Electronic Arts
20.02.2014  11:17    <DIR>          FileOpen
27.10.2014  10:13    <DIR>          FLEXnet
15.04.2016  22:36    <DIR>          Foxit ContentPlatform
28.11.2016  16:30    <DIR>          Malwarebytes
20.12.2014  11:09    <DIR>          McAfee
21.03.2012  22:45    <DIR>          Media Center Programs
23.11.2011  18:48    <DIR>          Microsoft Games
19.10.2016  18:55    <DIR>          Microsoft Help
27.10.2014  10:08              153 Microsoft.SqlServer.Compact.351.32.bc
25.04.2012  21:08    <DIR>          Mozilla
20.02.2014  11:16    <DIR>          Nitro
19.08.2014  09:55    <DIR>          NVIDIA Corporation
23.10.2016  10:24    <DIR>          Oracle
05.08.2014  19:40    <DIR>          Orbit
15.12.2015  21:59    <DIR>          Origin
27.05.2016  10:56    <DIR>          Package Cache
07.03.2016  11:30    <DIR>          Razer
01.06.2015  15:51    <DIR>          regid.1986-12.com.adobe
15.12.2013  19:59    <DIR>          RELOADED
10.05.2016  12:09    <DIR>          Skype
18.11.2013  21:13    <DIR>          Steam
15.11.2011  18:58    <DIR>          Sun
08.10.2014  19:50    <DIR>          SystemRequirementsLab
15.11.2011  20:15    <DIR>          TerraTec
22.11.2015  19:00    <DIR>          TuneUp Software
28.05.2012  17:25    <DIR>          Ubisoft
02.08.2014  16:44    <DIR>          WarThunder
10.05.2012  18:23    <DIR>          XSettings
              1 Datei(en),            153 Bytes
              47 Verzeichnis(se), 125.552.783.360 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9A2A-3E46

 Verzeichnis von C:\Users\Martin\AppData\Roaming

28.11.2016  16:59    <DIR>          .
28.11.2016  16:59    <DIR>          ..
17.06.2016  17:01    <DIR>          .minecraft
02.02.2013  18:24    <DIR>          .purple
12.03.2015  13:30    <DIR>          .StarMade
01.06.2015  15:52    <DIR>          Adobe
02.05.2016  18:56              132 Adobe CS6-PNG-Format - Voreinstellungen
04.10.2014  12:05    <DIR>          AMD
19.08.2014  10:04    <DIR>          ATI
01.12.2014  10:39    <DIR>          Autodesk
19.05.2016  22:11    <DIR>          Awesomium
28.02.2016  12:45    <DIR>          Battle.net
01.03.2012  20:19    <DIR>          Bioshock2
27.08.2016  14:52    <DIR>          Blender Foundation
13.02.2012  23:27    <DIR>          BoneCraft
13.06.2012  15:08    <DIR>          BT
31.12.2014  17:14    <DIR>          calibre
10.08.2013  10:55    <DIR>          Capcom
21.08.2016  23:48    <DIR>          CDisplayEx
22.03.2016  17:57    <DIR>          com.zam.minion.Minion
17.06.2016  17:05    <DIR>          Curse Advertising
19.11.2011  15:16    <DIR>          CyberLink
07.06.2016  11:47    <DIR>          DAEMON Tools Lite
17.05.2014  19:35    <DIR>          DarkSoulsII
25.03.2013  20:09    <DIR>          Doublefine
20.02.2014  11:16    <DIR>          Downloaded Installations
13.10.2012  12:59    <DIR>          DScaler4
11.05.2016  21:57    <DIR>          dvdcss
07.10.2015  23:09    <DIR>          EveHQ
19.07.2012  11:08    <DIR>          EVEMon
20.02.2014  11:17    <DIR>          FileOpen
12.02.2016  14:39    <DIR>          FiraxisLive
15.04.2016  22:36    <DIR>          Foxit AgentInformation
16.04.2016  09:55    <DIR>          Foxit Software
31.12.2014  17:31    <DIR>          Free Picture Solutions
30.07.2013  17:18    <DIR>          ftblauncher
06.08.2012  21:33    <DIR>          gtk-2.0
08.10.2016  20:11    <DIR>          Guild Wars 2
15.11.2011  16:57    <DIR>          Identities
21.06.2012  18:46    <DIR>          Indicium Technologies
15.11.2011  17:05    <DIR>          InstallShield
15.11.2011  17:18    <DIR>          Intel Corporation
10.05.2012  14:13    <DIR>          IrfanView
18.01.2015  23:09    <DIR>          java
17.03.2014  11:33    <DIR>          Leadertech
19.08.2014  10:14    <DIR>          library_dir
06.01.2012  20:03    <DIR>          LolClient
15.11.2011  18:33    <DIR>          Macromedia
28.11.2016  16:30    <DIR>          Malwarebytes
21.11.2010  08:00    <DIR>          Media Center Programs
23.11.2011  18:48    <DIR>          Microsoft Game Studios
22.11.2015  18:53    <DIR>          MingGuan
15.11.2011  18:28    <DIR>          Mozilla
10.11.2013  18:35    <DIR>          Mumble
07.10.2015  23:11    <DIR>          My Battle for Middle-earth(tm) II Files
08.06.2014  12:37    <DIR>          NCSOFT
08.07.2015  15:36    <DIR>          Nitro
27.11.2015  12:08    <DIR>          Nitro PDF
30.04.2012  22:44    <DIR>          OpenOffice.org
07.08.2015  21:47    <DIR>          Origin
01.06.2015  15:52    <DIR>          PDAppFlex
25.11.2011  23:36    <DIR>          PunkBuster
27.09.2013  09:30    <DIR>          Rainmeter
03.10.2015  10:39    <DIR>          Raptr
01.08.2013  21:39    <DIR>          Rovio
27.11.2011  11:31    <DIR>          SFBot
24.09.2016  13:42    <DIR>          Skype
25.08.2016  16:43    <DIR>          SpaceEngineers
19.08.2014  15:56    <DIR>          SPORE
28.11.2014  15:28    <DIR>          Steam
20.02.2014  11:11    <DIR>          SumatraPDF
07.03.2014  17:12    <DIR>          Sun
02.03.2013  12:30    <DIR>          TerraTec
21.09.2013  22:59    <DIR>          The Creative Assembly
30.01.2014  19:42    <DIR>          TheBannerSaga
20.11.2012  21:02    <DIR>          Theta
01.12.2014  14:17    <DIR>          Trillian
29.11.2016  00:15    <DIR>          TS3Client
23.03.2013  13:59    <DIR>          ts3overlay
22.02.2014  00:10    <DIR>          TuneUp Software
27.07.2013  22:40    <DIR>          Tunngle
27.04.2013  21:40    <DIR>          Ubisoft
04.01.2016  23:08    <DIR>          uplay
31.12.2014  17:03    <DIR>          uTorrent
26.11.2015  15:38    <DIR>          Ventrilo
25.11.2016  19:17    <DIR>          vlc
23.07.2014  21:53    <DIR>          wargaming.net
11.02.2012  12:14    <DIR>          Windows Live Writer
15.11.2011  21:35    <DIR>          WinRAR
04.04.2013  13:25    <DIR>          XRay Engine
18.08.2016  19:08    <DIR>          {CD83FB38-E8D1-964E-83E7-B19C5F354CA2}
              1 Datei(en),            132 Bytes
              90 Verzeichnis(se), 125.552.779.264 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 9A2A-3E46

 Verzeichnis von C:\Users\Martin\AppData\Local

28.11.2016  16:59    <DIR>          .
28.11.2016  16:59    <DIR>          ..
18.09.2013  13:23    <DIR>          4A Games
29.04.2015  10:19    <DIR>          Activision
08.11.2016  10:42    <DIR>          Adobe
20.10.2016  15:57    <DIR>          AMD
17.01.2012  16:42    <DIR>          Apps
17.08.2015  09:51    <DIR>          Ark_Savegame_Manager
18.01.2014  20:38    <DIR>          ArmA 2
18.01.2014  23:48    <DIR>          ArmA 2 OA
19.08.2014  10:04    <DIR>          ATI
27.10.2014  10:13    <DIR>          Autodesk
26.11.2015  15:33    <DIR>          Avg2014
10.08.2015  14:14    <DIR>          BANDAI NAMCO Games
17.06.2016  18:56    <DIR>          Battle.net
20.11.2016  19:17    <DIR>          Black_Tree_Gaming
09.11.2014  20:22    <DIR>          Blizzard Entertainment
31.12.2014  17:07    <DIR>          calibre-cache
21.07.2015  23:27    <DIR>          CEF
25.04.2012  15:08    <DIR>          Chromium
29.11.2016  00:22    <DIR>          CrashDumps
13.02.2013  12:10    <DIR>          Darksiders2
25.01.2016  23:50    <DIR>          Daybreak Game Company
05.07.2016  09:38    <DIR>          Deployment
18.11.2015  14:07    <DIR>          Diagnostics
20.11.2016  19:15    <DIR>          Downloaded Installations
24.01.2012  01:55    <DIR>          dxhr
08.02.2013  17:11    <DIR>          EA Games
14.10.2016  08:35    <DIR>          ElevatedDiagnostics
15.08.2013  17:12    <DIR>          ESN
20.11.2016  19:45    <DIR>          Fallout4
10.10.2013  16:16    <DIR>          FalloutNV
06.04.2015  15:01    <DIR>          FLCrossfireGecko
29.03.2013  00:39    <DIR>          FLT
15.09.2015  13:38    <DIR>          fontconfig
31.12.2014  17:31    <DIR>          Free Picture Solutions
03.04.2015  11:43    <DIR>          Freelancer
04.07.2016  09:19          129.480 GDIPFONTCACHEV1.DAT
15.09.2015  13:38    <DIR>          gegl-0.2
15.09.2015  15:59    <DIR>          gtk-2.0
01.06.2015  11:56    <DIR>          GWX
25.08.2016  15:54    <DIR>          IsolatedStorage
26.11.2016  02:49    <DIR>          JDownloader v2.0
05.09.2012  08:29    <DIR>          Macromedia
05.04.2014  16:21    <DIR>          Mass_Effect_3-RAF
18.02.2016  14:02    <DIR>          Microsoft
23.11.2011  18:48    <DIR>          Microsoft Game Studios
06.02.2013  16:01    <DIR>          Microsoft Help
22.03.2016  17:57    <DIR>          Minion
09.10.2013  23:14    <DIR>          Mozilla
25.12.2013  19:32    <DIR>          My Games
11.06.2016  00:15    <DIR>          MyComGames
07.02.2014  13:47    <DIR>          NBGI
08.06.2014  12:37    <DIR>          NCSOFT
19.08.2014  09:53    <DIR>          NVIDIA Corporation
21.12.2011  16:15    <DIR>          Oblivion
27.08.2016  14:42    <DIR>          open3mod
15.09.2015  15:45    <DIR>          Paint.NET
21.03.2014  20:26    <DIR>          PAYDAY 2
23.04.2013  08:50    <DIR>          PDF Repair Toolbox
12.03.2013  18:01    <DIR>          Programs
22.08.2014  21:03    <DIR>          PunkBuster
17.10.2014  16:41    <DIR>          QfG
07.03.2016  11:30    <DIR>          razer
15.09.2015  15:59            6.682 recently-used.xbel
11.05.2012  18:13            7.596 Resmon.ResmonCfg
22.08.2014  22:22    <DIR>          Risen3
04.05.2015  12:45    <DIR>          Rockstar Games
09.01.2013  20:56    <DIR>          SCE
06.01.2016  00:48    <DIR>          SKIDROW
10.03.2016  19:15    <DIR>          Skype
17.10.2014  18:01    <DIR>          Skyrim
06.06.2012  21:14    <DIR>          SniperV2
10.01.2013  21:31    <DIR>          Sony Online Entertainment
31.03.2012  23:40    <DIR>          sTabLauncher
01.11.2015  11:58    <DIR>          Steam
07.03.2014  17:11    <DIR>          Sun
05.04.2014  16:26    <DIR>          SWTOR
05.04.2014  16:00    <DIR>          SWTORPerf
29.11.2016  16:57    <DIR>          Temp
07.05.2013  22:50    <DIR>          The Witcher
08.05.2013  00:11    <DIR>          The Witcher 2
22.11.2015  19:03    <DIR>          TuneUp Software
12.06.2013  12:53    <DIR>          Two Worlds II
02.06.2012  16:14    <DIR>          Ubisoft Game Launcher
27.05.2016  10:59    <DIR>          UnrealEngine
06.04.2015  15:03    <DIR>          utrack
15.09.2014  00:01    <DIR>          VirtualStore
02.08.2014  16:44    <DIR>          WarThunder
15.09.2015  13:44    <DIR>          webkit
25.12.2014  17:49    <DIR>          Windows Live
21.11.2011  13:13    <DIR>          Windows Live Writer
15.08.2016  23:15    <DIR>          YACReader
07.03.2014  16:52    <DIR>          {3225C812-5FB8-41CE-B15F-997F80151000}
07.03.2014  17:08    <DIR>          {3248F0A6-6813-11D6-A77B-00B0D0150050}
18.08.2016  19:09    <DIR>          {CDDEFB82-E976-973A-84EE-B2D2A0864E4A}
              3 Datei(en),        143.758 Bytes
              93 Verzeichnis(se), 125.552.771.072 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 83499140 B
Java, Flash, Steam htmlcache => 354394671 B
Windows/system/drivers => 27318 B
Edge => 0 B
Chrome => 0 B
Firefox => 37944055 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 33125 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83620 B
systemprofile32 => 66088 B
LocalService => 115860 B
NetworkService => 67936825 B
Martin => 18966883 B
UpdatusUser => 0 B
UpdatusUser => 0 B

