Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows Vista: AVG findet einen Rootkit

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.12.2016, 17:11   #16
Suiolirim
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



"Weitere Informationen" führt zu dieser Seite:

What is a Generic virus? - AVG Threat Labs
www.avgthreatlabs.com/us-en/virus-and-malware-information/content/generic-virus/

Alt 29.12.2016, 19:36   #17
burningice
/// Malwareteam
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Schritt:1
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.


Schritt:2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...
__________________

__________________

Alt 30.12.2016, 14:48   #18
Suiolirim
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Suiolirim (Administrator) auf SUIOLIRIM (30-12-2016 11:30:19)
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Geladene Profile: Suiolirim (Verfügbare Profile: Suiolirim)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe
(Google) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Run: [Google Update] => C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-24] (Google Inc.)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
GroupPolicy\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9CA86A35-94EC-4BED-A5DB-38C113AD5714}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{A615081A-DB1C-42C8-8B6A-0E4FEC46738B}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll [2009-10-18] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-18] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Browsing Protection Class -> {C6867EB7-8350-4856-877F-93CF8AE3DC9C} -> Keine Datei
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default [2016-12-29]
FF NetworkProxy: Mozilla\Firefox\Profiles\bysl5o0l.default -> no_proxies_on", ""
FF Extension: (Grooveshark Unlocker) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\groovesharkUnlocker@overlord1337.xpi [2016-12-26]
FF Extension: (Distrust) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\trustme@gness.com [2009-04-14] [ist nicht signiert]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-29] [ist nicht signiert]
FF Extension: (NoScript) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-25]
FF Extension: (BugMeNot Plugin) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2016-12-25]
FF Extension: (WOT) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-05-17] [ist nicht signiert]
FF Extension: (Fasterfox) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a99} [2009-04-14] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-25]
FF Extension: (Greasemonkey) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-12-25]
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2016-12-24] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-12-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (Eset Plugin) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-07-06] [ist nicht signiert]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 -> C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-14] (Google)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-02-14] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Limited)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-02-14] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npigl.dll [2007-02-12] (Indiepath Ltd)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll [2009-07-03] (NHN USA Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-01-07] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Plugin: (Shockwave Flash) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\49.0.2623.112\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (igLoader) - C:\Program Files (x86)\Mozilla Firefox\plugins\npigl.dll (Indiepath Ltd)
CHR Plugin: (ijji Auto Install Plugin for Mozilla) - C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll (NHN USA Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => Keine Datei
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Google Updater) - C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Unity Player) - C:\Users\Suiolirim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Keine Datei
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Keine Datei
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-24]
StartMenuInternet: Google Chrome - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [69632 2008-07-14] () [Datei ist nicht signiert]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert]
S2 gupdate1c986c7e6048a9a; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-08] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3404560 2010-01-04] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
S2 F-Secure Gatekeeper Handler Starter; "C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe" [X]
S3 FSDFWD; "C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe" [X]
S2 FSMA; "C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE" [X]
S3 FSORSPClient; "C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe" [X]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S1 Beep; kein ImagePath
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-09-03] (Brother Industries Ltd.)
R1 FSES; C:\Windows\System32\drivers\fses.sys [46664 2011-04-30] (F-Secure Corporation)
R1 FSFW; C:\Windows\System32\drivers\fsdfw.sys [95784 2011-04-30] (F-Secure Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42248 2012-11-15] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-24] (REALiX(tm))
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89432 2012-08-13] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [613720 2012-11-15] (Kaspersky Lab)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-10-06] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-10-06] (Nokia)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4774 2012-02-02] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-06-06] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-15] (Anchorfree Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2009-10-06] (Nokia)
U0 aswVmm; kein ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 dump_wmimmc; \??\C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [X]
S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Corporate Edition\kerneld.amd64 [X]
S3 F-Secure Gatekeeper; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [X]
S1 F-Secure HIPS; \??\C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [X]
S1 fsvista; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\Sandra.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\SUIOLIRIM\AppData\Local\Temp\001408.tmp [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-29 11:35 - 2016-12-29 11:49 - 00000000 ____D C:\ProgramData\HitmanPro
2016-12-27 21:40 - 2016-12-27 21:41 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-12-27 21:10 - 2016-12-27 21:10 - 00000000 ____H C:\Windows\SwSys2.bmp
2016-12-27 21:10 - 2016-12-27 21:10 - 00000000 ____H C:\Windows\SwSys1.bmp
2016-12-27 20:07 - 2016-12-27 20:10 - 00192922 _____ C:\TDSSKiller.3.1.0.12_27.12.2016_20.07.16_log.txt
2016-12-27 01:11 - 2016-12-27 01:33 - 00000000 ____D C:\Users\TEMP
2016-12-27 00:32 - 2016-10-07 17:12 - 02528768 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-27 00:32 - 2016-10-07 16:52 - 01544704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-12-27 00:27 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-12-27 00:27 - 2014-12-08 02:37 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-12-27 00:14 - 2016-03-10 18:07 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-27 00:14 - 2016-03-10 17:43 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2VDEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ADEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-12-27 00:09 - 2015-12-05 18:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-12-27 00:09 - 2015-12-05 17:41 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01539072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01127424 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01090560 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-12-27 00:09 - 2015-12-05 17:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00819200 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 01571328 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 01074176 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-12-27 00:09 - 2015-12-05 17:39 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-12-27 00:09 - 2015-12-05 17:22 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-12-27 00:09 - 2013-10-30 05:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-12-27 00:09 - 2013-10-30 03:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-12-27 00:06 - 2016-11-08 18:09 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-27 00:06 - 2016-11-08 18:02 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-27 00:04 - 2015-11-05 10:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-12-27 00:04 - 2015-11-05 09:55 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-12-27 00:04 - 2015-11-05 08:54 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-12-26 23:59 - 2016-09-10 17:44 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-12-26 23:59 - 2016-09-10 17:27 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-12-26 23:51 - 2015-07-10 20:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-12-26 23:51 - 2015-07-10 20:35 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-12-26 23:39 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-12-26 23:39 - 2015-11-02 17:44 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-12-26 23:38 - 2015-09-02 22:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-12-26 23:38 - 2015-09-02 22:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-12-26 23:30 - 2016-03-18 19:15 - 01915392 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-12-26 23:30 - 2016-03-18 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-26 23:30 - 2016-03-18 18:10 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-12-26 23:30 - 2016-03-18 18:10 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-26 23:22 - 2016-10-04 15:41 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-26 23:17 - 2016-11-09 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-26 23:17 - 2016-11-09 16:22 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-26 23:15 - 2016-10-07 17:19 - 04692712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-26 23:15 - 2016-08-12 20:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-26 23:15 - 2016-03-22 00:00 - 01589168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-26 23:15 - 2016-03-22 00:00 - 01171488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-26 23:11 - 2016-04-09 22:17 - 00975360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-12-26 23:11 - 2016-04-09 21:48 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-12-26 23:09 - 2016-03-18 19:15 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-12-26 23:09 - 2016-03-18 19:15 