| Fraktion | 10.06.2015 18:04 |
Hier das Addition Text Dokument
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by User at 2015-06-08 16:19:56
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3928150652-2756980015-3035233101-500 - Administrator - Disabled)
Andere Menschen (S-1-5-21-3928150652-2756980015-3035233101-1002 - Limited - Enabled) => C:\Users\Andere Menschen
Gast (S-1-5-21-3928150652-2756980015-3035233101-501 - Limited - Disabled)
User (S-1-5-21-3928150652-2756980015-3035233101-1000 - Administrator - Enabled) => C:\Users\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\uTorrent) (Version: 3.4.2.39744 - BitTorrent Inc.)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.20.1 - Mirillis)
ActivePresenter (HKLM-x32\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 5.0.0 - Atomi Systems, Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7646-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{6E356EEF-203C-451B-9144-CBF099E3738A}) (Version: 4.54.55.1642 - Elcomsoft Co. Ltd.)
Akamai NetSession Interface (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{1D1DCF8A-6961-F848-0DA0-5401969C44CE}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AutoHotkey 1.1.15.04 (HKLM\...\AutoHotkey) (Version: 1.1.15.04 - Lexikos)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.1.419 - Bandisoft.com)
Bandicut (HKLM-x32\...\Bandicut) (Version: 1.2.8.139 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.27.5408 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.27.5408 - BlueStack Systems, Inc.)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.34 - Atheros Communications)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version: - Infinity Ward - Sledgehammer Games)
CameraHelperMsi (x32 Version: 13.10.1217.0 - Logitech) Hidden
Camtasia Studio 8 (HKLM-x32\...\{A79B26D7-D6CB-408A-90CF-51508A4B62AB}) (Version: 8.5.2.1999 - TechSmith Corporation)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2568 - CDBurnerXP)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production) <==== ATTENTION
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
CX4300_5500_DX4400 Handbuch (HKLM-x32\...\CX4300_5500_DX4400 Handbuch) (Version: - )
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Edu App (HKLM\...\Edu App) (Version: 2015.05.21.222909 - Edu App) <==== ATTENTION
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Equalify v2.5.3 (Stable) (HKLM-x32\...\{33EC4F70-9F4B-406F-BB2A-F75A285E927D}) (Version: 2.5.3.0 - Equalify)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Five Nights at Freddys 2 Demo (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Five Nights at Freddys 2 Demo) (Version: - )
Five Nights at Freddy's DEMO (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Five Nights at Freddy's DEMO) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Ghost Recon Phantoms - EU (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\61e5da2b7c463135) (Version: 1.36.5512.2 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2219 - Intel Corporation)
ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.31 - www.leaguereplays.com)
LWS VideoEffects (Version: 13.00.1774.0 - Logitech) Hidden
Magic Bullet PhotoLooks (HKLM-x32\...\Magic Bullet PhotoLooks) (Version: - )
MaintenanceService 1.0.0 (HKLM-x32\...\zz.507.mcc) (Version: 1.0.0 - CSDI)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\MK LOL) (Version: - )
MouseFIGHTER (HKLM-x32\...\{B0CD7106-0F6F-4212-B04E-9DC93ED96118}) (Version: 7.0 - Phonepilot)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
Nidhogg (HKLM-x32\...\TmlkaG9nZw==_is1) (Version: 1 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{7c71e255-9641-418f-a704-538b55cdc191}) (Version: latest - ppy Pty Ltd)
Platform (x32 Version: 1.40 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RACE 07 - Formula RaceRoom Add-On (HKLM-x32\...\Steam App 44630) (Version: - )
RACE 07 (HKLM-x32\...\Steam App 8600) (Version: - SimBin)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.3.25.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.100.5 - Red Giant, LLC)
ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32\...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
SilverCrest STMS 2219 A1 Driver (HKLM-x32\...\{1E494817-D81E-4B0E-B379-F34DF4DCDA58}) (Version: 1.2 - SilverCrest)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
SmartSpeedLAN (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.00.0000 - Realtek)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)
Spotify (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Strife (HKLM-x32\...\Strife) (Version: - S2 Games)
Survivors Beta (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Survivors Beta) (Version: - )
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{A27FDB06-60C8-4D5A-BB2F-8038FD151E3C}) (Version: 11.0.3 - Red Giant Software)
Trapcode Suite 64-bit (Version: 11.0.3 - Red Giant Software) Hidden
Unity Web Player (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.00 - NCH Software)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
Wajam (HKLM-x32\...\WaIEn) (Version: 1.46.1.7 (i1.0) - Wajam) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
ZD Soft Screen Recorder (HKLM-x32\...\{101CC777-634C-42AF-AF95-7A0282ABF247}) (Version: 8.0.1 - ZD Soft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-10-15 16:54 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
54.204.28.26 baefoldjnepdncjikpmjiamfbjgicfol
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08E8764C-300D-4BC1-B964-68D93607C403} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {0F6F4DB6-BDB4-4998-9F9F-64E7B69ACC8E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {186CAEEF-DB5F-4EC1-ADED-AE5512AD9A62} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1A53DDDF-CAA4-40C3-B92E-C6BF0C4E4EEA} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2024C9DD-3EE7-446F-AFF3-2D4CDB495306} - System32\Tasks\BaronReplays => C:\Users\User\BaronReplays\BaronReplays\BaronReplays.exe [2015-05-21] (Ahri.tw)
Task: {21B1F005-8405-484C-A734-BAFA294ED322} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {26ADDEDA-B78A-46F3-998F-AA1B016D4A04} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-20] (Microsoft Corporation)
Task: {2B97B49D-184F-4A61-8B43-C57FC17F5470} - System32\Tasks\Opera scheduled Autoupdate 1432270563 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {2DE734EA-E9C7-4590-91B1-4378BA248C51} - System32\Tasks\{09C517D2-D182-4563-AA0E-0F19CC21E594} => pcalua.exe -a C:\ProgramData\ZombieNews\uninstall.exe -c /kb=y /ic=1
Task: {2FBF82D7-C33A-4FCA-AC33-EDDF39D7E4E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-13] (Google Inc.)