RecycleBin => 185131667 B
EmptyTemp: => 713.5 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:01:21 ====
SystemLook:
Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 17:06 on 29/11/2016 by Martin
Administrator - Elevation successful

========== filefind ==========

Searching for "YSearchUtil"
No files found.

Searching for "Hola"
No files found.

Searching for "OpenCandy"
No files found.

Searching for "Media Finder"
No files found.

Searching for "Babylon"
No files found.

Searching for "Softonic"
No files found.

Searching for "SweetIM"
No files found.

Searching for "Optimizer Pro"
No files found.

========== folderfind ==========

Searching for "YSearchUtil"
No folders found.

Searching for "Hola"
C:\Users\Martin\Downloads\Hola        d------        [10:27 07/02/2015]

Searching for "OpenCandy"
No folders found.

Searching for "Media Finder"
No folders found.

Searching for "Babylon"
No folders found.

Searching for "Softonic"
No folders found.

Searching for "SweetIM"
No folders found.

Searching for "Optimizer Pro"
No folders found.

========== regfind ==========

Searching for "YSearchUtil"
No data found.

Searching for "Hola"
[HKEY_CURRENT_USER\Software\Paint.NET]
"File/MostRecent/Thumbnail3"="iVBORw0KGgoAAAANSUhEUgAAADoAAAA6CAYAAADhu0ooAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsEAAA7BAbiRa+0AABDTSURBVGhD7VlpVxtJlvU/mC/TtdjYGLNLQqwSQhISkhBC+76viH0VArEb29jGGGzaVV3VtruWPjXd0+d0/8rb96UWXO6a+T495Dn3RGRmKDPuffe9iIQ7t8ftcXvcHrfH7XF73B63x+3xb3z8BzFIWP9NIdyE453Bw29/xNbFd9h8eY2VsyvMPz5HZH0fjuwyzJECdL4Uhl0xaKfDGLAHoLX5obU3EcDAlJfwQDPpgto8A5VpGmqLCwMzXgxGIxgKRTGeTMAWy2I8kIEpWkAwHEU6FkUmV0CpPI/YehXp7X1kq/so1I4wd3iK5WevsPz0HIunLzB/coa5o2dYPzjE1sE+Nk6fYft4l+e7KB+eYeHoDGvHz1De3EJ+dR2RtV3ENvZQ2H2MBtk71pMP/43D735B7d2PWDv/FqWTC0S3juFfrGIyVsKYJ4lBZwQDtgDUJKW2ekjEfdNaSJKtxkoo57MKNFaBm7/zYNDhR9RsxFgiDV0yC/18CSY+25Kahy27hJniKtzlDfgWtxBY3kZotcqJ1hBdJ5RJ15DYIsFsBBsJNza21rE/78buQhgLe8+wWD3CWnUPu8UYdhby2H95hcfvPiB3+EqISmTvWM9/+CsufvgLnv7xZ958jy1GNby2D1tmmeqXMBHKY2Q2Do09SHJeqEimf3IW/QpZnpOwXFOIN4X4DJoZP4bdQThTc/AmCtD7EvXoxuYwmSzDml7EFN9no4vs+RUFM6U1zJbX4aIA7vlNeBa2cJ4J4vmUFgdPXsK7/JTBeIzw4VM4NneQP3yCnSNG/OJ7VC7f4/D6I6pvPt4Q/f1f/o5v//oPXLN98ccfcf
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\hola_plugin.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\hola_plugin_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\hola_plugin_x64_RASAPI32]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{825E3A0C-7CD9-49C1-92FF-AA0B7A0D6256}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{9B1D214A-2E86-412E-9A37-508D956B75C1}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{AE408CFD-9E72-4673-9B80-C0E60015DBE4}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{99AC8BD9-AAB7-4808-A04F-F57E9C213FDD}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{825E3A0C-7CD9-49C1-92FF-AA0B7A0D6256}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{9B1D214A-2E86-412E-9A37-508D956B75C1}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{AE408CFD-9E72-4673-9B80-C0E60015DBE4}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{99AC8BD9-AAB7-4808-A04F-F57E9C213FDD}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{825E3A0C-7CD9-49C1-92FF-AA0B7A0D6256}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{9B1D214A-2E86-412E-9A37-508D956B75C1}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{AE408CFD-9E72-4673-9B80-C0E60015DBE4}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{99AC8BD9-AAB7-4808-A04F-F57E9C213FDD}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe"="v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe|Name=Hola Better Internet Engine|Desc=Hola Better Internet Engine|"
[HKEY_USERS\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Paint.NET]
"File/MostRecent/Thumbnail3"="iVBORw0KGgoAAAANSUhEUgAAADoAAAA6CAYAAADhu0ooAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsEAAA7BAbiRa+0AABDTSURBVGhD7VlpVxtJlvU/mC/TtdjYGLNLQqwSQhISkhBC+76viH0VArEb29jGGGzaVV3VtruWPjXd0+d0/8rb96UWXO6a+T495Dn3RGRmKDPuffe9iIQ7t8ftcXvcHrfH7XF73B63x+3xb3z8BzFIWP9NIdyE453Bw29/xNbFd9h8eY2VsyvMPz5HZH0fjuwyzJECdL4Uhl0xaKfDGLAHoLX5obU3EcDAlJfwQDPpgto8A5VpGmqLCwMzXgxGIxgKRTGeTMAWy2I8kIEpWkAwHEU6FkUmV0CpPI/YehXp7X1kq/so1I4wd3iK5WevsPz0HIunLzB/coa5o2dYPzjE1sE+Nk6fYft4l+e7KB+eYeHoDGvHz1De3EJ+dR2RtV3ENvZQ2H2MBtk71pMP/43D735B7d2PWDv/FqWTC0S3juFfrGIyVsKYJ4lBZwQDtgDUJKW2ekjEfdNaSJKtxkoo57MKNFaBm7/zYNDhR9RsxFgiDV0yC/18CSY+25Kahy27hJniKtzlDfgWtxBY3kZotcqJ1hBdJ5RJ15DYIsFsBBsJNza21rE/78buQhgLe8+wWD3CWnUPu8UYdhby2H95hcfvPiB3+EqISmTvWM9/+CsufvgLnv7xZ958jy1GNby2D1tmmeqXMBHKY2Q2Do09SHJeqEimf3IW/QpZnpOwXFOIN4X4DJoZP4bdQThTc/AmCtD7EvXoxuYwmSzDml7EFN9no4vs+RUFM6U1zJbX4aIA7vlNeBa2cJ4J4vmUFgdPXsK7/JTBeIzw4VM4NneQP3yCnSNG/O

Searching for "OpenCandy"
No data found.

Searching for "Media Finder"
[HKEY_CURRENT_USER\Software\Classes\MF]
@="URL:Media Finder"
[HKEY_USERS\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Classes\MF]
@="URL:Media Finder"
[HKEY_USERS\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\MF]
@="URL:Media Finder"

Searching for "Babylon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1031562343-2424694273-2990312000-1000\Components\BC9D387CD403E0479C0E59FB2C7D6AB3]
"8574A5E99810B9146ADEEFC4DB52F550"="C?\Windows\SysWOW64\BabylonLogo.jpg"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1031562343-2424694273-2990312000-1000\Components\E174AC3C70E9E69C2B2D4FA24A326A7C]
"8574A5E99810B9146ADEEFC4DB52F550"="C:\Program Files (x86)\sTabLauncher\Sponsor\Babylon9_setup_15500.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"

Searching for "Softonic"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\49ae578b_0]
@="{0.0.0.00000000}.{b93cd1a5-c508-4750-abe5-f1181c9d1ba4}|\Device\HarddiskVolume2\Users\Martin\MC\SoftonicDownloader_fuer_minecraft-skinedit.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\49ae578b_0]
@="{0.0.0.00000000}.{b93cd1a5-c508-4750-abe5-f1181c9d1ba4}|\Device\HarddiskVolume2\Users\Martin\MC\SoftonicDownloader_fuer_minecraft-skinedit.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "SweetIM"
No data found.

Searching for "Optimizer Pro"
No data found.