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-12-26 23:09 - 2016-03-18 18:10 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-12-26 23:06 - 2016-11-11 18:14 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-26 23:06 - 2016-11-11 17:59 - 00648704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-26 23:01 - 2016-10-27 17:16 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-26 23:01 - 2016-10-27 17:03 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-26 22:59 - 2016-03-04 17:52 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-12-26 22:59 - 2016-03-04 17:40 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-12-26 22:57 - 2015-05-31 09:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-12-26 22:57 - 2015-05-31 08:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-12-26 22:55 - 2015-10-10 16:48 - 00736192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-12-26 22:53 - 2016-06-25 17:04 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-12-26 22:53 - 2016-06-25 17:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-26 22:53 - 2016-06-25 17:04 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-12-26 22:53 - 2016-06-25 17:03 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-12-26 22:53 - 2016-06-25 17:03 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-12-26 22:53 - 2016-06-25 16:09 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-12-26 22:53 - 2016-06-25 16:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-12-26 22:53 - 2016-06-25 15:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-12-26 22:43 - 2016-03-17 20:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-12-26 22:43 - 2016-03-17 18:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-12-26 22:43 - 2016-03-17 18:45 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-12-26 22:43 - 2016-02-06 03:12 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-26 22:43 - 2016-02-06 03:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-26 22:43 - 2016-02-06 03:01 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-26 22:43 - 2016-02-06 01:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-26 22:42 - 2014-06-15 23:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-12-26 22:42 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-12-26 22:42 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-12-26 22:42 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-12-26 22:42 - 2014-06-13 18:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-12-26 22:42 - 2014-06-13 18:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-12-26 22:39 - 2015-05-04 23:51 - 10627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-12-26 22:39 - 2015-05-04 23:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-12-26 22:39 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-12-26 22:39 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-12-26 22:39 - 2015-05-04 23:33 - 13427712 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-12-26 22:39 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-12-26 22:39 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-12-26 22:39 - 2015-05-04 23:32 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-12-26 22:39 - 2015-05-04 22:39 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-12-26 22:39 - 2015-05-04 22:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-12-26 22:37 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-12-26 22:37 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-12-26 22:37 - 2015-07-09 15:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-12-26 22:31 - 2015-07-18 16:41 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-12-26 22:26 - 2016-10-17 23:20 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-26 22:26 - 2016-10-17 23:20 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 01019904 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-26 22:26 - 2016-10-17 23:19 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-26 22:26 - 2016-10-17 23:19 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:05 - 00807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-26 22:26 - 2016-10-17 23:04 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-12-26 22:26 - 2016-10-17 23:04 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-12-26 22:26 - 2016-10-17 23:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-12-26 22:26 - 2016-10-17 23:04 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-12-26 22:26 - 2016-10-07 17:13 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-26 22:26 - 2016-10-07 17:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-26 22:26 - 2016-10-07 16:52 - 00573952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-12-26 22:26 - 2016-10-07 16:51 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-26 22:24 - 2016-02-06 03:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-12-26 22:24 - 2014-10-10 02:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-12-26 22:24 - 2014-10-10 02:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-26 22:24 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-26 22:24 - 2014-10-10 00:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-26 22:24 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-26 22:22 - 2016-08-03 17:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-12-26 22:22 - 2016-08-03 16:45 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-12-26 22:22 - 2016-08-03 15:41 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-12-26 22:22 - 2016-08-03 15:40 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-12-26 22:22 - 2016-08-03 15:40 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-12-26 22:20 - 2016-11-16 18:20 - 00364776 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-26 22:20 - 2016-05-10 16:55 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-12-26 22:20 - 2016-05-10 16:54 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-12-26 22:20 - 2016-05-10 16:54 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-12-26 22:20 - 2016-05-10 15:55 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-12-26 22:20 - 2016-05-10 15:55 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-12-26 22:20 - 2016-05-10 15:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-12-26 22:16 - 2014-06-06 05:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-12-26 22:16 - 2014-06-06 05:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-12-26 22:12 - 2016-12-26 22:12 - 00541952 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuMSI7623.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 00013972 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuUI7623.txt
2016-12-26 22:12 - 2015-07-29 01:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-26 22:12 - 2015-07-29 01:31 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-12-26 22:12 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-12-26 22:12 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-12-26 22:12 - 2014-10-03 02:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-12-26 22:12 - 2014-10-03 02:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-12-26 22:12 - 2014-10-03 02:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-12-26 22:12 - 2014-10-03 02:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-12-26 22:12 - 2014-10-03 02:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-12-26 22:12 - 2014-10-03 00:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2016-12-26 22:11 - 2016-12-26 22:12 - 01303922 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64MSI7583.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 00014024 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64UI7583.txt
2016-12-26 22:09 - 2015-04-24 16:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-12-26 22:09 - 2015-04-24 16:41 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-12-26 22:07 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-12-26 22:07 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-12-26 22:07 - 2015-11-10 17:40 - 01683968 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-12-26 22:07 - 2015-11-10 17:40 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-12-26 22:07 - 2015-01-29 02:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-12-26 22:07 - 2015-01-29 02:33 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-12-26 22:06 - 2015-03-05 03:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-12-26 22:06 - 2015-03-05 02:58 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-12-26 22:06 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-12-26 22:06 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-12-26 22:06 - 2014-12-06 03:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-12-26 22:06 - 2014-12-06 03:54 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-12-26 22:06 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-12-26 22:06 - 2014-08-27 01:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-12-26 22:05 - 2015-07-21 16:50 - 00154048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2016-12-26 22:05 - 2015-07-21 16:50 - 00068544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-12-26 22:05 - 2015-07-21 16:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-12-26 22:05 - 2015-07-21 16:40 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2016-12-26 22:05 - 2015-04-11 00:33 - 00384512 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-12-26 22:05 - 2015-04-11 00:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\services.exe
2016-12-26 22:05 - 2014-12-06 03:54 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-12-26 22:04 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-12-26 22:04 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-12-26 22:04 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-12-26 22:04 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-12-26 22:04 - 2015-11-13 16:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-12-26 22:03 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-12-26 22:03 - 2014-10-24 01:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdohlp.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-12-26 22:02 - 2016-01-30 04:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbeio.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasads.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasdatastore.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-12-26 22:02 - 2016-01-30 03:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-12-26 22:02 - 2016-01-30 03:44 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-12-26 22:02 - 2016-01-30 03:43 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-12-26 22:02 - 2016-01-30 03:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-12-26 22:02 - 2016-01-30 03:43 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-12-26 22:02 - 2016-01-30 03:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-12-26 22:02 - 2016-01-30 02:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-12-26 22:02 - 2016-01-30 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iashost.exe