Task: {317CEDA8-E5F7-444E-BCBA-68B3502A189B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-20] (Microsoft Corporation)
Task: {3524B607-61EB-4183-A0DC-4EF23E102606} - System32\Tasks\WindowsUpdatebojvti0x8429524 => C:\ProgramData\bojvti\Project1.exe
Task: {4EB65C7C-62C5-410D-9111-59BD7FCFC61F} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {51B08D79-2801-4702-833F-09AA67F5C5B9} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-06-29] (@ByELDI)
Task: {65567ED8-D7D8-4E3B-9283-80C1222C12A6} - System32\Tasks\{B18F4452-5195-4B67-A9FF-0350B3F17E2E} => pcalua.exe -a "C:\Users\User\Downloads\forge-1.7.2-10.12.2.1121-installer-win (1).exe" -d C:\Users\User\Downloads
Task: {683885A3-0AA7-4789-A81B-AF3339F1F3E2} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {6FAF56FD-367E-447F-B6FD-FF803343CEF7} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {77F05240-B77E-4C7F-B463-DA6DC0987E73} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {7B34942B-C380-41FE-AE1D-B9D0122E8727} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {81E9E360-9BAE-41BC-8FBB-731E25A6E584} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2014-07-09] ()
Task: {90B20835-1FE6-427E-81C1-EA973AD1B599} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-13] (Google Inc.)
Task: {95DABC69-D172-4213-A14C-E4B4175180E8} - System32\Tasks\{BF6628CF-078D-4511-B278-D90FB8B382D7} => pcalua.exe -a C:\Users\User\AppData\Local\Temp\~vis0000\vcredist_x86.exe -d C:\Users\User\AppData\Local\Temp\~vis0000 -c /q:a
Task: {9611B463-B1EC-4306-A793-64657C4CB0FF} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {966B1BC6-CF49-4F3B-8E29-5F7A9E89ACDF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {9D759583-D093-4D62-8787-AA5A33B65F8F} - \ASUS\i-Setup042718 No Task File <==== ATTENTION
Task: {A1226439-56FF-4806-9E13-0AE2CB38C923} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-20] (Microsoft Corporation)
Task: {B08A4F71-78CA-4869-B4F4-3D926B20CA0D} - System32\Tasks\WindowsUpdatebojvti0x8429525 => C:\ProgramData\bojvti\Project1.exe
Task: {C76A22A0-BA54-4E92-A2E9-810A6E594C70} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-21] (Microsoft Corporation)
Task: {D1928ABE-4123-4BB9-88F7-7D716FE37B3C} - System32\Tasks\{9CC9E046-6EE5-4B92-A60C-DAD74B1C61FF} => pcalua.exe -a "C:\Users\User\Desktop\HuniePop Setup.exe" -d C:\Users\User\Desktop
Task: {E83A5A72-2456-47CE-A601-268F150D833B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-20] (Microsoft Corporation)
Task: {F6AD3D9E-ECEA-4B96-8A95-C878B2E22A7B} - System32\Tasks\RtlSmartSpeedLANVistaStart => C:\Program Files (x86)\Realtek\SmartSpeedLAN\SmartSpeedLAN.exe [2012-04-06] (Realtek Semiconductor)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RtlSmartSpeedLANVistaStart.job => C:\Program Files (x86)\Realtek\SmartSpeedLAN\SmartSpeedLAN.exe
==================== Loaded Modules (Whitelisted) ==============
2013-11-28 03:11 - 2013-10-23 10:20 - 00102176 ____C () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-30 19:47 - 2013-08-30 19:47 - 00214528 ____C () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 ____C () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 ____C () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-05-22 06:55 - 2015-05-22 06:55 - 00368640 _____ () C:\Users\User\AppData\Roaming\03000200-1432270487-0500-0006-000700080009\hnsfF8A2.tmp
2015-06-08 14:22 - 2015-06-08 14:22 - 00684032 _____ () C:\Users\User\AppData\Roaming\03000200-1432270487-0500-0006-000700080009\nsiF3F1.tmp
2015-01-31 01:10 - 2015-01-31 01:10 - 00186560 ____C () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2015-05-20 16:41 - 2015-05-20 16:41 - 00030920 ____C () C:\Program Files (x86)\MaxComputerCleaner_v17.507\MaxComputerCleaner_Maintenance.exe
2010-05-07 18:34 - 2010-05-07 18:34 - 00168792 ____C () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2010-05-07 18:43 - 2010-05-07 18:43 - 00651096 ____C () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2015-03-06 18:27 - 2015-05-29 07:16 - 41287224 _____ () C:\Users\User\AppData\Roaming\Spotify\libcef.dll
2015-03-27 05:46 - 2015-03-27 05:46 - 00422912 ____C () C:\Program Files (x86)\LOLReplay\LOLUtils.dll
2010-05-07 18:35 - 2010-05-07 18:35 - 02143576 ____C () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2010-05-07 18:35 - 2010-05-07 18:35 - 07954776 ____C () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2010-05-07 18:36 - 2010-05-07 18:36 - 00340824 ____C () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2010-05-07 18:36 - 2010-05-07 18:36 - 00921944 ____C () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtNetwork4.dll
2010-05-07 18:37 - 2010-05-07 18:37 - 00027480 ____C () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2010-05-07 18:37 - 2010-05-07 18:37 - 00126808 ____C () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2015-03-06 18:27 - 2015-05-29 07:15 - 01488440 _____ () C:\Users\User\AppData\Roaming\Spotify\libglesv2.dll