-= EOF =-
FRST
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
durchgeführt von Martin (Administrator) auf MYRMIX (29-11-2016 17:20:49)
Gestartet von C:\Users\Martin\Desktop
Geladene Profile: Martin (Verfügbare Profile: Martin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Privoxy\privoxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Run: [World of Warships] => K:\Games\WOWS_PublicTest\WargamingGameUpdater.exe [3134216 2016-11-07] (Wargaming.net)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk [2012-04-03]
ShortcutTarget: Privoxy.lnk -> C:\Program Files (x86)\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter - Verknüpfung.lnk [2012-04-01]
ShortcutTarget: Rainmeter - Verknüpfung.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{AE141692-DE9B-4CC3-93A4-62B71E738879}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> {A0C59A24-F50F-433C-928B-8235295514F4} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: a9urom3s.default-1384358611811
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 [2016-11-29]
FF NewTab: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> Bing Powered Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> Bing Powered Search
FF Homepage: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> www.google.at
FF Keyword.URL: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> user_pref("keyword.URL", true);
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ftp", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.socks", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ssl", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ssl_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ftp", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> http", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> http_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> socks", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ssl", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ssl_port", 8080
FF Extension: (ADB Helper) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\adbhelper@mozilla.org [2016-11-03]
FF Extension: (Advanced Cookie Manager) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\cookiemgr@jayapal.com [2016-02-22]
FF Extension: (Valence) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\fxdevtools-adapters@mozilla.org [2016-02-23]
FF Extension: (ExHentai Easy) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2013-11-24] [ist nicht signiert]
FF Extension: (YouTube Center) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2016-04-28]
FF Extension: (Shumway) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\shumway@research.mozilla.org [2015-10-15] [ist nicht signiert]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-10-10]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-11-28]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1031562343-2424694273-2990312000-1000: @my.com/Games -> C:\Users\Martin\AppData\Local\MyComGames\NPMyComDetector.dll [2016-06-11] (MY.COM B.V.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-21] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-02] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-07-19] (BitRaider, LLC)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
S3 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-08-08] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-27] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-31] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-27] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S0 mv91xx; system32\DRIVERS\mv91xx.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-29 17:06 - 2016-11-29 17:19 - 00022248 _____ C:\Users\Martin\Desktop\SystemLook.txt
2016-11-29 17:05 - 2016-11-29 17:05 - 00165376 _____ C:\Users\Martin\Desktop\SystemLook_x64.exe
2016-11-29 17:00 - 2016-11-29 17:01 - 00023035 _____ C:\Users\Martin\Desktop\Fixlog.txt
2016-11-28 17:10 - 2016-11-28 17:11 - 00058957 _____ C:\Users\Martin\Desktop\Addition.txt
2016-11-28 17:09 - 2016-11-29 17:20 - 00017372 _____ C:\Users\Martin\Desktop\FRST.txt
2016-11-28 17:00 - 2016-11-28 17:00 - 00131659 _____ C:\Users\Martin\Desktop\JRT.txt
2016-11-28 16:57 - 2016-11-28 16:57 - 01631928 _____ (Malwarebytes) C:\Users\Martin\Desktop\JRT.exe
2016-11-28 16:55 - 2016-11-28 16:55 - 00003516 _____ C:\Users\Martin\Desktop\mbam.txt
2016-11-28 16:30 - 2016-11-28 16:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-28 16:30 - 2016-11-28 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-28 16:30 - 2016-11-28 16:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-28 16:30 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-28 16:30 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-28 16:29 - 2016-11-28 16:29 - 22851472 _____ (Malwarebytes ) C:\Users\Martin\Desktop\mbam-setup-2.2.1.1043.exe
2016-11-28 16:18 - 2016-11-28 16:22 - 00000000 ____D C:\AdwCleaner
2016-11-28 16:14 - 2016-11-28 16:14 - 03910208 _____ C:\Users\Martin\Desktop\AdwCleaner_6.030.exe
2016-11-27 20:36 - 2016-11-27 20:36 - 00276696 _____ C:\Windows\Minidump\112716-17487-01.dmp
2016-11-27 15:00 - 2016-11-27 15:00 - 00026564 _____ C:\ComboFix.txt
2016-11-27 14:48 - 2016-11-27 15:00 - 00000000 ____D C:\Qoobox
2016-11-27 14:48 - 2016-11-27 14:59 - 00000000 ____D C:\Windows\erdnt
2016-11-27 14:48 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-11-27 14:48 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-11-27 14:48 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-11-27 14:46 - 2016-11-27 14:46 - 05659307 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2016-11-26 11:52 - 2016-11-28 17:07 - 00000000 ____D C:\Users\Martin\rootkit
2016-11-26 11:51 - 2016-11-26 11:55 - 00063263 _____ C:\Users\Martin\Downloads\Addition.txt
2016-11-26 11:50 - 2016-11-26 11:56 - 00027727 _____ C:\Users\Martin\Downloads\FRST.txt
2016-11-26 11:48 - 2016-11-29 17:20 - 00000000 ____D C:\FRST
2016-11-26 11:44 - 2016-11-26 11:44 - 02412032 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-11-26 11:20 - 2016-11-26 11:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martin\Downloads\HijackThis.exe
2016-11-20 19:17 - 2016-11-20 19:45 - 00000890 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-11-20 19:17 - 2016-11-20 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-11-20 19:16 - 2016-11-20 19:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-11-20 19:15 - 2016-11-20 19:15 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-11-20 18:45 - 2016-11-22 14:13 - 00000000 ____D C:\Users\Martin\FALL4mods
2016-11-18 17:22 - 2016-11-18 17:22 - 00276696 _____ C:\Windows\Minidump\111816-21699-01.dmp
2016-11-18 01:57 - 2016-11-29 17:04 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2016-11-18 01:33 - 2016-11-18 09:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-11 14:05 - 2016-11-11 14:05 - 00000781 _____ C:\Users\Public\Desktop\WOWS_PublicTest.lnk
2016-11-10 22:06 - 2016-11-11 13:38 - 03186048 _____ (Wargaming ) C:\Users\Martin\Downloads\WoWS_PublicTest.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-29 17:11 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-29 17:11 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-29 17:10 - 2010-11-21 07:50 - 00713806 _____ C:\Windows\system32\perfh007.dat
2016-11-29 17:10 - 2010-11-21 07:50 - 00153922 _____ C:\Windows\system32\perfc007.dat
2016-11-29 17:10 - 2009-07-14 06:13 - 01648056 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-29 17:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-29 17:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-29 17:01 - 2016-08-05 12:03 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-11-29 17:01 - 2011-11-15 21:03 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Temp
2016-11-29 00:22 - 2015-10-29 13:29 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2016-11-29 00:15 - 2011-12-19 22:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\TS3Client
2016-11-28 16:51 - 2015-02-19 19:26 - 00000000 ____D C:\Users\Martin\DAI
2016-11-28 16:51 - 2014-04-01 15:41 - 00000000 ____D C:\Users\Martin\Siemens
2016-11-28 16:51 - 2013-04-18 10:33 - 00000000 ____D C:\Users\Martin\MC
2016-11-28 16:51 - 2012-05-12 09:53 - 00000000 ____D C:\Users\Martin\Skyrim
2016-11-28 16:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SchCache
2016-11-28 16:30 - 2012-04-20 09:49 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-28 16:30 - 2012-04-20 09:49 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Malwarebytes
2016-11-28 16:30 - 2012-04-20 09:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-27 20:36 - 2016-08-06 11:05 - 673605975 _____ C:\Windows\MEMORY.DMP
2016-11-27 20:36 - 2012-08-15 14:01 - 00000000 ____D C:\Windows\Minidump
2016-11-27 15:00 - 2012-01-17 16:42 - 00000000 ____D C:\Users\Martin\AppData\Local\Apps\2.0
2016-11-27 14:58 - 2011-11-15 16:52 - 00000000 ____D C:\Users\Martin
2016-11-27 14:58 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-11-26 11:44 - 2013-07-28 12:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-26 11:44 - 2011-11-15 21:17 - 00000000 ____D C:\Program Files (x86)\JDownloader
2016-11-26 11:43 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-26 02:49 - 2016-08-18 19:08 - 00000000 ____D C:\Users\Martin\AppData\Local\JDownloader v2.0
2016-11-25 19:17 - 2012-07-14 13:43 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2016-11-21 20:07 - 2015-08-11 22:48 - 00000000 ___RD C:\Users\Martin\wows
2016-11-20 20:07 - 2012-04-25 16:00 - 00218112 ___SH C:\Users\Martin\Thumbs.db
2016-11-20 19:45 - 2015-11-11 12:42 - 00000000 ____D C:\Users\Martin\AppData\Local\Fallout4
2016-11-20 19:17 - 2012-01-07 19:18 - 00000000 ____D C:\Users\Martin\Documents\Nexus Mod Manager
2016-11-20 19:17 - 2012-01-07 19:18 - 00000000 ____D C:\Users\Martin\AppData\Local\Black_Tree_Gaming
2016-11-20 19:15 - 2016-02-12 14:34 - 00000000 ____D C:\Users\Martin\AppData\Local\Downloaded Installations
2016-11-18 09:37 - 2012-04-25 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-12 18:59 - 2015-12-18 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-11-11 14:05 - 2012-07-28 22:00 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-11-11 14:05 - 2011-11-21 16:17 - 00000000 ____D C:\Games
2016-11-08 10:42 - 2014-02-20 16:15 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 10:42 - 2014-02-20 16:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 10:42 - 2011-11-16 20:36 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2016-11-08 10:42 - 2011-11-15 18:31 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 10:42 - 2011-11-15 18:31 - 00000000 ____D C:\Windows\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-15 14:05 - 2016-05-02 18:56 - 0000132 _____ () C:\Users\Martin\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-09-15 15:59 - 2015-09-15 15:59 - 0006682 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2012-05-11 13:46 - 2012-05-11 18:13 - 0007596 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2014-10-27 10:08 - 2014-10-27 10:08 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Martin\Drakonia Configurator.exe
C:\Users\Martin\dscaler4115.exe
C:\Users\Martin\jre-7u40-windows-x64.exe
C:\Users\Martin\Steam-reg.reg