2016-12-26 22:02 - 2014-09-05 00:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-12-26 22:01 - 2015-08-05 16:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-12-26 22:00 - 2016-11-20 17:57 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-26 22:00 - 2016-11-20 15:16 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-26 22:00 - 2016-11-20 15:13 - 00521448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-26 22:00 - 2016-11-20 15:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-26 22:00 - 2016-10-08 17:08 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-26 22:00 - 2016-10-08 17:07 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-26 22:00 - 2016-10-08 16:51 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-26 22:00 - 2016-08-10 17:12 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-26 22:00 - 2016-08-10 17:12 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-26 22:00 - 2016-08-10 16:44 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-26 22:00 - 2016-08-10 16:43 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-26 22:00 - 2016-05-14 16:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-26 22:00 - 2016-05-14 16:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-26 22:00 - 2016-03-18 19:15 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-26 22:00 - 2016-02-06 03:12 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-26 22:00 - 2016-02-06 03:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-26 22:00 - 2016-02-06 03:01 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-26 22:00 - 2016-02-06 02:59 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-26 22:00 - 2015-06-27 15:30 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-26 22:00 - 2015-06-27 15:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-26 22:00 - 2015-01-09 01:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-26 21:59 - 2016-11-08 18:10 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-26 21:59 - 2016-11-08 18:01 - 02264576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-26 21:59 - 2015-10-13 15:45 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-12-26 21:59 - 2015-10-13 15:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-12-26 21:59 - 2015-06-17 16:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-26 21:59 - 2015-06-17 16:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-26 21:59 - 2014-06-02 22:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-26 21:59 - 2014-06-02 22:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-26 21:59 - 2014-06-02 22:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-26 21:59 - 2014-06-02 21:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-26 21:59 - 2014-06-02 11:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-26 21:59 - 2014-06-02 11:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-26 21:56 - 2016-10-17 23:19 - 00975872 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-26 21:56 - 2016-10-17 23:04 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-26 21:56 - 2016-09-15 01:23 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-26 21:56 - 2016-09-15 01:01 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-12-26 21:56 - 2016-04-09 21:53 - 00901352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-12-26 21:56 - 2016-04-09 21:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00726016 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-12-26 21:55 - 2016-05-12 16:56 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-12-26 21:55 - 2016-05-12 16:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-12-26 21:55 - 2016-05-12 16:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-12-26 21:55 - 2016-05-12 16:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-12-26 21:55 - 2016-05-12 16:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-12-26 21:53 - 2016-02-02 16:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-12-26 21:49 - 2016-11-20 18:12 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-26 21:49 - 2016-11-20 17:55 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-26 21:49 - 2015-07-01 16:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-12-26 21:49 - 2015-07-01 16:43 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-12-26 21:17 - 2014-01-30 11:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-12-26 21:17 - 2014-01-30 08:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-12-26 21:17 - 2013-10-11 05:23 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-12-26 21:17 - 2013-10-11 05:23 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-12-26 21:17 - 2013-10-11 03:29 - 00217074 _____ C:\Windows\system32\WFP.TMF
2016-12-26 21:17 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-12-26 21:16 - 2016-11-09 01:44 - 18807296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-26 21:16 - 2016-11-09 01:41 - 02351104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-26 21:16 - 2016-11-09 01:36 - 10941952 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 01392640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-26 21:16 - 2016-11-09 01:34 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-26 21:16 - 2016-11-09 01:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-26 21:16 - 2016-11-09 01:33 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-26 21:16 - 2016-11-09 01:33 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-12-26 21:16 - 2016-11-09 01:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-12-26 21:16 - 2016-11-09 01:06 - 01815552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-26 21:16 - 2016-11-09 01:05 - 12841472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-26 21:16 - 2016-11-09 01:03 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-26 21:16 - 2016-11-09 01:02 - 09756160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-26 21:16 - 2016-11-09 01:01 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-26 21:16 - 2016-11-09 01:01 - 01129984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 01805312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-26 21:16 - 2016-11-09 01:00 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-26 21:16 - 2016-11-09 01:00 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-26 21:16 - 2016-11-09 00:59 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-12-26 21:16 - 2016-11-09 00:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-12-26 21:16 - 2014-04-05 10:10 - 01422784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-12-26 21:16 - 2013-10-03 16:02 - 01278976 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-26 21:16 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-26 21:15 - 2013-10-22 10:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-12-26 21:15 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-12-26 21:15 - 2013-10-11 05:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-12-26 21:15 - 2013-10-11 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-12-26 21:15 - 2013-10-11 03:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-12-26 21:15 - 2013-10-11 03:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-12-26 21:15 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-12-26 21:15 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-12-26 21:15 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2016-12-26 21:15 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-12-26 21:15 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-12-26 18:22 - 2016-11-08 16:49 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-26 17:46 - 2016-09-08 15:39 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-12-26 17:46 - 2016-09-08 15:39 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-12-26 17:36 - 2016-12-26 17:36 - 00001628 _____ C:\Users\Suiolirim\Downloads\sg_backup_2016-12-26-1736.spg
2016-12-25 17:11 - 2016-12-25 17:11 - 00383208 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01561600 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01154560 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00486912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-12-25 17:07 - 2016-12-25 17:07 - 00000041 _____ C:\Windows\woubak-pwrscheme-temp.txt
2016-12-25 17:07 - 2016-12-25 17:07 - 00000041 _____ C:\Windows\woubak-pwrscheme-act.txt
2016-12-24 20:29 - 2016-12-30 11:32 - 00002894 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Suiolirim)
2016-12-24 20:29 - 2016-12-24 20:31 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\IObit
2016-12-24 20:29 - 2016-12-24 20:30 - 00002083 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-12-24 20:29 - 2016-12-24 20:29 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-12-24 20:29 - 2016-12-24 20:29 - 00003262 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\Windows\IObit
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\ProgramData\ProductData
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-12-24 20:28 - 2016-12-25 12:53 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\IObit
2016-12-24 20:03 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\AVG
2016-12-24 20:02 - 2016-12-24 20:02 - 00000805 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-12-24 20:02 - 2016-12-24 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-12-24 19:59 - 2016-12-24 19:59 - 00000000 ___HD C:\$AVG
2016-12-24 19:57 - 2016-12-30 11:31 - 00000000 ____D C:\ProgramData\MFAData
2016-12-24 19:57 - 2016-12-24 19:57 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\MFAData
2016-12-24 19:52 - 2016-12-29 11:45 - 00003564 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-24 19:52 - 2016-12-24 19:57 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-24 19:52 - 2016-12-24 19:52 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\CEF
2016-12-24 19:50 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Avg
2016-12-24 19:50 - 2016-12-24 19:59 - 00000000 ____D C:\ProgramData\Avg
2016-12-24 19:50 - 2016-12-24 19:56 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\AvgSetupLog
2016-12-24 18:53 - 2016-12-24 18:53 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000UA
2016-12-24 18:53 - 2016-12-24 18:53 - 00003368 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000Core
2016-12-24 17:57 - 2016-12-29 19:03 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Mozilla
2016-12-24 17:56 - 2016-12-24 18:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-24 17:24 - 2016-12-28 11:52 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-24 17:24 - 2016-12-24 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-24 17:24 - 2016-12-24 17:24 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-24 17:24 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-24 17:24 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-01 02:18 - 2016-12-01 02:18 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-30 08:04 - 2016-11-30 08:04 - 00298240 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-30 11:30 - 2013-10-30 09:29 - 00000000 ____D C:\FRST