2015-03-06 18:27 - 2015-05-29 07:15 - 00079928 _____ () C:\Users\User\AppData\Roaming\Spotify\libegl.dll
2010-11-12 09:23 - 2010-11-12 09:23 - 00330584 ____C () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2015-03-06 18:27 - 2015-03-20 07:06 - 09305656 _____ () C:\Users\User\AppData\Roaming\Spotify\pdf.dll
2015-05-26 07:22 - 2015-05-22 22:22 - 01281864 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 07:22 - 2015-05-22 22:22 - 00080712 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-26 07:22 - 2015-05-22 22:22 - 14982472 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Andere Menschen\Downloads\Media Markt, Ihre Bestellung wurde verschickt.eml:OECustomProperty
AlternateDataStreams: C:\Users\User\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\User\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\User\Downloads\Aw- Angebot Hecke Fristo Getränkemarkt Industriestr.7.eml:OECustomProperty
AlternateDataStreams: C:\Users\User\AppData\Roaming:NT
AlternateDataStreams: C:\Users\User\AppData\Roaming:NT2
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 82.144.41.8 - 82.145.9.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{DE5036E3-DAEB-45BF-8820-AC04013CB1E8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A1CE6335-48AF-44E5-B306-75EE417A9D59}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A4F71C9B-EE60-4DC4-936D-FE23CD804452}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{875E0C2B-1B24-4045-900D-C5643AA8FD4B}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2820D1C0-7532-4C24-9A6C-3ACC70F3AABE}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8F4E5665-8ABE-4056-9D4C-ADE9C96928BE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{5A2B1B59-CE7E-4BF8-84C9-8C29CB54E380}] => (Allow) C:\Spiele,Dateien_usw\Steam\Steam.exe
FirewallRules: [{B374371C-BD2D-4B4A-A87A-CBA7CF764F08}] => (Allow) C:\Spiele,Dateien_usw\Steam\Steam.exe
FirewallRules: [{A0BE2F0F-745C-4BDA-B4C1-E1E8DDF71076}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{C801DB42-FD4F-4920-AD3C-C0039B294BFA}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{394A669C-46B1-4581-91A9-253863BA527F}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{0E5E8456-0A30-483A-B11E-5E5BA83D8CAE}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{B4EF148F-25C2-41E4-9AC7-2C2B42CC130B}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{01CC6E06-72D7-43AB-AF30-FBAFD20E0254}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{1BCF0E6C-8436-489F-8600-0737AD725BAA}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{62E768FF-1D47-4EBA-8FB1-22CC80C29BFD}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{68AE93FF-9247-435F-93DE-728719414197}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{1763E60A-1C30-4622-AC34-0A1437A2B3C7}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{C6C459B7-7B19-4A4C-911F-ED98BDD013EB}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{229B7FAC-10C5-4742-9C80-92C19DD35CA4}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{EE03B367-F9EA-4F14-A8B7-CD29F5ECC46F}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{489AEDE8-0A4B-4ACD-BF88-525C8CF2E4BC}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{39E79F0C-56F5-4476-B4CD-F6454E816B80}C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4m.exe] => (Allow) C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4m.exe
FirewallRules: [UDP Query User{15068839-226D-4DEA-B4CE-2BB19A4E2E2E}C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4m.exe] => (Allow) C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4m.exe
FirewallRules: [TCP Query User{DDA4EA91-3A3A-4869-BF5B-B506A723EA57}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [UDP Query User{74C46818-4E64-4CF0-90EA-84BFF054C8A8}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [TCP Query User{C4EA79FC-F5D5-4818-BDF6-64D816F79A00}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{151C20C4-3D5F-485A-937F-38E06A444A6A}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{56625EBD-1EB7-41DD-B77E-E6B6B67848A9}] => (Allow) C:\Spiele,Dateien_usw\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF8443EE-9C41-473C-9E26-6A15847EFE78}] => (Allow) C:\Spiele,Dateien_usw\Steam\bin\steamwebhelper.exe
FirewallRules: [{5E24BE6E-4A4A-4528-84D2-AD646B1287E5}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{04716059-8388-4B52-B873-DE9FC16ADB70}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{F12E474B-8B58-41B5-B5D7-CE7E2B63D94E}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{B3D98C1D-91CB-4AC1-8AA9-C78A18D40427}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{07927A31-007F-4942-B819-AA479F10344A}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{BA5915AF-694C-4A53-899E-4DD014D53093}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{B25C470F-8A1D-4BA2-9F16-F139C10D06DC}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe
FirewallRules: [{6A14C1D3-81D2-4D44-B385-A9F20775011A}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe