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-27 13:47

==================== Ende von FRST.txt ============================

Myrmix 29.11.2016 17:34
Addition

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Martin (29-11-2016 17:21:49)
Gestartet von C:\Users\Martin\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-11-15 15:52:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1031562343-2424694273-2990312000-500 - Administrator - Disabled)
Gast (S-1-5-21-1031562343-2424694273-2990312000-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1031562343-2424694273-2990312000-1002 - Limited - Enabled)
Martin (S-1-5-21-1031562343-2424694273-2990312000-1000 - Administrator - Enabled) => C:\Users\Martin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version:  - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Armored Warfare MyCom (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Armored Warfare MyCom) (Version: 1.62 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
AutoIt v3.3.8.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bing Powered Search (HKLM-x32\...\BingPoweredSearch) (Version:  - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
CPUID HWMonitor 1.22 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crossfire 2.0 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Crossfire 2.0) (Version: 2.00.00.00 - SWAT-Portal)
Curse Client (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Sten) (Version:  - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Wynne) (Version:  - )
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
FAM 1.0.0.0 (HKLM-x32\...\FAM) (Version: 1.0.0.0 - Korrd)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free CBR Reader (HKLM-x32\...\{B9240DAE-EFA1-4A0E-824F-17B3F99194F8}) (Version: 1.0.0 - Free Picture Solutions)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version:  - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
gmax (HKLM-x32\...\{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}) (Version: 4.4.0.125 - Discreet)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GUILD WARS (HKLM-x32\...\Guild Wars) (Version:  - )
HardCMP v1.0.0.23 (HKLM-x32\...\HardCMP_is1) (Version: 1.0.0.23 - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 3D 1.5.1 (HKLM-x32\...\{32A9C5B3-D166-4C6D-A11E-A54473151000}) (Version: 1.5.1 - Sun Microsystems, Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minion (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 de)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.3 (HKLM-x32\...\{C3E9887A-23BA-4777-8080-191A5AFCAB74}) (Version: 1.2.3 - Thorvald Natvig)
My.com Game Center (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\MyComGames) (Version: 3.162 - My.com B.V.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.9 - Black Tree Gaming)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OMC ModPack Client Version 1.1.11.6 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.1.11.6 - Odem Mortis)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Parsec (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\a53dc3b81e52c50e) (Version: 1.0.0.42 - Parsec)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
paw·ned‹4›2 – Die Antwort auf alle Buildfragen (HKLM-x32\...\pawned42) (Version:  - JN-GAMES Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Pdfedit (HKLM-x32\...\{6C11089A-E23F-4E9B-B12C-316BF1A4376B}) (Version: 4.5.0.0 - PdfEdit team)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.6 - )
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version:  - )
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.2 r1116 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Slime Rancher (HKLM-x32\...\Slime Rancher0.2.4b) (Version: 0.2.4b - TheRaven1)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - Keen Software House)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
sTabLauncher (HKLM-x32\...\{9E5A4758-0189-419B-A6ED-FE4CBD255F05}) (Version: 2.2.3 - Sergio Santos)
Star Citizen Launcher (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War Thunder Launcher 1.0.1.386 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WindowsAndroid version 4.0.3 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{7E07052F-A4CE-4932-B066-B9203888439F}_is1) (Version: 4.0.3 - SocketeQ, Inc.)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Warships (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
YACReader 8.5.0 (HKLM-x32\...\YACReader_is1) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{06d45639-4c61-4cab-be15-52f5e6e72d31}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{27e52464-33a3-42ab-a482-c84fab56362a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{4e9b62d8-f542-423b-8e8e-2007daeac423}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{7acd7f3b-8bb8-430f-8499-dd8077c7af97}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{7d430c4d-1b80-464c-8f5d-2d99d4ff9c85}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{8059b7ca-030b-489d-b211-5b961893bedf}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{b8be70ea-432e-4a55-ba5c-a83cd1e376b6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{b9540fcf-2d9b-4e81-8557-2c9592685a9a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{e26b586f-8643-46af-a2fc-bc81c5389766}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{e85372c0-2724-41f4-a715-0806ee361bb0}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {118AFB0A-8683-4B7C-BCDC-977FBEDB75A1} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {1D4D8704-1B7E-4E12-8562-8B322EEBA1F1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {305492CB-4722-4BA3-BF71-A11429E75A10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {35419A1B-98CE-4D48-91FD-1FBF82A10B24} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-16] (Advanced Micro Devices, Inc.)
Task: {AAE2BC6B-1119-4222-B6C7-017DDD173F9B} - System32\Tasks\{652BC46E-1D96-4931-B893-AE3A21457C8E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/eula
Task: {B3F91BB8-7CC1-4BE6-B368-4204269BAFB6} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {EF75F260-60A6-4F74-882C-2A4CF98BD56F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-11-24 20:35 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-03-22 17:18 - 2015-08-08 17:04 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-13 01:01 - 2016-09-13 01:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-11-22 18:53 - 2013-10-29 13:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2015-11-22 18:53 - 2012-12-11 11:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2011-12-27 08:40 - 2011-12-27 08:40 - 00086528 _____ () C:\Program Files (x86)\Privoxy\mgwz.dll
2015-11-22 18:53 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2015-11-22 18:53 - 2011-11-22 14:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2016-10-16 11:54 - 2016-10-16 11:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f91bd970f20123a46b575cf6e92bc441\IsdiInterop.ni.dll
2011-11-15 17:06 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-11-27 14:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\Drakonia Configurator\hid.exe
MSCONFIG\startupreg: Remote Control Editor => "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe"
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RGSC => K:\Games\GTA4\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DA14B3E4-1977-4874-9BC8-8D78BDEFA0FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D45D251F-9F78-419B-B3FB-CC129056CC7C}C:\games\call of duty black ops\blackops.exe] => (Block) C:\games\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{115987AB-3EE6-42AB-81E0-B6C843F4B95B}C:\games\call of duty black ops\blackops.exe] => (Block) C:\games\call of duty black ops\blackops.exe
FirewallRules: [{D023DD3D-B9E3-4FD4-A706-20EA6612D3D3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{10F598B7-6248-4641-A32C-7B8FAAB3B384}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{15CF0E2B-A339-4B42-99D5-37CA542D4ABD}K:\games\gw2\gw2.exe] => (Allow) K:\games\gw2\gw2.exe
FirewallRules: [UDP Query User{32719093-8BD2-44A4-856C-49B1EA2D33BE}K:\games\gw2\gw2.exe] => (Allow) K:\games\gw2\gw2.exe
FirewallRules: [{254B1476-B09C-4F89-A9F6-82A0F56FD0B5}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{D5872796-7876-49F7-A2D8-8FF6D5A53523}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{CA94F41A-DD1B-4A72-86DE-1032FE2B366D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6FD7189D-1EBA-47A4-A5EB-BF06EC520BBC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DBFEB9BB-2B08-494C-8C03-EE196D5B1F96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B0ECFFA5-FCEA-4F5E-BDB7-F52E27F0C431}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2D37DAE8-DD97-4929-8CD2-F5A8E96A2A74}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{14E6B066-CB4B-4F42-8C65-A30BD8CB40EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B5E570ED-F1A3-4F9D-B837-FF53434C629B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{32EF9C71-C0A9-4FC5-9335-654F2485208E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{95F75607-BD3A-4130-849D-35460CDFFF67}] => (Allow) LPort=80
FirewallRules: [{D5CA12CD-BD78-4A0D-8C42-96AC5B89A8DB}] => (Allow) LPort=443
FirewallRules: [{6971AD85-B1AE-4DFB-B505-CA0FBA19DF34}] => (Allow) LPort=20010
FirewallRules: [{A0FD53BC-5301-453D-9458-D8690DA6BB3A}] => (Allow) LPort=3478
FirewallRules: [{C9B4DDF2-352C-4876-9231-4759D64BD32A}] => (Allow) LPort=7850
FirewallRules: [{6BE2B612-FEC8-44EA-8511-E6821D6D8B95}] => (Allow) LPort=7852
FirewallRules: [{126E1A5D-D8E5-4B2E-A48C-35CF5EE98F8C}] => (Allow) LPort=7853
FirewallRules: [{01208F69-21AE-4235-B5EF-F23299D59698}] => (Allow) LPort=27022
FirewallRules: [{9406B5A7-ED28-45B9-9945-DB2D0112F1B1}] => (Allow) LPort=6881
FirewallRules: [{A30E663C-AF63-402A-961B-4FAB7B8F6295}] => (Allow) LPort=33333
FirewallRules: [{F8B8FA6D-E5C6-4F82-9F61-EEF5831AB045}] => (Allow) LPort=20443
FirewallRules: [{197DC96A-400A-4B7F-BF17-096C617FDC52}] => (Allow) LPort=8090
FirewallRules: [{315A91A7-50CD-4AA0-9DA4-7B3EA5AF4E41}] => (Allow) LPort=50248
FirewallRules: [{647CF977-885E-487B-AECF-0D0BCFE394FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BFF7822D-29BB-435E-B0CC-E6FB6386D6B7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{825E3A0C-7CD9-49C1-92FF-AA0B7A0D6256}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{9B1D214A-2E86-412E-9A37-508D956B75C1}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{19C193B3-0E36-4FC9-B776-EF594F2E06D7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CCFA21AF-6946-4394-9393-A7914C1EAB6A}] => (Allow) LPort=2869
FirewallRules: [{69AD3371-0624-45F5-B3F4-EDF4EB7B9AEA}] => (Allow) LPort=1900
FirewallRules: [{24E4719D-875C-4164-92CD-2358293AF128}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{65BDC62F-A6D0-4638-B54B-1A5E9635D7D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{17401A7C-6DB7-40CD-8447-D6B647F506C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4DD8C035-CD15-442C-BCBB-FDC26E1DE05D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{377EDF59-81A6-4C6E-9217-72E77BF00BAC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{E0998469-C626-45BA-9023-75797B0D51F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F4B02B17-DF19-4690-B6A3-67F46E14107D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7FE67A19-1C7C-47AF-886D-E639BF16019C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{897D2F00-3723-4C6C-B2E3-F9E10B22A695}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E63EFA4F-52DD-4E50-98F4-C64486DE5FFA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C5BA1463-92BA-436F-AC64-9C92FFF45D03}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2630B555-48AF-4038-B00E-B7D7FE02BF8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{32C8E90C-6216-433E-9875-8ACACA120F19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{AE408CFD-9E72-4673-9B80-C0E60015DBE4}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{99AC8BD9-AAB7-4808-A04F-F57E9C213FDD}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{08AD94ED-4C34-474D-A3E2-63105AB508F1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8BA530C5-C118-43C2-BA5F-846FEBCC7E1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E05AE212-44BA-4CA4-BCB3-06BDF2683ADA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D230EB6-8F4E-46C7-A4EF-DA3C02267FE5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{05FF1BE1-D9EA-4086-BAF0-54F754F95969}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{62F7182C-FD69-434C-8A3A-2C2BF7AE516A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{5EAD725D-4F20-4D72-8883-11872479E347}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9A3D1993-D693-465A-A1CD-CE941E320268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{ABE41180-295F-42A5-97F5-96096DE702EF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{692AD4BF-5BA0-414C-9421-6D95E92989C5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6E847FBB-0774-4493-A233-2174541C47DE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{FE1762B0-077E-4E00-BF76-23E75A326709}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1A163A24-C1B9-43BE-9A54-BD8DC369BE08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D3C4E0A4-631F-494A-BF04-4442AF1A7E45}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{189D7710-D8B9-4F62-9A90-D41D995B9F6C}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{6711ABB2-D72E-4416-B773-CD004256953C}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{96861C9B-1464-4C4C-B036-84D8033746A3}K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{F0C2660F-3934-4181-8948-81663C7B4FAB}K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{F1E2D9C4-30A9-44DC-9BB6-E63650A9A8CB}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{F7AB5B48-81C1-4362-9BB9-3785D2587A4A}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{94D18C8F-86D3-4AC4-98A3-2145FE0C6DCE}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{732EAB2F-453C-4DF1-9872-F7CBAD021540}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{A56EEAA9-67C5-4219-87F8-9BDE6D1AF9C6}K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{705B4100-C489-4C32-8B09-0449A4B51187}K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [{BD12A005-5430-4622-9F42-99B38B26F5F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{033717DE-391B-4088-95DF-E6BE2102BD1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{107DFFE1-EC96-4538-90EB-483687386B28}K:\games\wows_publictest\wowslauncher.exe] => (Allow) K:\games\wows_publictest\wowslauncher.exe
FirewallRules: [UDP Query User{98C38A1F-A0D5-4A4A-AFB4-85EBEA8AA13B}K:\games\wows_publictest\wowslauncher.exe] => (Allow) K:\games\wows_publictest\wowslauncher.exe
FirewallRules: [{2B51E7DB-C122-42CD-BBE0-4AE609DC6D32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{BB518C50-7E28-4A63-A098-742922983C7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{A6035418-4970-479E-9EA4-85749B68085E}] => (Allow) K:\Games\ESTU\Launcher\GameConsultant.exe
FirewallRules: [{1F20723E-7CE5-464E-8542-72EC791C4AC8}] => (Allow) K:\Games\ESTU\Launcher\Bethesda.net_Launcher.exe
FirewallRules: [TCP Query User{D4FDF617-63A5-46BE-A60E-960B2E4F1E2E}K:\games\warship\wowslauncher.exe] => (Allow) K:\games\warship\wowslauncher.exe
FirewallRules: [UDP Query User{D7E165A1-902B-4F4B-B2A9-D3AD6A00AD50}K:\games\warship\wowslauncher.exe] => (Allow) K:\games\warship\wowslauncher.exe
FirewallRules: [{D627856E-3ACF-4865-AFEA-ACF0EFFADBC0}] => (Allow) K:\Games\WT\WarThunder\launcher.exe
FirewallRules: [{C0806AFA-854B-4D6A-B5E6-96548D732351}] => (Allow) K:\Games\WT\WarThunder\launcher.exe
FirewallRules: [{A3F76B1A-5757-4FAF-9B82-9C9E68966F07}] => (Allow) K:\Games\WT\WarThunder\aces.exe
FirewallRules: [{D7BF61B9-24DB-47C1-AD5A-A1CC0346C734}] => (Allow) K:\Games\WT\WarThunder\aces.exe
FirewallRules: [TCP Query User{2FD75038-0456-428B-8104-7BBDAB2E2D71}K:\games\wt\warthunder\win64\aces.exe] => (Allow) K:\games\wt\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{A82A83EA-8EB2-4583-B15C-60CEEA771357}K:\games\wt\warthunder\win64\aces.exe] => (Allow) K:\games\wt\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{F905E323-B4DF-4C40-9231-941118005F79}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{3B08B716-9064-4E1C-B210-D840F0041E08}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{E60A25E8-D512-4DEF-998C-C98D84AF8B5A}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [UDP Query User{6C728D7F-4FB7-44B4-ACA6-00ECAEBA1BBD}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [TCP Query User{F0570CD4-A0DD-4F17-A6D8-EF1564F8BF3D}C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [UDP Query User{A38A26FB-4783-48AC-A954-8934A8A6B9E0}C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [{9455FA43-B14A-4CA0-8904-3CC6F639720B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F153E4D7-8DD4-4D5B-80E8-087C75626B6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [TCP Query User{491CFD22-984D-4134-8D92-A3F1F5B6F4A5}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{99640C1F-820D-42F7-BEE2-EE224A842DCB}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{D25E39C0-0429-4FA7-B241-549A93469372}] => (Allow) C:\Games\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{04239541-694A-4378-8948-1C13D266D278}] => (Allow) C:\Games\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{68A16BAF-1A67-478C-AA18-8C42C3613E2F}] => (Allow) C:\Games\WOWS_PublicTest\worldofwarships.exe
FirewallRules: [{C934DB75-C881-48FF-919A-C1E86685AFCF}] => (Allow) C:\Games\WOWS_PublicTest\worldofwarships.exe