2016-12-30 11:26 - 2010-02-11 14:51 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-12-30 11:26 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-30 11:26 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-30 11:26 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-29 19:04 - 2006-11-02 16:42 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-29 13:39 - 2009-02-04 13:54 - 00001064 _____ C:\Windows\Tasks\Google Software Updater.job
2016-12-28 21:20 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\tracing
2016-12-28 00:08 - 2009-02-02 17:50 - 00000000 ____D C:\Users\Suiolirim\Documents\TrackMania
2016-12-27 21:48 - 2013-10-29 21:26 - 00000000 ____D C:\AdwCleaner
2016-12-27 21:48 - 2009-04-05 13:25 - 00000680 __RSH C:\Users\Suiolirim\ntuser.pol
2016-12-27 21:48 - 2009-02-02 15:45 - 00000000 ____D C:\Users\Suiolirim
2016-12-27 21:41 - 2009-03-01 14:20 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-27 21:11 - 2011-09-19 15:13 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-27 19:10 - 2011-03-20 18:28 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\Auslogics
2016-12-27 13:24 - 2013-10-29 21:41 - 00000000 ____D C:\Windows\ERUNT
2016-12-27 13:15 - 2008-09-13 06:16 - 00696342 _____ C:\Windows\system32\perfh007.dat
2016-12-27 13:15 - 2008-09-13 06:16 - 00156498 _____ C:\Windows\system32\perfc007.dat
2016-12-27 13:15 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\inf
2016-12-27 13:15 - 2006-11-02 13:46 - 01632730 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-27 12:48 - 2009-07-06 19:46 - 01608186 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-27 01:32 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache
2016-12-27 01:07 - 2009-02-02 17:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-27 00:37 - 2006-11-02 16:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-12-27 00:37 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-12-27 00:37 - 2006-11-02 14:33 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-27 00:36 - 2013-10-31 16:07 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-12-27 00:36 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-12-26 23:29 - 2013-07-15 18:55 - 00000000 ____D C:\Windows\system32\MRT
2016-12-26 23:23 - 2006-11-02 13:35 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-12-26 22:24 - 2010-06-05 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-26 18:26 - 2006-11-02 16:21 - 00463984 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-25 15:26 - 2013-06-10 15:07 - 00000000 ____D C:\Program Files (x86)\DevPro
2016-12-25 15:12 - 2010-08-06 15:08 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-12-25 15:08 - 2008-09-12 20:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-25 15:03 - 2011-05-08 15:32 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Unity
2016-12-25 15:02 - 2009-02-15 14:57 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Macromedia
2016-12-25 15:02 - 2009-02-02 16:04 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Adobe
2016-12-25 15:02 - 2009-02-02 16:01 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-12-25 15:02 - 2008-09-12 20:56 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-24 20:29 - 2011-03-02 13:42 - 00000000 ____D C:\ProgramData\IObit
2016-12-24 20:29 - 2011-03-02 13:41 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-24 20:02 - 2011-04-22 15:49 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\TuneUp Software
2016-12-24 19:50 - 2009-05-23 09:33 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Downloaded Installations
2016-12-24 18:58 - 2013-02-08 16:54 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-24 18:58 - 2013-02-08 16:54 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-24 18:52 - 2013-02-28 15:51 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148260198865912
2016-12-24 18:52 - 2013-02-08 16:55 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148260198784910
2016-12-24 18:51 - 2013-02-08 16:55 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148260198497907
2016-12-24 18:40 - 2012-04-25 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-24 17:59 - 2011-10-08 14:11 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-24 17:46 - 2009-02-02 16:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-24 17:40 - 2010-05-26 13:15 - 00002059 _____ C:\Users\Suiolirim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-24 17:33 - 2009-02-02 15:46 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Adobe
2016-12-24 17:24 - 2013-01-06 19:32 - 00000903 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-24 17:24 - 2013-01-06 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-12-24 17:24 - 2009-05-20 15:05 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\Malwarebytes
2016-12-24 17:24 - 2009-05-20 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-24 17:19 - 2011-06-15 13:27 - 00002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-12-24 17:18 - 2009-06-30 14:25 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-24 17:18 - 2009-06-30 14:25 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-03-08 16:33 - 2013-03-08 16:33 - 0000191 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFX5SA.log
2011-03-13 12:04 - 2011-03-13 12:22 - 0000041 _____ () C:\Users\Suiolirim\AppData\Roaming\TheHunterSettings_live.cfg
2011-02-21 12:25 - 2015-04-06 15:39 - 0000254 _____ () C:\Users\Suiolirim\AppData\Roaming\wklnhst.dat
2009-03-08 16:26 - 2010-02-27 16:31 - 0001100 _____ () C:\Users\Suiolirim\AppData\Local\d3d8caps.dat
2009-05-09 19:07 - 2013-05-16 12:56 - 0001356 _____ () C:\Users\Suiolirim\AppData\Local\d3d9caps.dat
2009-02-22 20:10 - 2010-04-14 12:51 - 0001460 _____ () C:\Users\Suiolirim\AppData\Local\d3d9caps64.dat
2009-02-02 19:46 - 2009-12-20 19:22 - 0007168 _____ () C:\Users\Suiolirim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-03-27 22:02 - 2015-04-09 13:40 - 0348394 _____ () C:\Users\Suiolirim\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2010-03-27 22:02 - 2010-03-27 22:02 - 0000002 _____ () C:\Users\Suiolirim\AppData\Local\dd_dotnetfx35error.txt
2010-03-27 22:02 - 2015-04-09 13:40 - 0240504 _____ () C:\Users\Suiolirim\AppData\Local\dd_dotnetfx35install.txt
2009-06-09 13:57 - 2009-06-09 13:57 - 0402640 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI0710.txt
2013-02-08 16:54 - 2013-02-08 16:54 - 0364352 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI08CA.txt
2009-06-09 14:00 - 2009-06-09 14:00 - 0415660 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI08CC.txt
2010-04-02 18:56 - 2010-04-02 18:58 - 0418332 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI110D.txt
2010-04-02 18:58 - 2010-04-02 18:58 - 0407074 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI1295.txt
2010-03-30 13:17 - 2010-03-30 13:17 - 0442364 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI2358.txt
2011-09-16 15:05 - 2011-09-16 15:05 - 0512626 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI24ED.txt
2011-05-18 11:52 - 2011-05-18 11:52 - 0361952 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI3D99.txt
2010-08-06 15:09 - 2010-08-06 15:09 - 0427316 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI57C6.txt
2011-05-06 16:16 - 2011-05-06 16:16 - 0366200 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI5DE5.txt
2009-10-12 06:43 - 2009-10-12 06:43 - 0366808 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI60F5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0353238 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI62B5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0400340 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI62BC.txt
2011-05-04 11:26 - 2011-05-04 11:26 - 0360800 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI639F.txt
2009-04-04 11:15 - 2009-04-04 11:15 - 0417434 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI6604.txt
2011-05-12 20:38 - 2011-05-12 20:38 - 0427518 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI7AB9.txt
2011-04-19 15:13 - 2011-04-19 15:13 - 0364108 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI7CE1.txt
2009-06-09 13:57 - 2009-06-09 13:57 - 0012046 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI0710.txt
2013-02-08 16:54 - 2013-02-08 16:54 - 0014102 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI08CA.txt
2009-06-09 14:00 - 2009-06-09 14:00 - 0012158 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI08CC.txt
2010-04-02 18:56 - 2010-04-02 18:58 - 0016562 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI110D.txt
2010-04-02 18:58 - 2010-04-02 18:58 - 0016042 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI1295.txt
2010-03-30 13:17 - 2010-03-30 13:17 - 0013882 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI2358.txt
2011-09-16 14:31 - 2011-09-16 15:06 - 0016292 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI24ED.txt
2011-05-18 11:52 - 2011-05-18 11:52 - 0013346 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI3D99.txt
2010-08-06 15:09 - 2010-08-06 15:09 - 0013538 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI57C6.txt
2011-05-06 16:16 - 2011-05-06 16:16 - 0015098 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI5DE5.txt
2009-10-12 06:43 - 2009-10-12 06:43 - 0011170 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI60F5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0014622 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI62B5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0014390 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI62BC.txt
2011-05-04 11:26 - 2011-05-04 11:26 - 0013298 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI639F.txt
2009-04-04 11:15 - 2009-04-04 11:15 - 0011410 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI6604.txt
2011-05-12 20:38 - 2011-05-12 20:38 - 0014288 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI7AB9.txt
2011-04-19 15:13 - 2011-04-19 15:13 - 0014346 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI7CE1.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 0541952 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuMSI7623.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 0013972 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuUI7623.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 1303922 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64MSI7583.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 0014024 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64UI7583.txt
2011-04-03 19:15 - 2011-04-03 19:15 - 0000096 _____ () C:\Users\Suiolirim\AppData\Local\fusioncache.dat
2010-03-27 22:02 - 2015-04-09 13:40 - 0006904 _____ () C:\Users\Suiolirim\AppData\Local\uxeventlog.txt
2011-10-15 14:44 - 2011-10-15 14:45 - 0001850 _____ () C:\ProgramData\1318686248.2288.bin
2011-04-19 16:50 - 2011-04-27 12:01 - 1555999 _____ () C:\ProgramData\bdinstall.bin
2008-09-12 21:06 - 2008-09-12 21:06 - 0000349 _____ () C:\ProgramData\hpzinstall.log
2009-12-18 20:20 - 2009-12-18 20:20 - 0000000 _____ () C:\ProgramData\leverage.drm.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Suiolirim\hash.dat