FirewallRules: [TCP Query User{E39B4D5E-7D1E-4B9D-A929-D3474EC94C16}C:\spiele,dateien_usw\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\spiele,dateien_usw\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [UDP Query User{F79A92FA-D32D-4EE4-BC76-1A2F67D0EE33}C:\spiele,dateien_usw\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\spiele,dateien_usw\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{7AA913EE-0F48-4829-BD57-93F622378DEA}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{40036FE0-4EC5-40C5-B91D-5B3770D8A36D}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{1D54E7A8-23DD-4F45-8B5A-EF0C6C28F5F6}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [UDP Query User{6FD77D64-8648-49E1-881B-A97D479E38A7}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [{2EB3D217-5167-4916-92A6-D42E07B69505}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{93F9E0B8-2125-4CCD-B356-5021D2CE4719}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [TCP Query User{3FB181C4-BF68-4BDD-96FA-5669DA91A3C3}C:\program files (x86)\mta san andreas 1.4\server\mta server.exe] => (Allow) C:\program files (x86)\mta san andreas 1.4\server\mta server.exe
FirewallRules: [UDP Query User{E7C81F98-91E7-4354-BAB3-270188BE4FE8}C:\program files (x86)\mta san andreas 1.4\server\mta server.exe] => (Allow) C:\program files (x86)\mta san andreas 1.4\server\mta server.exe
FirewallRules: [TCP Query User{5D6A723E-4928-41D6-8406-0F680AD5FAFC}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [UDP Query User{8167B353-DEEE-4D2C-8943-F760DDC10E5D}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [TCP Query User{AD98967F-23A9-4C25-B5F5-C68112BAD0A0}C:\spiele,dateien_usw\gta san andreas\gta_sa.exe] => (Allow) C:\spiele,dateien_usw\gta san andreas\gta_sa.exe
FirewallRules: [UDP Query User{65975446-35F9-49CB-83AA-6D36ADE9A059}C:\spiele,dateien_usw\gta san andreas\gta_sa.exe] => (Allow) C:\spiele,dateien_usw\gta san andreas\gta_sa.exe
FirewallRules: [TCP Query User{891E44BB-5965-49B7-B930-94E591F0956F}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8F078193-9C62-45CD-90DA-7434E0792D65}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{0E447F96-AE3D-48D7-BC97-3EF368A99A81}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{2AAA8618-A5ED-43F2-9964-26DB36D2E2BD}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{A43B7E0B-FEFB-4E6E-98FF-148DEA2EED9D}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{C4C0EE32-EDCF-4919-8019-FE95D91F7FF5}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{3D14E61B-83FD-437A-87C0-675B91BF3876}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A1A6DA4E-E9A5-4324-8D3E-B5ED1128F414}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{40EE6973-EE7D-400F-8050-0EADB9E36366}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{42988F54-13EA-402F-92D4-274B132583FB}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{F98E964D-F141-439B-A4C6-C028BA97676F}C:\users\user\baronreplays\baronreplays\baronreplays.exe] => (Allow) C:\users\user\baronreplays\baronreplays\baronreplays.exe
FirewallRules: [UDP Query User{2DFF16C8-E279-425A-850F-43C7D3DAEFD5}C:\users\user\baronreplays\baronreplays\baronreplays.exe] => (Allow) C:\users\user\baronreplays\baronreplays\baronreplays.exe
FirewallRules: [TCP Query User{FCD0640C-5D92-4DA6-8B0D-CFAA84AD22FC}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{60DDE353-743A-4DC9-AAD4-26B8CBF2F7F8}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{CDFB3094-8D87-4524-80E7-83BA66781FD0}C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{C12B283C-A44B-43BF-A078-FEA94A457EFB}C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{730259E9-5FFA-44E8-BB8D-17F63D9EEE83}C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{D51AC777-0D26-4E1E-B050-0EC367112101}C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{69C4BC03-97EB-41CF-9986-B5E91EA91B81}] => (Allow) C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{F201DF58-6391-4F46-A2BF-5061E0438A90}] => (Allow) C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [{1645859E-42F8-486E-8D1F-C5C3FB059EFF}] => (Allow) C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{63CF4222-9DF7-4205-BD43-A1100B77A3C1}] => (Allow) C:\spiele,dateien_usw\riotgames\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{02823997-E0C3-4902-8AF7-931305CA1359}] => (Allow) D:\fsetup.exe
FirewallRules: [{AAAE0901-944D-45C0-8CC9-7A83E1FA7508}] => (Allow) D:\fsetup.exe
FirewallRules: [{8984D203-A247-48A2-9917-0656F9FC1F9C}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\race 07\SteamProxy.exe
FirewallRules: [{5F7AB9B5-A091-4D94-9A63-C7B901FC255F}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\race 07\SteamProxy.exe
FirewallRules: [{E4E75721-AE23-47AE-BC21-831047EE7D15}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\race 07\Config.exe
FirewallRules: [{4F0D856E-15B8-4396-ADBC-F16D87A1E67E}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\race 07\Config.exe