==================== Wiederherstellungspunkte =========================

16-11-2016 10:18:26 Windows Update
18-11-2016 15:28:11 DirectX wurde installiert
24-11-2016 13:22:52 Windows Update
27-11-2016 00:28:35 DirectX wurde installiert
28-11-2016 16:58:19 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/29/2016 05:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/29/2016 09:07:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/29/2016 12:51:10 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (11/29/2016 12:22:15 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (11/29/2016 12:22:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gw2-64.exe, Version: 1.0.0.1, Zeitstempel: 0x583626bb
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000c024a6fa
ID des fehlerhaften Prozesses: 0x16c4
Startzeit der fehlerhaften Anwendung: 0x01d249c0217a68cd
Pfad der fehlerhaften Anwendung: K:\Games\GW2\Gw2-64.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 7be29547-b5c1-11e6-8fe6-5404a66b46f9

Error: (11/29/2016 12:02:00 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (11/28/2016 11:54:33 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (11/28/2016 11:50:50 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (11/28/2016 11:46:18 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (11/28/2016 11:45:35 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error


Systemfehler:
=============
Error: (11/29/2016 05:03:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mv91xx

Error: (11/29/2016 05:03:46 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/29/2016 05:03:46 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/29/2016 05:00:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/29/2016 05:00:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/29/2016 05:00:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/29/2016 05:00:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/29/2016 05:00:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Cisco Systems, Inc. VPN Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/29/2016 05:00:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "chip 1-click download service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/29/2016 05:00:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-11-27 14:58:08.488
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-27 14:58:08.426
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-16 20:00:39.437
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-16 20:00:39.367
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 21:57:34.851
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 21:57:34.774
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.833
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Martin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.785
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Martin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.719
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.672
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8168.77 MB
Verfügbarer physikalischer RAM: 5022.71 MB
Summe virtueller Speicher: 16335.71 MB
Verfügbarer virtueller Speicher: 13667.03 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:491.96 GB) (Free:117.63 GB) NTFS
Drive k: (Volume) (Fixed) (Total:439.45 GB) (Free:197.82 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D7E7020)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=492 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

M-K-D-B 30.11.2016 16:55
Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles. :)



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
FirewallRules: [TCP Query User{825E3A0C-7CD9-49C1-92FF-AA0B7A0D6256}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{9B1D214A-2E86-412E-9A37-508D956B75C1}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{AE408CFD-9E72-4673-9B80-C0E60015DBE4}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{99AC8BD9-AAB7-4808-A04F-F57E9C213FDD}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\hola_plugin_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\hola_plugin_x64_RASAPI32
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Myrmix 01.12.2016 15:39
Fixlog
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Martin (01-12-2016 10:24:19) Run:2
Gestartet von C:\Users\Martin\Desktop
Geladene Profile: Martin (Verfügbare Profile: Martin)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
FirewallRules: [TCP Query User{825E3A0C-7CD9-49C1-92FF-AA0B7A0D6256}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{9B1D214A-2E86-412E-9A37-508D956B75C1}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [TCP Query User{AE408CFD-9E72-4673-9B80-C0E60015DBE4}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{99AC8BD9-AAB7-4808-A04F-F57E9C213FDD}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\hola_plugin_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\hola_plugin_x64_RASAPI32
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{825E3A0C-7CD9-49C1-92FF-AA0B7A0D6256}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9B1D214A-2E86-412E-9A37-508D956B75C1}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AE408CFD-9E72-4673-9B80-C0E60015DBE4}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{99AC8BD9-AAB7-4808-A04F-F57E9C213FDD}C:\users\martin\appdata\local\hola\firefox\app\hola_plugin.exe => Wert erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\hola_plugin_RASAPI32 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\hola_plugin_x64_RASAPI32 => Schlüssel erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17367270 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 17338 B
Edge => 0 B
Chrome => 0 B
Firefox => 35309215 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 46350 B
Martin => 5470574 B
UpdatusUser => 0 B
UpdatusUser => 0 B

RecycleBin => 186205888 B
EmptyTemp: => 241.1 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:24:22 ====
ESET (Ich musste Privoxy deaktivieren, damit es die Signaturen herunterladen kann. Es wurden 12 Bedrohungen gefunden)

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=29ce401110b8384ebcd0793406e4ab70
# end=init
# utc_time=2016-12-01 09:29:07
# local_time=2016-12-01 10:29:07 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Finalize
Updated modules version: 31587
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 31587
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=29ce401110b8384ebcd0793406e4ab70
# end=updated
# utc_time=2016-12-01 09:37:45
# local_time=2016-12-01 10:37:45 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=29ce401110b8384ebcd0793406e4ab70
# engine=31587
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-01 01:43:48
# local_time=2016-12-01 02:43:48 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 3700768 151893450 0 0
# scanned=456706
# found=12
# cleaned=0
# scan_time=14763
sh=F849B9F530ACA15E341295A7595D9252E6262844 ft=0 fh=0000000000000000 vn="LNK/Agent.CH Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\cidipwktbzoudviobsahqzwrpqtqqlkk\Get the Media Finder License.URL"
sh=3D09B4A1E2E55E7D1DF62B739D434F3F4E51DB90 ft=1 fh=31688d33c108b3f2 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe"
sh=672708ACAD0C9077B5F991EE8B14D5E23AF3F15A ft=1 fh=b90be05a8fc3a563 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\sTabLauncher\Sponsor\Babylon9_setup_15500.exe"
sh=A766CC4B5835FF2A0FA02CD8FE333757C3A3C033 ft=1 fh=6288a12e7b129fa4 vn="Variante von Win32/InstallCore.ADX.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\cbrreader_setup(1).exe"
sh=C95708F43A748061D4C31D39204F5D2FAAE9410D ft=1 fh=4d6416c07f3bf995 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\isobuster_3_0.exe"
sh=5396F37DCAD0D18370CC0B9BE2EC3C5E8F2922F3 ft=1 fh=6550c5ae41c2c11e vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\Java Runtime Environment 32 Bit - CHIP-Downloader.exe"
sh=6CF8A9F031B45F70BE3E66E7ACC7449CDA15FA34 ft=1 fh=2de4b6f517306153 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\PDFCreator-1_2_3_setup.exe"
sh=AD6D8BBC3E219F9EDF7C9E11B65D205E881B40BE ft=1 fh=7f24f00e5c3b1806 vn="Win32/Toggle.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\pdf_repair_toolbox.exe"
sh=D04D5A5EC70904A85A32560A0BEBD2D51A6D2E39 ft=1 fh=cd89c64429bc06c5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\Trillian - CHIP-Installer.exe"
sh=C8185EBDC7E7BE0EE45AA76FB47479F1F37921F6 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\Desktopedit\sTabLauncherV2.2.3.msi"
sh=3F9B782A3A10640435A5816153177BFAF5B54C6A ft=1 fh=e12ebc21bb0e5ce5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\FALL4mods\Nexus Mod Manager - CHIP-Installer.exe"
sh=C8185EBDC7E7BE0EE45AA76FB47479F1F37921F6 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\2b8e09f.msi"
HitmanPro (nichts entfernen lassen, nur log gespeichert)

Code:

       
Code:

       
HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : MYRMIX
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Myrmix\Martin
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-12-01 15:09:54
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 15m 26s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 4
   Traces  . . . . . . . : 15

   Objects scanned . . . : 2.680.405
   Files scanned . . . . : 119.021
   Remnants scanned  . . : 872.377 files / 1.689.007 keys

Malware _____________________________________________________________________

   C:\Users\Martin\Documents\BFBC2\pb\pbcl.dll
      Size . . . . . . . : 891.962 bytes
      Age  . . . . . . . : 1600.9 days (2012-07-14 18:33:08)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A324BDA2B890227F72D9F12323AD3FF51582CE312286C296F6558BD3F3927616
    > HitmanPro  . . . . : App/Punkbust-B
      Fuzzy  . . . . . . : 129.0

   C:\Users\Martin\Downloads\pdf_repair_toolbox.exe
      Size . . . . . . . : 119.792 bytes
      Age  . . . . . . . : 1318.3 days (2013-04-23 08:48:35)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : F068D03C6B942A3897407F52E143685B51BDCA900DBCD69F956A8D5F3AC8B08D
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.Win32.InstallM.gen
      Fuzzy  . . . . . . : 107.0

   C:\Users\Martin\Downloads\Trillian - CHIP-Installer.exe
      Size . . . . . . . : 1.174.352 bytes
      Age  . . . . . . . : 731.0 days (2014-12-01 14:15:27)
      Entropy  . . . . . : 7.0
      SHA-256  . . . . . : 9744F936F2251BA098BA8C7E8A370629971E564E0333BF36E11DA243DC86FB42
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:RiskTool.Win32.Ocna.gen
      Fuzzy  . . . . . . : 99.0

   C:\Users\Martin\FALL4mods\Nexus Mod Manager - CHIP-Installer.exe
      Size . . . . . . . : 1.496.584 bytes
      Age  . . . . . . . : 10.8 days (2016-11-20 19:15:22)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : 69A712E0944A4C0456763A6D3466D2CD09E44E7991A239AE36B434E6A2AD19C4
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
      Fuzzy  . . . . . . : 104.0
      Forensic Cluster
         -3.4s C:\Users\Martin\FALL4mods\Nexus Mod Manager - CHIP-Installer.exe
         -2.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\91\
         -2.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\91\5B4A1CB56E8D2CA7.dat
         -2.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\85\
         -2.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\85\66960062F18ADD05.dat
          1.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\01\
          1.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\01\2BA9B8702DB2D36D.dat
          3.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\23\
          3.4s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\23\2C4A0FFC8ADFE49F.dat
          8.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\23\2C4A0FFC8ADFE49F.dat
         15.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\76\
         15.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\76\9882EB1F47A43618.dat
         15.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\79\439D3EE76BA9713F.dat
         15.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\70\6AF8F116CA11C2E6.dat
         15.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\64\
         15.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\64\57B7A3550E1BC378.dat
         35.3s C:\Users\Martin\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}\
         35.3s C:\Users\Martin\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}\Chip Installer.msi
         36.2s C:\Windows\Installer\SourceHash{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
         37.0s C:\Program Files (x86)\Chip Digital GmbH\chip1click\
         37.0s C:\Program Files (x86)\Chip Digital GmbH\
         37.0s C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP Active Download.exe
         37.0s C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP Starter.exe
         37.0s C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP Updater.exe
         37.0s C:\Program Files (x86)\Chip Digital GmbH\chip1click\SplashForm.exe
         37.0s C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
         37.0s C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe.config
         37.1s C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}\
         37.1s C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}\ARPPRODUCTICON.exe
         37.4s C:\Windows\Installer\210e9e1.msi
         38.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\02\86F50E43C0998A36.dat
         38.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\02\
         41.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\55\
         41.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\55\DB5BD83A1834E24F.dat
         45.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\24\
         45.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\24\89AF97D54EB31500.dat
         45.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\28\
         45.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\28\EE1CA5DBBFCA0578.dat
         45.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\1\28\C5F2C3DE4211BE90.dat


Suspicious files ____________________________________________________________

   C:\Users\Martin\AppData\Local\PunkBuster\BC2\pb\dll\wc002305.dll
      Size . . . . . . . : 962.185 bytes
      Age  . . . . . . . : 1600.9 days (2012-07-14 18:38:10)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : C8E59E65AE451CE761E7C48F8BA802CD17513057DEA65A4D4B4F6001153FD414
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin\AppData\Local\PunkBuster\BC2\pb\pbcl.dll
      Size . . . . . . . : 962.185 bytes
      Age  . . . . . . . : 1559.1 days (2012-08-25 13:47:58)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : C8E59E65AE451CE761E7C48F8BA802CD17513057DEA65A4D4B4F6001153FD414
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin\AppData\Local\PunkBuster\BC2\pb\pbclold.dll
      Size . . . . . . . : 962.185 bytes
      Age  . . . . . . . : 1600.9 days (2012-07-14 18:02:04)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : C8E59E65AE451CE761E7C48F8BA802CD17513057DEA65A4D4B4F6001153FD414
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin\AppData\Local\PunkBuster\BC2\pb\PnkBstrK.sys
      Size . . . . . . . : 139.048 bytes
      Age  . . . . . . . : 1600.9 days (2012-07-14 18:02:16)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : A935B2B22381F56ED9F78AF35FE20333F974CB4CB1257763434B7667DE17AD57
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\dll\wc002331.dll
      Size . . . . . . . : 963.480 bytes
      Age  . . . . . . . : 1203.8 days (2013-08-15 19:58:03)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
      Size . . . . . . . : 140.072 bytes
      Age  . . . . . . . : 1203.9 days (2013-08-15 17:13:02)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : CC3F4E453FC246B64C09E81BB73741CECC897C805C13815336647E986A60301E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 1463.0 days (2012-11-29 15:14:11)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin\AppData\Local\PunkBuster\FC3\pb\pbcls.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 1071.9 days (2013-12-25 18:18:36)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
      Size . . . . . . . : 138.032 bytes
      Age  . . . . . . . : 1463.0 days (2012-11-29 15:14:30)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin\AppData\Local\PunkBuster\UNCO\pb\pbcl.dll
      Size . . . . . . . : 833.236 bytes
      Age  . . . . . . . : 831.8 days (2014-08-22 21:03:54)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 224E58B68FE38C7B9DE702D8E970158B3DB6B0CAE3429B4903DAFC68AE60C83C
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin\Desktop\FRST64.exe
      Size . . . . . . . : 2.412.032 bytes
      Age  . . . . . . . : 5.1 days (2016-11-26 11:44:55)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : BEB466F139C5F13EE128072AC03EC32CF0C55239C2EAC9186851B260BC849884
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