Einige Dateien in TEMP:
====================
C:\Users\Suiolirim\AppData\Local\temp\libeay32.dll
C:\Users\Suiolirim\AppData\Local\temp\msvcr120.dll
C:\Users\Suiolirim\AppData\Local\temp\sqlite3.dll


Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-30 11:33

==================== Ende von FRST.txt ============================
         
__________________

Alt 30.12.2016, 14:49   #19
Suiolirim
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Suiolirim (30-12-2016 11:33:58)
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-02-02 13:39:16)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1653470619-1168622029-2061882709-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1653470619-1168622029-2061882709-1004 - Limited - Enabled)
Gast (S-1-5-21-1653470619-1168622029-2061882709-501 - Limited - Disabled)
Suiolirim (S-1-5-21-1653470619-1168622029-2061882709-1000 - Administrator - Enabled) => C:\Users\Suiolirim

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

A.V.A (HKLM-x32\...\{42AF51C0-4028-46CF-B616-FB1F75286457}) (Version: 24.18.03866 - A.V.A)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Reader X (10.1.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AVG (Version: 16.141.7996 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4749 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.141.7996 - AVG Technologies)
Bloodline Champions (HKLM-x32\...\{6C90C4C4-559D-4FE8-A4BF-37550E74D1FC}) (Version: 1.0.0 - Stunlock Studios)
Cards_Calendar_OrderGift_DoMorePlugout (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: .1707 - CyberLink Corp.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Free Audio CD Burner version 1.2 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.2 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Limited.)
Google Chrome (HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Hardware Diagnose Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.0.26 - S2 Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Advisor (HKLM-x32\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.9152.3107 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Demo (HKLM-x32\...\{97ABD26A-3249-46CB-B2E2-F66E64B2E480}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM-x32\...\{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}) (Version: 5.7.0.2693 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.2.3309 - Hewlett-Packard)
HP My Display (HKLM-x32\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 1.36.003 - Portrait Displays, Inc.)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Update (HKLM-x32\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
igLoader (HKLM\...\igLoader) (Version: 3.0.0.0 - Indiepath Ltd)
ijji REACTOR (HKLM-x32\...\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}) (Version: 1.00.0000 - ijji)
JDownloader 0.9 (HKLM-x32\...\1489-3350-5074-6281) (Version: 0.9 - AppWork GmbH)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2913 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.50.1040 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}) (Version: 12.00.1280 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.0) (Version: 12.0.1278 - Logitech Inc.)
Mafia II - Demo (HKLM-x32\...\Steam App 50280) (Version:  - 2K Czech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM-x32\...\{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}) (Version: 6.10.050 - muvee Technologies)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version:  - NCsoft)
Neffy 1,3,29,0 (HKLM-x32\...\Neffy) (Version: 1,3,29,0 - CDNetworks)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.80.5.1 - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{C50EF365-2898-489A-B6C7-30DAA466E9A2}) (Version: 7.1.23.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.40.6 - Nokia)
Nokia PC Suite (x32 Version: 7.1.40.6 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Optimierte Multimedia-Tastatur-Lösung (HKLM-x32\...\KBD) (Version:  - Hewlett-Packard)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.2 - Pando Networks Inc.)
PC Connectivity Solution (HKLM-x32\...\{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}) (Version: 9.44.0.3 - Nokia)
Pivot Software (x32 Version: 8.21.013 - Portrait Displays, Inc.) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.4109 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2926 - CyberLink Corp.)
PowerDirector (x32 Version: 6.5.2926 - CyberLink Corp.) Hidden
Pro Evolution Soccer 2013 DEMO2 (HKLM-x32\...\{E244E649-B7FB-4644-B387-CA882AEC7577}) (Version: 1.00.0000 - KONAMI)
PSSWCORE (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
Python 2.5.2 (HKLM-x32\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
SDK (x32 Version: 1.40.002 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1405.0 - Hi-Rez Studios)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
sp41119 (HKLM\...\sp41119) (Version:  - Hewlett-Packard)
sp44626 (HKLM-x32\...\sp44626) (Version:  - Hewlett-Packard)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spider-Man(TM) - Web of Shadows (x32 Version: 1.0 - Activision) Hidden
Spider-Man(TM) - Web of Shadows 1.1 Patch (x32 Version:  - ) Hidden
Spider-Man(TM) - Web of Shadows 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Spider-Man(TM) - Web of Shadows-Spiel (HKLM-x32\...\InstallShield_{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}) (Version: 1.1 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Suffering (remove only) (HKLM-x32\...\The Suffering) (Version: 1.7.0.11.2.4.3 - Midway Home Entertainment Inc.)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6.0 - Texas Instruments Incorporated)
Tiggit (HKLM-x32\...\{B2F036FE-A916-4EBB-8621-5403444940D3}_is1) (Version:  - )
TmNationsForever Update 2010-03-15 (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.980.1 - Hi-Rez Studios)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoToolkit01 (x32 Version: 110.0.171.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.4) (HKLM\...\8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA) (Version: 06/01/2009 7.01.0.4 - Nokia)
Windows-Treiberpaket - Nokia Modem  (10/05/2009 4.2) (HKLM\...\05B59228C7E1C21DFBE89260F879BD95880548D8) (Version: 10/05/2009 4.2 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\ChromeHTML: -> C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03324EB8-3058-4313-B9EE-950B21C99340} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster\AutoUpdate.exe
Task: {0876C721-124D-482C-99CC-C227984A5313} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000Core => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {1999CD70-9319-4CFE-A0BA-D9C090D34E00} - System32\Tasks\{BEE4217B-8ABE-4656-AF30-A1E53573390E} => pcalua.exe -a C:\Users\Suiolirim\Downloads\codec_sniper.exe -d C:\Users\Suiolirim\Downloads
Task: {371EDA46-91D3-487E-8BFB-AD3438044152} - System32\Tasks\{C47CCFEC-B5BF-4BDC-B6AC-ECF2C3FFBE23} => pcalua.exe -a C:\Users\Suiolirim\Downloads\sp39950.exe -d C:\Users\Suiolirim\Downloads
Task: {37241EC8-CE22-470A-8D14-C4635CA28E96} - System32\Tasks\Google Updater and Installer => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {3C04BABF-0B0E-41B2-9840-775B8BE83B34} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {468EF5B9-5FB1-4743-B57F-2607EADD3A6C} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {69DE6AF7-90C9-49F6-AD87-448F63F65C7B} - System32\Tasks\{8882EA47-8D98-4195-8E81-8829D8EE1259} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {6A195D19-2393-44E7-8047-5B955D53D3A2} - System32\Tasks\Driver Booster SkipUAC (Suiolirim) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {797F9A29-E4B1-4A89-95EC-E0C6390E174A} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {909EF21F-8367-4215-B19B-D2D63CD93DE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {A70CC805-CD67-4C58-8BA3-C23E1D557A95} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {AAF676D5-7928-48FE-847C-178D6882F5E0} - System32\Tasks\{07BB79A0-80F9-418A-AABC-0A8C1849E8E6} => pcalua.exe -a C:\Users\Suiolirim\Downloads\Shockwave_Installer_Slim.exe -d C:\Users\Suiolirim\Downloads
Task: {B9494889-CE9C-4519-B409-3E15B8F62C99} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-14] (Google) <==== ACHTUNG
Task: {CC5DB0D3-211A-4178-AAC6-8C2DD660C736} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE551541-E9D7-4613-AC11-CAD718A79641} - System32\Tasks\{427676C2-46CD-43AE-B1E5-74F84C5F9AEB} => pcalua.exe -a E:\eauninstall.exe -d E:\
Task: {D078570E-9D97-4A49-A19A-5B2BDC527CD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {E396FCA1-66F1-4B58-A20C-846BE4DB237A} - System32\Tasks\{473F0C77-2CCD-4EDB-BA86-019EA51AA096} => pcalua.exe -a "C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe" -d "C:\Program Files (x86)\ICQ6Toolbar"
Task: {EEAE5D3F-FDF6-4E0B-901C-F530C5162126} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {F0C531CD-5438-4DB3-8688-84F50D9FD370} - System32\Tasks\{CE75FCDC-B7D3-434D-8B4F-3FDBAF6014C1} => pcalua.exe -a C:\Users\Suiolirim\Downloads\UDKInstall-UncleFred.exe -d C:\Users\Suiolirim\Downloads
Task: {FF994E75-520F-481A-9643-222BEA60F6CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000UA => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A5EDC403-DA13-4BD5-8F96-610C0E80242D}.job => C:\Windows\system32\msfeedssync.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Suiolirim\Desktop\Desktop\Spiele\A.V.A.lnk -> C:\Program Files (x86)\ijji\ijji REACTOR\REACTOR.exe (NHN Corporation) -> redirect:hxxp://reactor.ijji.com/index.nhn?gameid=u_ava