FirewallRules: [TCP Query User{69DA716D-18F5-42A8-AE4D-C9B93459FA1C}C:\spiele,dateien_usw\steam\steamapps\common\race 07\race_steam.exe] => (Allow) C:\spiele,dateien_usw\steam\steamapps\common\race 07\race_steam.exe
FirewallRules: [UDP Query User{DA822898-4251-411F-B812-FD0C6CDD65C9}C:\spiele,dateien_usw\steam\steamapps\common\race 07\race_steam.exe] => (Allow) C:\spiele,dateien_usw\steam\steamapps\common\race 07\race_steam.exe
FirewallRules: [{56A59CB1-9F55-4626-AF4E-1A27A00325A3}] => (Allow) LPort=1689
FirewallRules: [TCP Query User{9D227649-03C9-4464-ADDE-BD4AA96CE636}C:\spiele,dateien_usw\steam\steamapps\common\call of duty modern warfare 3\iw5m.exe] => (Allow) C:\spiele,dateien_usw\steam\steamapps\common\call of duty modern warfare 3\iw5m.exe
FirewallRules: [UDP Query User{181F6E23-86B8-451A-B98B-BB93A32D8A7E}C:\spiele,dateien_usw\steam\steamapps\common\call of duty modern warfare 3\iw5m.exe] => (Allow) C:\spiele,dateien_usw\steam\steamapps\common\call of duty modern warfare 3\iw5m.exe
FirewallRules: [{8C2ADAA5-91F0-42F6-898E-CCFB241D462C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4860F25D-3186-49E6-8A2D-223F3E7046A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{91D2257D-BCE9-44E0-811C-C9316FBD0B2A}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8DD321B4-4A91-470E-BF3B-425DB7F42951}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{CA7D3DC6-50FC-4884-88DB-FE64DC8CF454}C:\spiele,dateien_usw\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\spiele,dateien_usw\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{30229533-D055-4462-92D0-885D5DCD539C}C:\spiele,dateien_usw\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\spiele,dateien_usw\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{A4E28F24-0152-4E09-A645-D12D821F2FF7}C:\users\user\appdata\local\apps\2.0\t9tzkp87.jj2\94ng7j9z.xtc\laun...app_2e973cc213891be7_0001.0024_eafc301c6e5bc8c2\launcher.exe] => (Allow) C:\users\user\appdata\local\apps\2.0\t9tzkp87.jj2\94ng7j9z.xtc\laun...app_2e973cc213891be7_0001.0024_eafc301c6e5bc8c2\launcher.exe
FirewallRules: [UDP Query User{04B91C22-831C-495E-A85C-14088D2B1438}C:\users\user\appdata\local\apps\2.0\t9tzkp87.jj2\94ng7j9z.xtc\laun...app_2e973cc213891be7_0001.0024_eafc301c6e5bc8c2\launcher.exe] => (Allow) C:\users\user\appdata\local\apps\2.0\t9tzkp87.jj2\94ng7j9z.xtc\laun...app_2e973cc213891be7_0001.0024_eafc301c6e5bc8c2\launcher.exe
FirewallRules: [TCP Query User{9448AB6A-B6FA-4495-AC67-EC51DD7E01A0}C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe
FirewallRules: [UDP Query User{F5169B3A-0A8A-4258-A873-BEC8942EA341}C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2014\photoshop.exe
FirewallRules: [TCP Query User{E17F7212-452D-4908-9F90-4262FE04E653}C:\users\user\appdata\local\apps\2.0\t9tzkp87.jj2\94ng7j9z.xtc\laun...app_2e973cc213891be7_0001.0024_9c147c5229b467c2\launcher.exe] => (Allow) C:\users\user\appdata\local\apps\2.0\t9tzkp87.jj2\94ng7j9z.xtc\laun...app_2e973cc213891be7_0001.0024_9c147c5229b467c2\launcher.exe
FirewallRules: [UDP Query User{DCC26B56-C9A0-431F-9045-1AC30230E788}C:\users\user\appdata\local\apps\2.0\t9tzkp87.jj2\94ng7j9z.xtc\laun...app_2e973cc213891be7_0001.0024_9c147c5229b467c2\launcher.exe] => (Allow) C:\users\user\appdata\local\apps\2.0\t9tzkp87.jj2\94ng7j9z.xtc\laun...app_2e973cc213891be7_0001.0024_9c147c5229b467c2\launcher.exe
FirewallRules: [{DE92F83C-AEB9-4B8F-AE8E-3AADBEF3F382}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A1F8B4FE-1310-4CD5-A521-3D6FB8994237}] => (Allow) LPort=2869
FirewallRules: [{ECA7AC0F-68C3-4F83-908A-DF678F627C12}] => (Allow) LPort=1900
FirewallRules: [{1E5438B3-3CD3-4A7A-AD0B-9451823156C8}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{98CB8CB1-7441-478B-8B56-D74ABA6C55E7}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{641F7435-D778-455C-9C60-849F5DF87822}] => (Allow) C:\Program Files (x86)\ATOMI\ActivePresenter\ActivePresenter.exe
FirewallRules: [{EA09A193-EE41-4EE2-AA86-06343CB61181}] => (Allow) C:\Program Files (x86)\ATOMI\ActivePresenter\ActivePresenter.exe
FirewallRules: [{0AECFE77-CC5E-43F9-B54F-2F67B14A5F0C}] => (Allow) C:\Program Files (x86)\ATOMI\ActivePresenter\rlhtmlrenderer.exe
FirewallRules: [{4A53373D-1DCE-4327-8A11-AA6BBF178842}] => (Allow) C:\Program Files (x86)\ATOMI\ActivePresenter\rlhtmlrenderer.exe
FirewallRules: [{6AE5B0FA-1165-41F0-B6A6-A31D627413FF}] => (Allow) C:\Program Files (x86)\ATOMI\ActivePresenter\rlactivator.exe
FirewallRules: [{78B5FE81-996F-4373-A431-BA821852CC3D}] => (Allow) C:\Program Files (x86)\ATOMI\ActivePresenter\rlactivator.exe
FirewallRules: [{63A11271-7A22-449D-8748-7E240D3F000D}] => (Allow) C:\Program Files (x86)\ATOMI\ActivePresenter\rlupdater.exe
FirewallRules: [{5C26A186-5900-4BC2-A14E-94E601CC90D4}] => (Allow) C:\Program Files (x86)\ATOMI\ActivePresenter\rlupdater.exe