FRST

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
durchgeführt von Martin (Administrator) auf MYRMIX (01-12-2016 15:28:03)
Gestartet von C:\Users\Martin\Desktop
Geladene Profile: Martin (Verfügbare Profile: Martin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Privoxy\privoxy.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Run: [World of Warships] => K:\Games\WOWS_PublicTest\WargamingGameUpdater.exe [3134216 2016-11-07] (Wargaming.net)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk [2012-04-03]
ShortcutTarget: Privoxy.lnk -> C:\Program Files (x86)\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter - Verknüpfung.lnk [2012-04-01]
ShortcutTarget: Rainmeter - Verknüpfung.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{AE141692-DE9B-4CC3-93A4-62B71E738879}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-5781ab34
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5781ab34&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000 -> {A0C59A24-F50F-433C-928B-8235295514F4} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: a9urom3s.default-1384358611811
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 [2016-12-01]
FF NewTab: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> Bing Powered Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> Bing Powered Search
FF Homepage: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> www.google.at
FF Keyword.URL: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> user_pref("keyword.URL", true);
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ftp", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.socks", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ssl", "180.250.69.58"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> backup.ssl_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ftp", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> http", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> http_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> share_proxy_settings", true
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> socks", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ssl", "182.30.2.37"
FF NetworkProxy: Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811 -> ssl_port", 8080
FF Extension: (ADB Helper) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\adbhelper@mozilla.org [2016-11-03]
FF Extension: (Advanced Cookie Manager) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\cookiemgr@jayapal.com [2016-02-22]
FF Extension: (Valence) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\fxdevtools-adapters@mozilla.org [2016-02-23]
FF Extension: (ExHentai Easy) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2013-11-24] [ist nicht signiert]
FF Extension: (YouTube Center) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2016-04-28]
FF Extension: (Shumway) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\shumway@research.mozilla.org [2015-10-15] [ist nicht signiert]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-10-10]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-11-28]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\a9urom3s.default-1384358611811\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1031562343-2424694273-2990312000-1000: @my.com/Games -> C:\Users\Martin\AppData\Local\MyComGames\NPMyComDetector.dll [2016-06-11] (MY.COM B.V.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-21] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-02] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-07-19] (BitRaider, LLC)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-08-08] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-27] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-31] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-27] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S0 mv91xx; system32\DRIVERS\mv91xx.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-01 15:09 - 2016-12-01 15:27 - 00000000 ____D C:\ProgramData\HitmanPro
2016-12-01 15:09 - 2016-12-01 15:09 - 11581544 _____ (SurfRight B.V.) C:\Users\Martin\Desktop\HitmanPro_x64.exe
2016-12-01 15:07 - 2016-12-01 14:43 - 00004070 _____ C:\Users\Martin\Desktop\ESETlog.txt
2016-12-01 10:28 - 2016-12-01 10:28 - 02870984 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_deu.exe
2016-12-01 00:32 - 2016-12-01 10:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-29 17:06 - 2016-11-29 17:19 - 00022248 _____ C:\Users\Martin\Desktop\SystemLook.txt
2016-11-29 17:05 - 2016-11-29 17:05 - 00165376 _____ C:\Users\Martin\Desktop\SystemLook_x64.exe
2016-11-29 17:00 - 2016-12-01 10:24 - 00003325 _____ C:\Users\Martin\Desktop\Fixlog.txt
2016-11-28 17:10 - 2016-11-29 17:22 - 00058107 _____ C:\Users\Martin\Desktop\Addition.txt
2016-11-28 17:09 - 2016-12-01 15:28 - 00017315 _____ C:\Users\Martin\Desktop\FRST.txt
2016-11-28 17:00 - 2016-11-28 17:00 - 00131659 _____ C:\Users\Martin\Desktop\JRT.txt
2016-11-28 16:57 - 2016-11-28 16:57 - 01631928 _____ (Malwarebytes) C:\Users\Martin\Desktop\JRT.exe
2016-11-28 16:55 - 2016-11-28 16:55 - 00003516 _____ C:\Users\Martin\Desktop\mbam.txt
2016-11-28 16:30 - 2016-11-28 16:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-28 16:30 - 2016-11-28 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-28 16:30 - 2016-11-28 16:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-28 16:30 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-28 16:30 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-28 16:29 - 2016-11-28 16:29 - 22851472 _____ (Malwarebytes ) C:\Users\Martin\Desktop\mbam-setup-2.2.1.1043.exe
2016-11-28 16:18 - 2016-11-28 16:22 - 00000000 ____D C:\AdwCleaner
2016-11-28 16:14 - 2016-11-28 16:14 - 03910208 _____ C:\Users\Martin\Desktop\AdwCleaner_6.030.exe
2016-11-27 20:36 - 2016-11-27 20:36 - 00276696 _____ C:\Windows\Minidump\112716-17487-01.dmp
2016-11-27 15:00 - 2016-11-27 15:00 - 00026564 _____ C:\ComboFix.txt
2016-11-27 14:48 - 2016-11-27 15:00 - 00000000 ____D C:\Qoobox
2016-11-27 14:48 - 2016-11-27 14:59 - 00000000 ____D C:\Windows\erdnt
2016-11-27 14:48 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-11-27 14:48 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-11-27 14:48 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-11-27 14:48 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-11-27 14:46 - 2016-11-27 14:46 - 05659307 ____R (Swearware) C:\Users\Martin\Desktop\ComboFix.exe
2016-11-26 11:52 - 2016-11-28 17:07 - 00000000 ____D C:\Users\Martin\rootkit
2016-11-26 11:51 - 2016-11-26 11:55 - 00063263 _____ C:\Users\Martin\Downloads\Addition.txt
2016-11-26 11:50 - 2016-11-26 11:56 - 00027727 _____ C:\Users\Martin\Downloads\FRST.txt
2016-11-26 11:48 - 2016-12-01 15:28 - 00000000 ____D C:\FRST
2016-11-26 11:44 - 2016-11-26 11:44 - 02412032 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-11-26 11:20 - 2016-11-26 11:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martin\Downloads\HijackThis.exe
2016-11-20 19:17 - 2016-11-20 19:45 - 00000890 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-11-20 19:17 - 2016-11-20 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-11-20 19:16 - 2016-11-20 19:45 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-11-20 19:15 - 2016-11-20 19:15 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-11-20 18:45 - 2016-11-22 14:13 - 00000000 ____D C:\Users\Martin\FALL4mods
2016-11-18 17:22 - 2016-11-18 17:22 - 00276696 _____ C:\Windows\Minidump\111816-21699-01.dmp
2016-11-18 01:57 - 2016-12-01 10:27 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2016-11-11 14:05 - 2016-11-11 14:05 - 00000781 _____ C:\Users\Public\Desktop\WOWS_PublicTest.lnk
2016-11-10 22:06 - 2016-11-11 13:38 - 03186048 _____ (Wargaming ) C:\Users\Martin\Downloads\WoWS_PublicTest.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-01 10:34 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-01 10:34 - 2009-07-14 05:45 - 00022208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-01 10:31 - 2010-11-21 07:50 - 00713806 _____ C:\Windows\system32\perfh007.dat
2016-12-01 10:31 - 2010-11-21 07:50 - 00153922 _____ C:\Windows\system32\perfc007.dat
2016-12-01 10:31 - 2009-07-14 06:13 - 01648056 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-01 10:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-01 10:25 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-01 10:24 - 2016-08-05 12:03 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-12-01 10:20 - 2012-04-25 16:00 - 00225280 ___SH C:\Users\Martin\Thumbs.db
2016-12-01 10:17 - 2014-02-20 11:17 - 00002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2016-12-01 10:17 - 2014-02-20 11:17 - 00002003 _____ C:\Users\Public\Desktop\Nitro Reader.lnk
2016-12-01 10:12 - 2012-04-25 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-01 00:38 - 2011-11-15 21:03 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Temp
2016-11-30 11:14 - 2015-10-29 13:29 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2016-11-29 21:59 - 2011-12-19 22:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\TS3Client
2016-11-28 16:51 - 2015-02-19 19:26 - 00000000 ____D C:\Users\Martin\DAI
2016-11-28 16:51 - 2014-04-01 15:41 - 00000000 ____D C:\Users\Martin\Siemens
2016-11-28 16:51 - 2013-04-18 10:33 - 00000000 ____D C:\Users\Martin\MC
2016-11-28 16:51 - 2012-05-12 09:53 - 00000000 ____D C:\Users\Martin\Skyrim
2016-11-28 16:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SchCache
2016-11-28 16:30 - 2012-04-20 09:49 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-28 16:30 - 2012-04-20 09:49 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Malwarebytes
2016-11-28 16:30 - 2012-04-20 09:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-27 20:36 - 2016-08-06 11:05 - 673605975 _____ C:\Windows\MEMORY.DMP
2016-11-27 20:36 - 2012-08-15 14:01 - 00000000 ____D C:\Windows\Minidump
2016-11-27 15:00 - 2012-01-17 16:42 - 00000000 ____D C:\Users\Martin\AppData\Local\Apps\2.0
2016-11-27 14:58 - 2011-11-15 16:52 - 00000000 ____D C:\Users\Martin
2016-11-27 14:58 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-11-26 11:44 - 2013-07-28 12:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-26 11:44 - 2011-11-15 21:17 - 00000000 ____D C:\Program Files (x86)\JDownloader
2016-11-26 11:43 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-26 02:49 - 2016-08-18 19:08 - 00000000 ____D C:\Users\Martin\AppData\Local\JDownloader v2.0
2016-11-25 19:17 - 2012-07-14 13:43 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2016-11-21 20:07 - 2015-08-11 22:48 - 00000000 ___RD C:\Users\Martin\wows
2016-11-20 19:45 - 2015-11-11 12:42 - 00000000 ____D C:\Users\Martin\AppData\Local\Fallout4
2016-11-20 19:17 - 2012-01-07 19:18 - 00000000 ____D C:\Users\Martin\Documents\Nexus Mod Manager
2016-11-20 19:17 - 2012-01-07 19:18 - 00000000 ____D C:\Users\Martin\AppData\Local\Black_Tree_Gaming
2016-11-20 19:15 - 2016-02-12 14:34 - 00000000 ____D C:\Users\Martin\AppData\Local\Downloaded Installations
2016-11-12 18:59 - 2015-12-18 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-11-11 14:05 - 2012-07-28 22:00 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-11-11 14:05 - 2011-11-21 16:17 - 00000000 ____D C:\Games
2016-11-08 10:42 - 2014-02-20 16:15 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 10:42 - 2014-02-20 16:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 10:42 - 2011-11-16 20:36 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2016-11-08 10:42 - 2011-11-15 18:31 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 10:42 - 2011-11-15 18:31 - 00000000 ____D C:\Windows\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-15 14:05 - 2016-05-02 18:56 - 0000132 _____ () C:\Users\Martin\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-09-15 15:59 - 2015-09-15 15:59 - 0006682 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2012-05-11 13:46 - 2012-05-11 18:13 - 0007596 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2014-10-27 10:08 - 2014-10-27 10:08 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Martin\Drakonia Configurator.exe
C:\Users\Martin\dscaler4115.exe
C:\Users\Martin\jre-7u40-windows-x64.exe
C:\Users\Martin\Steam-reg.reg