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-06-03 11:35 - 2013-04-30 03:46 - 00045056 _____ () C:\Windows\system32\atitmp64.dll
2009-02-05 16:19 - 2008-07-14 13:43 - 00069632 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
2016-12-24 19:52 - 2016-12-24 19:51 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B [286]
AlternateDataStreams: C:\ProgramData\TEMP:364682BC [234]
AlternateDataStreams: C:\ProgramData\TEMP:BD36345D [200]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7582 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7478 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 13:34 - 2013-10-30 16:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Suiolirim\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^Users^Suiolirim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Suiolirim\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Suiolirim\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => %SystemRoot%\system32\dfsr.exe
FirewallRules: [{142CF540-DB64-465E-A8C1-9F78FA381836}] => c:\Program Files (x86)\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{B71241FB-92BA-49E3-A31E-3A7F3F0DFD3A}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{A17A4EDB-D87B-4B68-A02B-747FAC300F23}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{0BDA7AAB-DCA1-435C-A48F-6E216D97E904}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{666B2C21-AD76-4154-880B-30198A16A391}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{9916A79E-A0E1-448C-9440-99A722F4A146}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{940E7A3E-C940-423C-AD06-29A4B695EADE}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{1BB2C654-2F8B-4A45-A6A5-E0D583FCCFF0}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{1920CFB5-3D03-45C7-9232-7316A42DA08F}C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe] => C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{801523C9-9625-4A22-B5DA-012AB9CDBBE6}C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe] => C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{296C58F4-423F-4733-A6C8-0266D853859F}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{BB74B909-F12D-4DC5-AA76-EC51D725D96A}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{FF0D0FF4-F437-4C3E-8D79-4B926E9D2389}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [TCP Query User{6E4270A5-4F0B-497B-BD9E-9806BC81A6BA}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C5820BA9-E570-4520-B7AC-772C07A81D24}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{15D6A789-2649-4B96-80F0-F825DF2AD011}] => C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{BEE99D8C-1502-4FF9-B3E3-1923215121C4}] => C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [TCP Query User{9AF4BE5F-C323-4E8D-AB2C-92559E9024F6}C:\ijji\english\ava\binaries\ava.exe] => C:\ijji\english\ava\binaries\ava.exe
FirewallRules: [UDP Query User{1C7EA198-6846-4BA1-B6B9-BC20A756C3EE}C:\ijji\english\ava\binaries\ava.exe] => C:\ijji\english\ava\binaries\ava.exe
FirewallRules: [{E3240DF4-D51C-4D38-9EAB-623834D37138}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{820FCAF3-31E0-4205-B709-F34BFBB6CA59}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{C290CB18-BDDD-4357-8C8A-B9B268D7AA7A}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{14D48E4D-66F0-4E59-9D3C-F365B36C3768}] => LPort=8394
FirewallRules: [{D2764897-B2FE-4D38-83AC-3A21A01D18D7}] => LPort=8394
FirewallRules: [{C5A80CCF-0D8F-45A8-9397-820E756CBD92}] => LPort=6983
FirewallRules: [{2779EC5B-8F17-44FB-8EAA-4402A80FC8C2}] => LPort=6983
FirewallRules: [{A96A26A7-A94C-4032-97BB-8400AB0A5626}] => LPort=6895
FirewallRules: [{2FD91BFF-97D6-4913-9AD5-A222762A64D6}] => LPort=6895
FirewallRules: [{8DF2CC18-8566-4E98-A4B6-BFA8FF2D5F89}] => LPort=8394
FirewallRules: [{C6A02ED0-E470-444A-B0CF-8752F9177DF1}] => LPort=8394
FirewallRules: [{E1ED97B3-7BD3-4BCE-9F93-B6934D645BD8}] => LPort=6971
FirewallRules: [{3ECC23F2-B8A7-4727-91CA-32BA5732E411}] => LPort=6971
FirewallRules: [{A9804527-902B-430E-8E68-627A9C721CFD}] => LPort=6992
FirewallRules: [{F9EDCFA4-89A5-4DB2-B0DB-343725E338D6}] => LPort=6992
FirewallRules: [{A04224C7-1161-4930-A4A1-71B503C62F2A}] => LPort=8395
FirewallRules: [{AAEE3DC0-D134-4141-9029-735A288FB41B}] => LPort=8395
FirewallRules: [{A7A12F77-9901-4FBD-B010-1B8D18D431B5}] => LPort=6989
FirewallRules: [{A10E189B-D236-4463-9DD8-3F7812C74C96}] => LPort=6989
FirewallRules: [{6D96D44D-BDD6-44C7-BFBE-3031B0AD141D}] => LPort=8396
FirewallRules: [{AD3D861F-41C7-45FC-989B-F567BB336D85}] => LPort=8396
FirewallRules: [{9A3E605E-B6AE-4B4D-9F78-7211B2D7ABD0}] => LPort=6987
FirewallRules: [{CD230630-6598-460B-A8DF-9E8CB966BF04}] => LPort=6987
FirewallRules: [TCP Query User{E1FF3428-E405-42AA-8F4E-F62BBC6563C2}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{7B2F750A-F25D-4AC8-94EE-784E2D6E7B7D}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{A5014B5F-EB16-458A-9B18-0E192C5479C0}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{97D7FCFA-8F3D-45E9-9B9E-F41E726566A2}] => svchost.exe
FirewallRules: [{ED8D12EA-84FA-43BD-B4D5-84BB31EFF679}] => LPort=6969
FirewallRules: [{759E874B-F517-4DE1-9011-1548BAF9F2CB}] => LPort=6969
FirewallRules: [{12F593EB-C1D8-45C3-A234-FFB3507F4AA6}] => LPort=6887
FirewallRules: [{CE01052E-243A-4D1B-BACE-CBEEC2FA5B8D}] => LPort=6887
FirewallRules: [{161FFAA0-791D-42AB-A8F8-771AC048803C}] => LPort=6993
FirewallRules: [{E5446C2A-E718-4EB7-B98B-2E1DF101D142}] => LPort=6993
FirewallRules: [{93955E75-5EC8-45D8-8FC1-139404C5C7A3}] => LPort=6928
FirewallRules: [{5EFFC13D-8A46-4DCB-AC86-0F3C65BE1489}] => LPort=6928
FirewallRules: [{8776558C-D184-4828-8C7A-C5A089F5760A}] => LPort=6932
FirewallRules: [{A978E1E9-B712-476A-8D3D-0DEE1A19FA75}] => LPort=6932
FirewallRules: [{C0952C5D-9782-432C-9726-5B09B1F0D48E}] => LPort=6966
FirewallRules: [{99087EDA-484F-48C3-B6B0-1532CFF72BA0}] => LPort=6966
FirewallRules: [{BA80CDAD-145A-4D29-AE7F-0E1359A82B89}] => LPort=6951
FirewallRules: [{C863FF2E-1B91-4E0B-B75C-D1781ECD7FEA}] => LPort=6951
FirewallRules: [{61E53A93-0F1A-4FA4-9FD1-2DDCDBE0E9DC}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{91B6BA44-B87D-45E4-858F-743C7FD808A5}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{2116F8AC-598A-4C93-8182-BB9D504AED82}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{77CD8069-8BC3-45B6-A309-55A4A8F08FE4}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{50134214-C0A4-4EEC-95E0-75BCD64C2F2B}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{60570471-4616-4BC9-8FEA-1F2583535B30}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{CCFC29F3-1D6A-4CCF-ADA8-C96ADD82C573}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{3B453461-7FBC-40E2-83E7-AA2E0341CB95}] => LPort=80
FirewallRules: [{052CC513-CDE1-49FE-B133-1D21BBDBDABE}] => LPort=80
FirewallRules: [{B5E2656E-15C0-41B7-9769-A920CDEC2102}] => LPort=80
FirewallRules: [{4E0BA1D0-8A0D-41D0-A50A-135BF5479A13}] => LPort=6886
FirewallRules: [{162EFF4E-559C-42A4-AD5D-06A191ED3AEE}] => LPort=6886
FirewallRules: [{3E545E1E-550A-4926-A29E-B2BF6DE5C90F}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{B3979143-560D-4E60-9A26-988424B5CF5F}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{5AFEF734-8FF3-4146-87E4-AA5D6B810544}] => LPort=6942
FirewallRules: [{C710B987-8D89-4FF5-B0B3-842C96383D80}] => LPort=6942
FirewallRules: [TCP Query User{93AD976D-2DD9-46E3-81BB-807D48059F3D}C:\riot games\league of legends\lol.launcher.exe] => C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [UDP Query User{85D588FD-75AE-4335-9F6A-10DEA033EC54}C:\riot games\league of legends\lol.launcher.exe] => C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [TCP Query User{E7338126-609A-4EAC-B423-4F5526DC0D11}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{D6129EA7-10E2-4E43-9597-4B0D2D4DFC8C}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{A5D4D5B6-CDE6-4F47-BFBE-54245A900907}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0F000594-AA61-45E8-B4E2-0DA479D33ED5}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{170F4ADD-F2FA-4DDF-8B82-122EAFFA6D72}] => C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{37C7F240-4AD1-4FA7-8FF0-4C93A865B756}] => C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{61829264-178A-4C46-941D-14035D91AE3F}] => C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{30E6ACDF-B210-4870-9D13-EC3F5187EF55}] => C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{D9E8AC58-D0C3-4243-B21C-0EF4BE946695}] => C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{C7988D9A-6F21-4EDF-8FAF-F2DC42FB1150}] => C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F9220BDC-0B89-48B9-97C8-EEEA3D6547E6}] => C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{B43DB5D8-CF3B-413A-B2AC-AEEF5E428EE1}C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{DDEE711F-EA90-4CF9-B8AB-4A76BEE6C872}C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [TCP Query User{328D7D41-E260-4F31-9192-E0ACDF98B84C}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [UDP Query User{DF5BFEA2-C531-46AD-B058-644F3AD49A9E}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [TCP Query User{8C871AAA-97CE-4F37-B428-32981CCBF79E}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{0519083D-2865-45D7-B2E5-DB4347C1DE67}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{490F30FC-5C8B-4F68-82CB-0161A6091219}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{AC54CEF7-EF4E-4681-AE4C-E3FA25413122}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{221CD564-6E30-46D6-9E20-1A768EE03FB9}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{2D72EBD4-D438-4A2D-8AA7-05CABE373ABD}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [TCP Query User{A68F557A-9F61-474E-8175-F75A35B25C4E}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{55524AEE-DFDB-4B01-A374-DD3BCD83C159}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [{D21EAE32-A14F-49E1-9386-CD6ABD8F71CB}] => C:\Program Files (x86)\Steam\SteamApps\kedmaron\source sdk base 2007\hl2.exe