FirewallRules: [{21965ACA-B6F7-41AB-BB76-63BCA496C987}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{3392CA4F-BB2B-4AD8-BC0C-BBEED0187009}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{CECFCBF0-FCC7-45C4-9149-D70CFE6834E2}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1EB7045-4BFD-4A21-A874-2CD0367CA75E}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{910C4CB8-F84E-4295-B37C-4F19C3E47220}C:\users\user\desktop\spiele\dayz\dayz_0.36.115535\dayz.exe] => (Allow) C:\users\user\desktop\spiele\dayz\dayz_0.36.115535\dayz.exe
FirewallRules: [UDP Query User{0586DE0B-2742-4AF7-864C-3EFBD56D9DDE}C:\users\user\desktop\spiele\dayz\dayz_0.36.115535\dayz.exe] => (Allow) C:\users\user\desktop\spiele\dayz\dayz_0.36.115535\dayz.exe
FirewallRules: [TCP Query User{9226FE24-9FAB-4D29-BA30-D53D0B08421D}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{0004350B-C3C8-412E-9CAE-11AEB55F4A84}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{F1451932-5DB5-4FCA-B670-4408428DA0D4}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3DEC5818-BE89-4C1B-BC98-A75D63B7299D}] => (Allow) C:\Spiele,Dateien_usw\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{E8103073-9B86-4471-8AF3-C34578DF49E3}C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{F00E1C6E-2EE7-4FEE-8C6E-34724A64864D}C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{FB131DDB-6B33-41E1-BB27-7DBCA57092B0}C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4mp.dat] => (Allow) C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4mp.dat
FirewallRules: [UDP Query User{5D31EDFF-1F2B-44FE-989D-3D2073943C96}C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4mp.dat] => (Allow) C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iw4mp.dat
FirewallRules: [TCP Query User{B41F8AB9-A649-4B4D-88E5-105541E8235A}C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iwnetserver\iwnetserver.exe] => (Allow) C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iwnetserver\iwnetserver.exe
FirewallRules: [UDP Query User{0CF32C4A-D031-49DC-90E0-56BC8B3AC637}C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iwnetserver\iwnetserver.exe] => (Allow) C:\spiele,dateien_usw\modernwarfare 2\call of duty modern warfare 2\iwnetserver\iwnetserver.exe
FirewallRules: [{BE44FE0D-3982-4D77-A5E4-699E24B8418F}] => (Allow) C:\Spiele,Dateien_usw\RiotGames\lol.launcher.exe
FirewallRules: [{2CCCD06E-924A-416E-AED9-350749C6BC35}] => (Allow) C:\Spiele,Dateien_usw\RiotGames\lol.launcher.exe
FirewallRules: [{D63E6BC5-8578-41FD-8E2D-2DDF63A1BFF7}] => (Allow) C:\Spiele,Dateien_usw\RiotGames\lol.launcher.exe
FirewallRules: [{C2A436B2-BDA8-4947-BD51-4E4B3946F352}] => (Allow) C:\Spiele,Dateien_usw\RiotGames\lol.launcher.exe
FirewallRules: [TCP Query User{61939913-F18D-4A64-88B7-8B4968BA3DC9}C:\users\user\desktop\viy.exe] => (Block) C:\users\user\desktop\viy.exe
FirewallRules: [UDP Query User{3ECFE44B-E6A2-414F-8117-2C7291F78AE9}C:\users\user\desktop\viy.exe] => (Block) C:\users\user\desktop\viy.exe
FirewallRules: [TCP Query User{081B5CED-605D-4F04-9E47-1B36DFF55FCC}C:\program files (x86)\survivors beta\survivers_beta_3.exe] => (Block) C:\program files (x86)\survivors beta\survivers_beta_3.exe
FirewallRules: [UDP Query User{106AB008-A2AF-4717-970B-490176AD1356}C:\program files (x86)\survivors beta\survivers_beta_3.exe] => (Block) C:\program files (x86)\survivors beta\survivers_beta_3.exe
FirewallRules: [TCP Query User{3857E4A8-097C-4627-9A02-C23FB47CD8A1}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{6DA7E46C-B1B7-4C01-AB63-0B3A204A2F63}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{4D25906A-1827-4EBC-883D-5E6E5A25ABD1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C0CE2FDB-DF59-4D29-93F8-08A3E68BEF4B}] => (Allow) LPort=8317
FirewallRules: [{D48700D2-6688-48E6-88DD-EBD526467F19}] => (Allow) LPort=1688
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/08/2015 04:09:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.3.0.0, Zeitstempel: 0x53b06ef6
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x000007fe97f50399
ID des fehlerhaften Prozesses: 0x91c
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Error: (06/08/2015 06:25:43 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={C6905219-B8DA-4B1B-92D4-2A0922047ED4}: Der Benutzer "User-PC\User" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (06/08/2015 06:21:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.3.0.0, Zeitstempel: 0x53b06ef6
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x000007fe98320399
ID des fehlerhaften Prozesses: 0x8e4
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Error: (06/08/2015 06:21:30 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Service_KMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
bei Service_KMS.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Net.ContextAwareResult.Complete(IntPtr)
bei System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (06/07/2015 07:05:04 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Fehler beim Lesen aus der Schattenkopie auf einem der zu sichernden Volumes durch die Windows-Sicherung. Prüfen Sie die Ereignisprotokolle auf relevante Fehler. (0x81000037)"