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-27 13:47

==================== Ende von FRST.txt ============================
Addition

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Martin (01-12-2016 15:29:13)
Gestartet von C:\Users\Martin\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-11-15 15:52:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1031562343-2424694273-2990312000-500 - Administrator - Disabled)
Gast (S-1-5-21-1031562343-2424694273-2990312000-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1031562343-2424694273-2990312000-1002 - Limited - Enabled)
Martin (S-1-5-21-1031562343-2424694273-2990312000-1000 - Administrator - Enabled) => C:\Users\Martin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version:  - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Armored Warfare MyCom (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Armored Warfare MyCom) (Version: 1.62 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
AutoIt v3.3.8.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bing Powered Search (HKLM-x32\...\BingPoweredSearch) (Version:  - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
CPUID HWMonitor 1.22 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crossfire 2.0 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Crossfire 2.0) (Version: 2.00.00.00 - SWAT-Portal)
Curse Client (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Sten) (Version:  - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Dragon Age Redesigned© Wynne) (Version:  - )
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
FAM 1.0.0.0 (HKLM-x32\...\FAM) (Version: 1.0.0.0 - Korrd)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free CBR Reader (HKLM-x32\...\{B9240DAE-EFA1-4A0E-824F-17B3F99194F8}) (Version: 1.0.0 - Free Picture Solutions)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version:  - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
gmax (HKLM-x32\...\{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}) (Version: 4.4.0.125 - Discreet)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GUILD WARS (HKLM-x32\...\Guild Wars) (Version:  - )
HardCMP v1.0.0.23 (HKLM-x32\...\HardCMP_is1) (Version: 1.0.0.23 - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 3D 1.5.1 (HKLM-x32\...\{32A9C5B3-D166-4C6D-A11E-A54473151000}) (Version: 1.5.1 - Sun Microsystems, Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minion (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.3 (HKLM-x32\...\{C3E9887A-23BA-4777-8080-191A5AFCAB74}) (Version: 1.2.3 - Thorvald Natvig)
My.com Game Center (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\MyComGames) (Version: 3.162 - My.com B.V.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.9 - Black Tree Gaming)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OMC ModPack Client Version 1.1.11.6 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.1.11.6 - Odem Mortis)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Parsec (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\a53dc3b81e52c50e) (Version: 1.0.0.42 - Parsec)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
paw·ned‹4›2 – Die Antwort auf alle Buildfragen (HKLM-x32\...\pawned42) (Version:  - JN-GAMES Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Pdfedit (HKLM-x32\...\{6C11089A-E23F-4E9B-B12C-316BF1A4376B}) (Version: 4.5.0.0 - PdfEdit team)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.6 - )
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version:  - )
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.2 r1116 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Slime Rancher (HKLM-x32\...\Slime Rancher0.2.4b) (Version: 0.2.4b - TheRaven1)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - Keen Software House)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
sTabLauncher (HKLM-x32\...\{9E5A4758-0189-419B-A6ED-FE4CBD255F05}) (Version: 2.2.3 - Sergio Santos)
Star Citizen Launcher (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War Thunder Launcher 1.0.1.386 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WindowsAndroid version 4.0.3 (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{7E07052F-A4CE-4932-B066-B9203888439F}_is1) (Version: 4.0.3 - SocketeQ, Inc.)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Warships (HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
YACReader 8.5.0 (HKLM-x32\...\YACReader_is1) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{06d45639-4c61-4cab-be15-52f5e6e72d31}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{27e52464-33a3-42ab-a482-c84fab56362a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{4e9b62d8-f542-423b-8e8e-2007daeac423}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{7acd7f3b-8bb8-430f-8499-dd8077c7af97}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{7d430c4d-1b80-464c-8f5d-2d99d4ff9c85}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{8059b7ca-030b-489d-b211-5b961893bedf}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{b8be70ea-432e-4a55-ba5c-a83cd1e376b6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{b9540fcf-2d9b-4e81-8557-2c9592685a9a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{e26b586f-8643-46af-a2fc-bc81c5389766}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000_Classes\CLSID\{e85372c0-2724-41f4-a715-0806ee361bb0}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {305492CB-4722-4BA3-BF71-A11429E75A10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {35419A1B-98CE-4D48-91FD-1FBF82A10B24} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-16] (Advanced Micro Devices, Inc.)
Task: {AAE2BC6B-1119-4222-B6C7-017DDD173F9B} - System32\Tasks\{652BC46E-1D96-4931-B893-AE3A21457C8E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/eula
Task: {B29F8036-B722-44B1-8DEC-AE2FBD8EE6EA} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {B3F91BB8-7CC1-4BE6-B368-4204269BAFB6} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {EF75F260-60A6-4F74-882C-2A4CF98BD56F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {F0B7CF59-E530-41A3-A21B-92FF80E15166} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-11-24 20:35 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-03-22 17:18 - 2015-08-08 17:04 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-13 01:01 - 2016-09-13 01:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-11-22 18:53 - 2013-10-29 13:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2015-11-22 18:53 - 2012-12-11 11:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2015-11-22 18:53 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2011-12-27 08:40 - 2011-12-27 08:40 - 00086528 _____ () C:\Program Files (x86)\Privoxy\mgwz.dll
2015-11-22 18:53 - 2011-11-22 14:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2016-10-16 11:54 - 2016-10-16 11:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f91bd970f20123a46b575cf6e92bc441\IsdiInterop.ni.dll
2011-11-15 17:06 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-11-27 14:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1031562343-2424694273-2990312000-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\Drakonia Configurator\hid.exe
MSCONFIG\startupreg: Remote Control Editor => "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe"
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RGSC => K:\Games\GTA4\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DA14B3E4-1977-4874-9BC8-8D78BDEFA0FD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D45D251F-9F78-419B-B3FB-CC129056CC7C}C:\games\call of duty black ops\blackops.exe] => (Block) C:\games\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{115987AB-3EE6-42AB-81E0-B6C843F4B95B}C:\games\call of duty black ops\blackops.exe] => (Block) C:\games\call of duty black ops\blackops.exe
FirewallRules: [{D023DD3D-B9E3-4FD4-A706-20EA6612D3D3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{10F598B7-6248-4641-A32C-7B8FAAB3B384}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{15CF0E2B-A339-4B42-99D5-37CA542D4ABD}K:\games\gw2\gw2.exe] => (Allow) K:\games\gw2\gw2.exe
FirewallRules: [UDP Query User{32719093-8BD2-44A4-856C-49B1EA2D33BE}K:\games\gw2\gw2.exe] => (Allow) K:\games\gw2\gw2.exe
FirewallRules: [{254B1476-B09C-4F89-A9F6-82A0F56FD0B5}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{D5872796-7876-49F7-A2D8-8FF6D5A53523}] => (Allow) C:\Program Files (x86)\Ventrilo\Ventrilo.exe
FirewallRules: [{CA94F41A-DD1B-4A72-86DE-1032FE2B366D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6FD7189D-1EBA-47A4-A5EB-BF06EC520BBC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DBFEB9BB-2B08-494C-8C03-EE196D5B1F96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B0ECFFA5-FCEA-4F5E-BDB7-F52E27F0C431}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2D37DAE8-DD97-4929-8CD2-F5A8E96A2A74}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{14E6B066-CB4B-4F42-8C65-A30BD8CB40EA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B5E570ED-F1A3-4F9D-B837-FF53434C629B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{32EF9C71-C0A9-4FC5-9335-654F2485208E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{95F75607-BD3A-4130-849D-35460CDFFF67}] => (Allow) LPort=80
FirewallRules: [{D5CA12CD-BD78-4A0D-8C42-96AC5B89A8DB}] => (Allow) LPort=443
FirewallRules: [{6971AD85-B1AE-4DFB-B505-CA0FBA19DF34}] => (Allow) LPort=20010
FirewallRules: [{A0FD53BC-5301-453D-9458-D8690DA6BB3A}] => (Allow) LPort=3478
FirewallRules: [{C9B4DDF2-352C-4876-9231-4759D64BD32A}] => (Allow) LPort=7850
FirewallRules: [{6BE2B612-FEC8-44EA-8511-E6821D6D8B95}] => (Allow) LPort=7852
FirewallRules: [{126E1A5D-D8E5-4B2E-A48C-35CF5EE98F8C}] => (Allow) LPort=7853
FirewallRules: [{01208F69-21AE-4235-B5EF-F23299D59698}] => (Allow) LPort=27022
FirewallRules: [{9406B5A7-ED28-45B9-9945-DB2D0112F1B1}] => (Allow) LPort=6881
FirewallRules: [{A30E663C-AF63-402A-961B-4FAB7B8F6295}] => (Allow) LPort=33333
FirewallRules: [{F8B8FA6D-E5C6-4F82-9F61-EEF5831AB045}] => (Allow) LPort=20443
FirewallRules: [{197DC96A-400A-4B7F-BF17-096C617FDC52}] => (Allow) LPort=8090
FirewallRules: [{315A91A7-50CD-4AA0-9DA4-7B3EA5AF4E41}] => (Allow) LPort=50248
FirewallRules: [{647CF977-885E-487B-AECF-0D0BCFE394FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BFF7822D-29BB-435E-B0CC-E6FB6386D6B7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{19C193B3-0E36-4FC9-B776-EF594F2E06D7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CCFA21AF-6946-4394-9393-A7914C1EAB6A}] => (Allow) LPort=2869
FirewallRules: [{69AD3371-0624-45F5-B3F4-EDF4EB7B9AEA}] => (Allow) LPort=1900
FirewallRules: [{24E4719D-875C-4164-92CD-2358293AF128}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{65BDC62F-A6D0-4638-B54B-1A5E9635D7D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{17401A7C-6DB7-40CD-8447-D6B647F506C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4DD8C035-CD15-442C-BCBB-FDC26E1DE05D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{377EDF59-81A6-4C6E-9217-72E77BF00BAC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{E0998469-C626-45BA-9023-75797B0D51F7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F4B02B17-DF19-4690-B6A3-67F46E14107D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7FE67A19-1C7C-47AF-886D-E639BF16019C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{897D2F00-3723-4C6C-B2E3-F9E10B22A695}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E63EFA4F-52DD-4E50-98F4-C64486DE5FFA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C5BA1463-92BA-436F-AC64-9C92FFF45D03}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2630B555-48AF-4038-B00E-B7D7FE02BF8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{32C8E90C-6216-433E-9875-8ACACA120F19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{08AD94ED-4C34-474D-A3E2-63105AB508F1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8BA530C5-C118-43C2-BA5F-846FEBCC7E1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E05AE212-44BA-4CA4-BCB3-06BDF2683ADA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D230EB6-8F4E-46C7-A4EF-DA3C02267FE5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{05FF1BE1-D9EA-4086-BAF0-54F754F95969}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{62F7182C-FD69-434C-8A3A-2C2BF7AE516A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{5EAD725D-4F20-4D72-8883-11872479E347}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9A3D1993-D693-465A-A1CD-CE941E320268}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{ABE41180-295F-42A5-97F5-96096DE702EF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{692AD4BF-5BA0-414C-9421-6D95E92989C5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6E847FBB-0774-4493-A233-2174541C47DE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{FE1762B0-077E-4E00-BF76-23E75A326709}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1A163A24-C1B9-43BE-9A54-BD8DC369BE08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D3C4E0A4-631F-494A-BF04-4442AF1A7E45}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{189D7710-D8B9-4F62-9A90-D41D995B9F6C}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{6711ABB2-D72E-4416-B773-CD004256953C}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{96861C9B-1464-4C4C-B036-84D8033746A3}K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{F0C2660F-3934-4181-8948-81663C7B4FAB}K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{F1E2D9C4-30A9-44DC-9BB6-E63650A9A8CB}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{F7AB5B48-81C1-4362-9BB9-3785D2587A4A}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{94D18C8F-86D3-4AC4-98A3-2145FE0C6DCE}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{732EAB2F-453C-4DF1-9872-F7CBAD021540}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [TCP Query User{A56EEAA9-67C5-4219-87F8-9BDE6D1AF9C6}K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{705B4100-C489-4C32-8B09-0449A4B51187}K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) K:\games\aw\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [{BD12A005-5430-4622-9F42-99B38B26F5F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{033717DE-391B-4088-95DF-E6BE2102BD1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{107DFFE1-EC96-4538-90EB-483687386B28}K:\games\wows_publictest\wowslauncher.exe] => (Allow) K:\games\wows_publictest\wowslauncher.exe
FirewallRules: [UDP Query User{98C38A1F-A0D5-4A4A-AFB4-85EBEA8AA13B}K:\games\wows_publictest\wowslauncher.exe] => (Allow) K:\games\wows_publictest\wowslauncher.exe
FirewallRules: [{2B51E7DB-C122-42CD-BBE0-4AE609DC6D32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{BB518C50-7E28-4A63-A098-742922983C7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{A6035418-4970-479E-9EA4-85749B68085E}] => (Allow) K:\Games\ESTU\Launcher\GameConsultant.exe
FirewallRules: [{1F20723E-7CE5-464E-8542-72EC791C4AC8}] => (Allow) K:\Games\ESTU\Launcher\Bethesda.net_Launcher.exe
FirewallRules: [TCP Query User{D4FDF617-63A5-46BE-A60E-960B2E4F1E2E}K:\games\warship\wowslauncher.exe] => (Allow) K:\games\warship\wowslauncher.exe
FirewallRules: [UDP Query User{D7E165A1-902B-4F4B-B2A9-D3AD6A00AD50}K:\games\warship\wowslauncher.exe] => (Allow) K:\games\warship\wowslauncher.exe
FirewallRules: [{D627856E-3ACF-4865-AFEA-ACF0EFFADBC0}] => (Allow) K:\Games\WT\WarThunder\launcher.exe
FirewallRules: [{C0806AFA-854B-4D6A-B5E6-96548D732351}] => (Allow) K:\Games\WT\WarThunder\launcher.exe
FirewallRules: [{A3F76B1A-5757-4FAF-9B82-9C9E68966F07}] => (Allow) K:\Games\WT\WarThunder\aces.exe
FirewallRules: [{D7BF61B9-24DB-47C1-AD5A-A1CC0346C734}] => (Allow) K:\Games\WT\WarThunder\aces.exe
FirewallRules: [TCP Query User{2FD75038-0456-428B-8104-7BBDAB2E2D71}K:\games\wt\warthunder\win64\aces.exe] => (Allow) K:\games\wt\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{A82A83EA-8EB2-4583-B15C-60CEEA771357}K:\games\wt\warthunder\win64\aces.exe] => (Allow) K:\games\wt\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{F905E323-B4DF-4C40-9231-941118005F79}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{3B08B716-9064-4E1C-B210-D840F0041E08}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{E60A25E8-D512-4DEF-998C-C98D84AF8B5A}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [UDP Query User{6C728D7F-4FB7-44B4-ACA6-00ECAEBA1BBD}C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_reign_of_chaos_engb.exe
FirewallRules: [TCP Query User{F0570CD4-A0DD-4F17-A6D8-EF1564F8BF3D}C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [UDP Query User{A38A26FB-4783-48AC-A954-8934A8A6B9E0}C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\martin\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
FirewallRules: [{9455FA43-B14A-4CA0-8904-3CC6F639720B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F153E4D7-8DD4-4D5B-80E8-087C75626B6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [TCP Query User{491CFD22-984D-4134-8D92-A3F1F5B6F4A5}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{99640C1F-820D-42F7-BEE2-EE224A842DCB}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{D25E39C0-0429-4FA7-B241-549A93469372}] => (Allow) C:\Games\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{04239541-694A-4378-8948-1C13D266D278}] => (Allow) C:\Games\WOWS_PublicTest\WoWsLauncher.exe
FirewallRules: [{68A16BAF-1A67-478C-AA18-8C42C3613E2F}] => (Allow) C:\Games\WOWS_PublicTest\worldofwarships.exe
FirewallRules: [{C934DB75-C881-48FF-919A-C1E86685AFCF}] => (Allow) C:\Games\WOWS_PublicTest\worldofwarships.exe