FirewallRules: [{32C7BBFE-2E99-4246-B40B-5584AA3EC12F}] => C:\Program Files (x86)\Steam\SteamApps\kedmaron\source sdk base 2007\hl2.exe
FirewallRules: [{06A4FD4D-085A-417A-AFDA-FD4A9F157F76}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{997517F3-F8E0-484A-A7E4-78B9A0E280C3}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{AF2831CF-3C76-4487-9E4F-B95FE3FD86C8}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{787C5A52-0D0A-4002-96E5-9688C88B0C93}] => C:\Program Files (x86)\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [TCP Query User{F36D63AD-DB72-4F02-803D-FC83F41E19F5}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{442F9794-F04B-47A3-865C-27B923C49C6A}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [TCP Query User{2AD5586E-7429-4E08-B9B9-F54C8F59DC33}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{9E3FAE17-C13A-4527-9254-6B9BB3EFBFC8}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [{CEB4543E-C57B-43FD-A6F4-AA7B227D2031}] => C:\Users\Suiolirim\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{9BE6A3EE-5667-4017-B5D9-C83797F59CF4}] => C:\Users\Suiolirim\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{DF792DD1-43ED-41D2-9F57-849F45725C7F}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{EDE7D6F0-5871-4845-B1A5-D7E22B23FEE7}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{83C90927-DA80-406F-B96A-43CBA6B95C83}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{9CF67B40-23CD-4756-BDB7-8BEF5012481B}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{5782FB5B-74E0-47CF-8B86-66DF517A6204}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E68A430B-2682-4D72-90C9-15B9B6847694}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3FCDC4A2-7E0E-41D4-8A86-CAAC7770CE23}C:\program files (x86)\orbitdownloader\orbitnet.exe] => C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{4F1E5257-F211-4208-B9B4-038E24F101AE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{123CBE76-2CF1-4915-A0F9-FD5CB8948EEE}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{A5042C3D-F620-42A4-A380-8F90788CFD4B}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{B2407D88-C8FB-47EF-86BD-6EF9D0F5F96F}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{CD37A3F8-B1F9-414D-98C5-13ED42373B90}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{01CF36B3-53D7-48B4-9B03-3251C957E619}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{0D6B3718-AF62-4995-A42C-634B511D87E3}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{368B8E69-5C8A-4808-8689-91DD33666A80}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{C8CF3C1D-C545-4CE2-8B24-3180A6C42E23}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{96F4B891-987E-452A-8688-2A1AE5AB2450}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe
FirewallRules: [UDP Query User{39A261AC-57D7-4222-9865-41279AA2CEEF}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe
FirewallRules: [TCP Query User{4A0BEB63-24CD-42F3-82EF-2AC6D1272F5A}C:\program files (x86)\lf2_v2.0a\lf2.exe] => C:\program files (x86)\lf2_v2.0a\lf2.exe
FirewallRules: [UDP Query User{B7159DF2-A378-4D19-885B-060C67C4736B}C:\program files (x86)\lf2_v2.0a\lf2.exe] => C:\program files (x86)\lf2_v2.0a\lf2.exe
FirewallRules: [{F053A9A1-EC50-494B-A6ED-30DED1174676}] => C:\Program Files (x86)\Electronic Arts\BattleForge\Bootstrapper.exe
FirewallRules: [{ECEF42B0-05D7-4A8B-B2D5-529BF3272D35}] => C:\Program Files (x86)\Electronic Arts\BattleForge\Bootstrapper.exe
FirewallRules: [{C254FA8F-C296-4875-88D9-F06A68F4FE1E}] => C:\Program Files (x86)\Electronic Arts\BattleForge\BattleForge.exe
FirewallRules: [{E4361063-FE81-404F-BD9A-C59F57562962}] => C:\Program Files (x86)\Electronic Arts\BattleForge\BattleForge.exe
FirewallRules: [TCP Query User{112D5F12-DE4E-4004-8692-A1ECBC54AE19}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [UDP Query User{6DBB1113-CA30-44DB-AA16-CC35918FCDCC}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [TCP Query User{1BE5DCA5-2A5E-40BF-921F-2839CF6F2E11}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [UDP Query User{B0B987FB-8864-4489-9068-8E6AB1310D4B}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [TCP Query User{F749247B-CA0E-4BD7-96B0-6A58B58D4D5A}C:\program files (x86)\runes of magic\client.exe] => C:\program files (x86)\runes of magic\client.exe
FirewallRules: [UDP Query User{3FA3A994-70B0-4072-8782-FAC5B7DFA64F}C:\program files (x86)\runes of magic\client.exe] => C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{D4CA132A-27A4-4CE8-BF4E-62AFAD46B7E5}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{638F4C0A-FFDE-4F03-ACC5-5BCAC95116B4}] => C:\WINDOWS\Temp\~os2F79.tmp\ossproxy.exe
FirewallRules: [{B75C269B-90FA-44DE-9C34-18B2932F28EE}] => C:\WINDOWS\Temp\~osFF46.tmp\ossproxy.exe
FirewallRules: [{75F3DB81-1D2E-4B89-AF6A-CFF76E7E550F}] => C:\WINDOWS\Temp\~os9D29.tmp\ossproxy.exe
FirewallRules: [TCP Query User{EABC7109-3C89-4250-9A38-66678391F70E}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [UDP Query User{C23095AC-B05A-4868-8487-F461563ADD37}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [TCP Query User{C7D693FF-A488-4E11-BCEB-309D1EFD3E32}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [UDP Query User{61E89F01-72B1-4A94-91BA-E0AC0F6026C8}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [TCP Query User{E3A69D0F-B2B8-4EB6-A704-D25F25197AB9}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [UDP Query User{47FE9A67-8C3A-42C1-A50E-B79A49945843}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [TCP Query User{C78CB71C-CC8F-4B76-ABF5-3D595AAB70F1}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [UDP Query User{2FAB23CD-A439-4EF8-AE65-5D7F7A462F36}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [{0FDC3F9C-04FE-492A-A79A-B02FAFE579F7}] => C:\Users\Suiolirim\AppData\Local\Temp\7zSE4C4.tmp\SymNRT.exe
FirewallRules: [{06C28427-8487-4CB0-9142-EDC4AFC7F72F}] => C:\Users\Suiolirim\AppData\Local\Temp\7zSE4C4.tmp\SymNRT.exe
FirewallRules: [{97CDE443-BC5A-421B-8A8A-3BB20F7DB2AE}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
FirewallRules: [{F0BD004A-576A-4377-9316-4ADD7FF18DC5}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
FirewallRules: [{FEC2E465-A314-4324-B91A-81E6BC2BCFA3}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{1D41AFF8-7624-4CC3-AF42-9062E776303E}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{EE479594-F653-4E16-B152-F8F14AFC937E}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{838348B6-1652-4D24-A732-DC46BC18CF50}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{E0289FFB-3EEF-4184-922D-0C8B46E30345}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{D8BD6308-CA1E-4029-B10D-B57683C3B311}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{AD13FE61-E214-4308-821B-52C3707F9AB6}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{8F00C1CB-3CA1-4895-9442-ABE57F581F08}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{4BE23B6B-C2FF-4CFF-880C-95309DB9787A}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{E3B6BD91-6567-47E3-ADAE-735B8943CEA1}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B92DEA49-6D76-4240-A313-E31E422B5115}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B62C89A7-6336-4307-A8B7-0E39807DFA7A}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B659E396-83DD-4484-A277-C39F12E853BD}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS681B.tmp\SymNRT.exe
FirewallRules: [{F576D727-7DEA-4496-A354-9BEDE7ADD1B2}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS681B.tmp\SymNRT.exe
FirewallRules: [{945CB294-6051-49AF-923F-43C432A68E10}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS5F26.tmp\SymNRT.exe
FirewallRules: [{4C6E9204-A037-420E-80BA-417E429CC713}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS5F26.tmp\SymNRT.exe