Error: (06/07/2015 05:29:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AutoPico.exe, Version: 12.3.0.0, Zeitstempel: 0x53b06ef5
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8c17
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000001aaad
ID des fehlerhaften Prozesses: 0x2718
Startzeit der fehlerhaften Anwendung: 0xAutoPico.exe0
Pfad der fehlerhaften Anwendung: AutoPico.exe1
Pfad des fehlerhaften Moduls: AutoPico.exe2
Berichtskennung: AutoPico.exe3
Error: (06/07/2015 05:29:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoPico.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
bei AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Net.ContextAwareResult.Complete(IntPtr)
bei System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (06/07/2015 01:21:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.3.0.0, Zeitstempel: 0x53b06ef6
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8c17
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000001aaad
ID des fehlerhaften Prozesses: 0x8e0
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Error: (06/07/2015 01:21:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Service_KMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
bei Service_KMS.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Net.ContextAwareResult.Complete(IntPtr)
bei System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (06/07/2015 10:42:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.3.0.0, Zeitstempel: 0x53b06ef6
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x000007fe97560399
ID des fehlerhaften Prozesses: 0x948
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
System errors:
=============
Error: (06/08/2015 04:11:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/08/2015 04:11:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Error: (06/08/2015 04:09:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/08/2015 04:09:34 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 169.254.196.35192.168.137.0255.255.255.0
Error: (06/08/2015 04:09:34 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (06/08/2015 04:08:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Hub Instruction" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/08/2015 04:08:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mainframe Laser Printer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/08/2015 04:08:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 08.06.2015 um 16:07:42 unerwartet heruntergefahren.
Error: (06/08/2015 06:25:56 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 169.254.196.35192.168.137.0255.255.255.0
Error: (06/08/2015 06:25:48 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 169.254.196.35192.168.137.0255.255.255.0
Microsoft Office:
=========================
Error: (06/08/2015 04:09:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe13.3.0.053b06ef6unknown0.0.0.00000000000000000000007fe97f5039991c01d0a1f4a4b7c9b9C:\Program Files\KMSpico\Service_KMS.exeunknownf6a98c6a-0de7-11e5-9a4d-b8975a841e9e
Error: (06/08/2015 06:25:43 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {C6905219-B8DA-4B1B-92D4-2A0922047ED4}User-PC\UserBreitbandverbindung651
Error: (06/08/2015 06:21:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe13.3.0.053b06ef6unknown0.0.0.00000000000000000000007fe983203998e401d0a1a28df93830C:\Program Files\KMSpico\Service_KMS.exeunknowne080f192-0d95-11e5-8a71-b8975a841e9e
Error: (06/08/2015 06:21:30 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Service_KMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
bei Service_KMS.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Net.ContextAwareResult.Complete(IntPtr)
bei System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (06/07/2015 07:05:04 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Fehler beim Lesen aus der Schattenkopie auf einem der zu sichernden Volumes durch die Windows-Sicherung. Prüfen Sie die Ereignisprotokolle auf relevante Fehler. (0x81000037)
Error: (06/07/2015 05:29:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoPico.exe12.3.0.053b06ef5KERNELBASE.dll6.1.7601.18839553e8c17e0434352000000000001aaad271801d0a136ad3dc2bcC:\Program Files\KMSpico\AutoPico.exeC:\Windows\system32\KERNELBASE.dllf396a527-0d29-11e5-80d7-b8975a841e9e
Error: (06/07/2015 05:29:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoPico.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
bei AutoPico.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Net.ContextAwareResult.Complete(IntPtr)
bei System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (06/07/2015 01:21:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe13.3.0.053b06ef6KERNELBASE.dll6.1.7601.18839553e8c17e0434352000000000001aaad8e001d0a1141584fa25C:\Program Files\KMSpico\Service_KMS.exeC:\Windows\system32\KERNELBASE.dll64548d1b-0d07-11e5-80d7-b8975a841e9e