==================== Wiederherstellungspunkte =========================

18-11-2016 15:28:11 DirectX wurde installiert
24-11-2016 13:22:52 Windows Update
27-11-2016 00:28:35 DirectX wurde installiert
28-11-2016 16:58:19 JRT Pre-Junkware Removal
01-12-2016 10:14:28 Windows Update
01-12-2016 15:26:26 Prüfpunkt von HitmanPro

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2016 03:07:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Martin\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/01/2016 03:07:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/01/2016 10:29:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Martin\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/01/2016 10:28:59 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Martin\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/01/2016 10:27:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/01/2016 10:14:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/30/2016 02:45:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/30/2016 11:14:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fallout4.exe, Version: 1.7.12.0, Zeitstempel: 0x57ab87bf
Name des fehlerhaften Moduls: Fallout4.exe, Version: 1.7.12.0, Zeitstempel: 0x57ab87bf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004dbb29
ID des fehlerhaften Prozesses: 0xf1c
Startzeit der fehlerhaften Anwendung: 0x01d24aea5978e563
Pfad der fehlerhaften Anwendung: K:\Games\Fallout 4\Fallout4.exe
Pfad des fehlerhaften Moduls: K:\Games\Fallout 4\Fallout4.exe
Berichtskennung: cd3979b2-b6e5-11e6-8fe6-5404a66b46f9

Error: (11/30/2016 09:44:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/29/2016 05:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (12/01/2016 10:37:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (12/01/2016 10:37:37 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/01/2016 10:37:37 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/01/2016 10:37:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (12/01/2016 10:37:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (12/01/2016 10:37:37 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/01/2016 10:37:37 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/01/2016 10:37:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (12/01/2016 10:37:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (12/01/2016 10:37:36 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


CodeIntegrity:
===================================
  Date: 2016-11-27 14:58:08.488
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-27 14:58:08.426
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-16 20:00:39.437
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-16 20:00:39.367
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 21:57:34.851
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 21:57:34.774
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\PROGRA~2\DScaler\DSDrv4.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.833
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Martin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.785
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Martin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.719
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-11 14:48:49.672
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8168.77 MB
Verfügbarer physikalischer RAM: 5324.87 MB
Summe virtueller Speicher: 16335.71 MB
Verfügbarer virtueller Speicher: 13790.79 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:491.96 GB) (Free:116.05 GB) NTFS
Drive k: (Volume) (Fixed) (Total:439.45 GB) (Free:197.8 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D7E7020)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=492 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Gibt es noch Probleme mit meinem PC?

Ich habe ein Problem, dass aber schon recht lange existiert und das ich bisher umgehen konnte, aber ich denke das ist Hardwarebasiert.
Beim hochfahren wird der Vorgang oft unterbrochen, da anscheinend die rpm eines Lüfters langsamer anfährt als gewünscht (wird im BIOS rot angezeigt bis etwa 600rpm, hatte aber noch nie Temperaturprobleme)
Um das zu umgehen, gehe ich ins BIOS, ohne Änderungen vorzunehmen und fahre einfach weiter hoch.
Das BIOS selbst hat folgendes Problem: Ich kann den Mauszeiger nur schwer kontrollieren und nichts anklicken, da er von Ecke zu Ecke springt (als ob man beim Bildschirm die falsche Auflösung gewählt hat).
Tastatursteuerung funktioniert aber noch. Habe deswegen nichts unternommen, da ich mich so gut wie gar nicht damit auskenne. Das Problem gibt es schon seit etwa 1-2 Jahren.

M-K-D-B 01.12.2016 16:41
Servus,



dein beschriebenes Problem klingt wirklich eher nach einem Hardwareproblem. Leider fällt mir dazu keine Lösung ein.






Zitat:
CHIP-Installer.exe
Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?




Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe
C:\Program Files (x86)\sTabLauncher\Sponsor\Babylon9_setup_15500.exe
C:\Users\Martin\Downloads\cbrreader_setup*.exe
C:\Users\Martin\Downloads\isobuster_3_0.exe
C:\Users\Martin\Downloads\*CHIP-Downloader.exe
C:\Users\Martin\Downloads\PDFCreator-1_2_3_setup.exe
C:\Users\Martin\Downloads\pdf_repair_toolbox.exe
C:\Users\Martin\Downloads\Desktopedit\sTabLauncherV2.2.3.msi
C:\Windows\Installer\2b8e09f.msi
Reboot:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!








Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. :daumenhoc
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.




http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.




http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.




Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.




Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
http://filepony.de/icon/adblock_firefox.pngAdblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
http://filepony.de/icon/noscript.png NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.




Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Myrmix 01.12.2016 17:27
Fixlog:
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Martin (01-12-2016 17:17:57) Run:3
Gestartet von C:\Users\Martin\Desktop
Geladene Profile: Martin (Verfügbare Profile: Martin)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe
C:\Program Files (x86)\sTabLauncher\Sponsor\Babylon9_setup_15500.exe
C:\Users\Martin\Downloads\cbrreader_setup*.exe
C:\Users\Martin\Downloads\isobuster_3_0.exe
C:\Users\Martin\Downloads\*CHIP-Downloader.exe
C:\Users\Martin\Downloads\PDFCreator-1_2_3_setup.exe
C:\Users\Martin\Downloads\pdf_repair_toolbox.exe
C:\Users\Martin\Downloads\Desktopedit\sTabLauncherV2.2.3.msi
C:\Windows\Installer\2b8e09f.msi
Reboot:
end
*****************

Prozess erfolgreich geschlossen.
C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe => erfolgreich verschoben
C:\Program Files (x86)\sTabLauncher\Sponsor\Babylon9_setup_15500.exe => erfolgreich verschoben

=========== "C:\Users\Martin\Downloads\cbrreader_setup*.exe" ==========

C:\Users\Martin\Downloads\cbrreader_setup(1).exe => erfolgreich verschoben
C:\Users\Martin\Downloads\cbrreader_setup.exe => erfolgreich verschoben

========= Ende -> "C:\Users\Martin\Downloads\cbrreader_setup*.exe" ========

C:\Users\Martin\Downloads\isobuster_3_0.exe => erfolgreich verschoben

=========== "C:\Users\Martin\Downloads\*CHIP-Downloader.exe" ==========

C:\Users\Martin\Downloads\Java Runtime Environment 32 Bit - CHIP-Downloader.exe => erfolgreich verschoben

========= Ende -> "C:\Users\Martin\Downloads\*CHIP-Downloader.exe" ========

C:\Users\Martin\Downloads\PDFCreator-1_2_3_setup.exe => erfolgreich verschoben
C:\Users\Martin\Downloads\pdf_repair_toolbox.exe => erfolgreich verschoben
C:\Users\Martin\Downloads\Desktopedit\sTabLauncherV2.2.3.msi => erfolgreich verschoben
C:\Windows\Installer\2b8e09f.msi => erfolgreich verschoben


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:17:57 ====
Ich verwende auf dem PC ausschließlich Microsoft Security Essentials und werde von nun an Chip-Installern aus dem Weg gehen (kannte Filepony bisher nicht).
Habe mir schon lange angewöhnt, Passwörter nie zu speichern und ändere die wichtigen auch regelmäßig.
Ich verwende eigentlich nur Mozilla Firefox (weswegen mich die vielen IE-Einträge gewundert haben) mit ABP.
Ich verwende jetzt DelFix und bringe MSE auf den neuesten Stand (die Updates stocken bei mir dort manchmal beim Herunterladen).
Danach editiere ich den Beitrag hier nochmal.

M-K-D-B 02.12.2016 16:26
Passt alles? :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:17 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131