Error: (06/07/2015 01:21:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Service_KMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.Net.Sockets.NetworkStream.EndRead(System.IAsyncResult)
bei Service_KMS.KMSEmulator.TCPServer.ReadCallback(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Net.ContextAwareResult.Complete(IntPtr)
bei System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (06/07/2015 10:42:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe13.3.0.053b06ef6unknown0.0.0.00000000000000000000007fe9756039994801d0a0fdbe08f5b1C:\Program Files\KMSpico\Service_KMS.exeunknown12c73694-0cf1-11e5-ae0b-b8975a841e9e
CodeIntegrity Errors:
===================================
Date: 2014-03-23 15:30:23.649
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Sftfslh.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-23 15:30:23.555
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Sftfslh.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD A8-5600K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 40%
Total physical RAM: 8116.88 MB
Available physical RAM: 4805.79 MB
Total Pagefile: 16231.96 MB
Available Pagefile: 12190.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Windows7) (Fixed) (Total:931.41 GB) (Free:655.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0DA7C2E8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of log ============================
--- --- ---
Und hier das AdWareCleaner Text Dokument Code:
# AdwCleaner v4.205 - Bericht erstellt 09/06/2015 um 07:20:28
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-21.2 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : User - USER-PC
# Gestarted von : C:\Users\User\Downloads\adwcleaner_4.205.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\AnyProtectEx
Ordner Gelöscht : C:\Users\User\AppData\Roaming\AnyProtectEx
Datei Gelöscht : C:\Users\User\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\175vkymt.default\user.js
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_deutsch.babylon.com_0.localstorage
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_deutsch.babylon.com_0.localstorage-journal
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Verknüpfung Desinfiziert : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4595218f26cb174b\Facebook Messenger.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\HomeTab
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\TNT2
Schlüssel Gelöscht : HKCU\Software\WajIntEnhance
Schlüssel Gelöscht : HKCU\Software\SearchProtectWS
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKLM\SOFTWARE\WajIntEnhance
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17801
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v38.0.5 (x86 de)
[175vkymt.default\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1433825900&z=c25e3d5c7f5101ed0e291bcg7zdc3c7b6o8wcb5tbq&from=cmi&uid=HitachiXHDS721010KLA330_GTF002PAHEJG2FHEJG2FX");
[175vkymt.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "mystartsearch");
[175vkymt.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[175vkymt.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "mystartsearch");
[175vkymt.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1433825900&z=c25e3d5c7f5101ed0e291bcg7zdc3c7b6o8wcb5tbq&from=cmi&uid=HitachiXHDS721010KLA330_GTF002PAHEJG2FHE[...]
[175vkymt.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=1433825900&z=c25e3d5c7f5101ed0e291bcg7zdc3c7b6o8wcb5tbq&from=cmi&uid=HitachiXHDS721010KLA330_GTF002PAHEJG2FHEJG2FX");
-\\ Google Chrome v43.0.2357.81
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.mystartsearch.com/?type=sy&ts=1433825963&z=f890df0610b447d3ea1329bg5zacec2bao4wct1wct&from=cmi&uid=HitachiXHDS721010KLA330_GTF002PAHEJG2FHEJG2FX
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Startup_URLs] : 37831998113F5C5A35BD33ED5A646F2392993139F791690EEF11C1C58B8D1A3B"},"software_reporter":{"prompt_reason":"974A6B9C258893E7E3FCF9CD39120EAB42920690B0035677CB1465C6777AEF73","prompt_seed":"EC1B6506824FB060804EE418ADFBD534DD79875C661175EECB990D7B867C6561","prompt_version":"A141BF1ED322F9BEE080AFBFD8807C353394DD424AFBF6145D54FC6D0D3F1C97"},"sync":{"remaining_rollback_tries":"B05526516DF4DF9B2EBBC1541FC310F8C0FF14E4467B9B572351E12CB73A9214"}},"super_mac":"32236125A08D9678F2C53295936179B64D691B0A66EB1A6051A595E65A27428F"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://www.mystartsearch.com/?type=hp&ts=1433825900&z=c25e3d5c7f5101ed0e291bcg7zdc3c7b6o8wcb5tbq&from=cmi&uid=HitachiXHDS721010KLA330_GTF002PAHEJG2FHEJG2FX
-\\ Opera v29.0.1795.60
*************************
AdwCleaner[R0].txt - [25016 Bytes] - [22/05/2015 16:29:47]
AdwCleaner[R1].txt - [11045 Bytes] - [09/06/2015 07:12:47]
AdwCleaner[S0].txt - [20488 Bytes] - [22/05/2015 16:31:01]
AdwCleaner[S1].txt - [7759 Bytes] - [09/06/2015 07:20:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7818 Bytes] ##########
|
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
dann auf 
und dann auf 
.