FirewallRules: [{0B2B42F7-1871-4B4E-BB35-828F2F9F8B1B}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{CBC7A2CD-E43E-4F6E-B6DA-9B28A5F44391}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{2AF45CE1-7A03-44D4-BBD6-7DCB490D5436}] => C:\Program Files (x86)\BitTorrent\bittorrent.exe
FirewallRules: [{070BA28A-1491-44DC-84B4-B20EBEDF6629}] => C:\Program Files (x86)\BitTorrent\bittorrent.exe
FirewallRules: [TCP Query User{DF740346-0168-4F28-80D6-69CD84AB20AA}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{4FD0DC72-B64A-4A45-8132-F59C028EEFFB}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [{E2D0B330-83EF-4332-8FA5-D2CE9A8643CE}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{A5D3560A-694E-415D-9081-53F7DFA5A692}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{53FD7FE9-28FC-4296-8B83-78B173776DEC}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{FDCA922A-E158-4E38-8E22-086CDA408762}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{7BE0E932-197D-4407-A713-9C998D0E4E91}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{E4E5FE6A-3176-4185-B524-A97D09D3AEB7}] => C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{CD3846B0-EF6A-45D0-A183-CE5B3C61CADD}] => C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{3577C9B0-D9C5-45F3-9D0A-FA1F6F058BF0}] => C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C441440-1B93-4701-913F-41774EA23F6B}] => C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{30B7C787-CBAF-4048-9796-DE3133FF112C}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe] => C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe
FirewallRules: [UDP Query User{8912F681-8E06-4AF3-B489-746C21EAB615}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe] => C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe
FirewallRules: [TCP Query User{96A221CB-F866-41A0-BE68-B18361907904}C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe] => C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe
FirewallRules: [UDP Query User{8B96A856-917C-4C6E-AD79-7AC5E155C364}C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe] => C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe
FirewallRules: [{D32E0499-661A-4779-8E26-5B587243BE7B}] => C:\Cs 1.6\Steam.exe
FirewallRules: [{FB6F4FD6-12BF-4D44-B281-8F4875B3124B}] => C:\Cs 1.6\Steam.exe
FirewallRules: [{D9EBE7F8-0324-4189-A9D6-EBB773C17F86}] => C:\Users\Suiolirim\AppData\Local\Temp\ijjiOptimizer.exe
FirewallRules: [{5BC5D678-A2FF-4647-B859-57F6E347DDCC}] => C:\Users\Suiolirim\AppData\Local\Temp\ijjiOptimizer.exe
FirewallRules: [TCP Query User{6385691A-9447-42C9-9B2E-B18E5D7DC435}C:\soldat2\soldat.exe] => C:\soldat2\soldat.exe
FirewallRules: [UDP Query User{3863E502-4198-464C-92B6-1F301BDCA9A8}C:\soldat2\soldat.exe] => C:\soldat2\soldat.exe
FirewallRules: [TCP Query User{698BE46D-87A0-430F-8586-23D12B1973AB}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [UDP Query User{DE05E973-9F2B-4456-ACF8-74AEF60577B7}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [TCP Query User{F2A7F3FC-EC6F-4171-94E6-924BC4F2FCEF}C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{7389077C-02F9-4FEA-AA26-BCFBBF712AE2}C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{DB6D63B3-092B-4426-ACC1-9DB22C3D4562}C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{2C0D4C1D-4428-41A9-ACD8-5AA5618786A5}C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{907CFEAA-1FF5-429F-821E-48D9A9F84A19}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{4A6C56D9-EDD1-4D26-B9DE-8C743448EB0A}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{C56193DC-E430-49A5-A8D4-4A4763E60F63}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{B1CA55F8-2A25-4619-87C9-EF2E0E1C993B}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{A4EB908A-D57C-44C7-89A2-77DADF45D973}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{6295282A-53FC-4AE1-A484-36D5BB4B92E6}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{CE6702D4-9DD4-49BC-B0A8-AF958F71E4AF}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{E29F5297-E873-42A0-A8D1-CE09E5A500C4}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [TCP Query User{1CFE621F-1CEB-4D76-AF71-0E4BDBA192AB}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [UDP Query User{97B0F469-9067-448C-A18C-2A09B05D25C7}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [{F10C861E-DC16-4269-9F30-AB88FE56A749}] => C:\Games\air\LolClient.exe
FirewallRules: [{04B84668-252C-4FDD-92ED-23C2734E1628}] => C:\Games\air\LolClient.exe
FirewallRules: [{8FDA3253-ED10-42EC-BB6C-EA6C9BD53C16}] => C:\Games\game\League of Legends.exe
FirewallRules: [{B07DED30-29DB-4594-B74D-FC2534A04BBE}] => C:\Games\game\League of Legends.exe
FirewallRules: [TCP Query User{BEBBC708-6C78-4F37-8031-EB723B05801E}C:\program files (x86)\heroes of newerth\hon.exe] => C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [UDP Query User{788B43DE-D4B1-4EA7-B4AD-8F282F438BCE}C:\program files (x86)\heroes of newerth\hon.exe] => C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [{6520B0AA-EC1D-4B8C-BB1C-111610C5CA53}] => C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{8D9EFAD6-AF8D-4146-A93F-D027958A96E3}] => C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{F7FEE872-64ED-4AF5-A018-D30D370C75E4}] => C:\Program Files (x86)\theHunter\game\theHunter.exe
FirewallRules: [{2B9C99B5-0242-4B3E-B995-965A00372346}] => C:\Program Files (x86)\theHunter\game\theHunter.exe
FirewallRules: [TCP Query User{EF27C3D8-398E-40A4-ADDC-D8BC95C3F684}C:\program files (x86)\devpro\devpro_lan.exe] => C:\program files (x86)\devpro\devpro_lan.exe
FirewallRules: [UDP Query User{33CAA96D-1711-4FFD-BD56-4F46464F9924}C:\program files (x86)\devpro\devpro_lan.exe] => C:\program files (x86)\devpro\devpro_lan.exe
FirewallRules: [TCP Query User{A9ED4002-7A57-48E7-B795-30595ACA2EA2}C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe
FirewallRules: [UDP Query User{06EB48A4-5422-4CAC-9EB9-9C7FAD04D9F8}C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe
FirewallRules: [TCP Query User{3EC0E2CF-DEA9-4C51-9947-CEC76A765BD2}C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe] => C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe
FirewallRules: [UDP Query User{61612DA4-F1E5-4BD4-B209-1133759DD96E}C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe] => C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe
FirewallRules: [{FF9E5FDA-BF4C-4041-AD35-BF85E2AEC875}] => C:\Program Files (x86)\Activision\Spider-Man - Web of Shadows\image\pc\Spider-Man Web of Shadows.exe
FirewallRules: [{125FF535-789C-4856-AF6F-B0A8D4168A4A}] => C:\Program Files (x86)\Activision\Spider-Man - Web of Shadows\image\pc\Spider-Man Web of Shadows.exe
FirewallRules: [TCP Query User{C3C08D20-40B9-4675-BDA3-93BD1A4BD83D}C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe] => C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe
FirewallRules: [UDP Query User{E3419AF2-CB6B-4F5F-937C-26446748B66B}C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe] => C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe
FirewallRules: [{86D92C95-CDD9-43F2-A13A-2A5002859A92}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{043BEABF-FD86-4D68-955F-EC4F131C1CD4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A0698A7-E529-4834-BBA6-49D2CA1AEEFB}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3A5EB6FB-71DD-441E-9A9C-CEE72EC3D1DC}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5A813D49-D9EE-4303-9EDB-10C53A4EEF09}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6160C656-30EA-49C3-8AF7-72C4EDAEEA49}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BDCD0FCC-DB7C-4E5F-BA4E-6BB3D428B3D4}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C80D91EE-8854-4F93-A790-C0D2F5E91F86}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{AA8A4988-CF3B-4B39-B274-13612F249C17}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{1CB2C1FC-38D6-4D67-839F-F21388A3121E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{17C163B0-538E-48B5-A435-00E01A3D1C3D}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{616442F7-6FDF-4877-81BC-71C628B02919}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{A649B2CB-C0AE-4CC7-89D7-41274F5192B7}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{90D4E229-023D-4A84-8DD2-22A361919B0D}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe

==================== Wiederherstellungspunkte =========================

26-06-2015 11:56:24 Geplanter Prüfpunkt
30-06-2015 17:03:07 Geplanter Prüfpunkt
05-07-2015 12:37:53 Geplanter Prüfpunkt
29-07-2015 16:26:34 Geplanter Prüfpunkt
30-07-2015 12:50:27 Geplanter Prüfpunkt
31-07-2015 12:33:14 Geplanter Prüfpunkt
21-03-2016 21:29:25 Geplanter Prüfpunkt
24-04-2016 17:08:43 Removed QuickTime
07-07-2016 12:36:22 Geplanter Prüfpunkt
25-08-2016 16:28:07 Geplanter Prüfpunkt
23-10-2016 13:29:11 Geplanter Prüfpunkt
25-10-2016 21:44:18 Geplanter Prüfpunkt
24-12-2016 17:40:21 Removed Java 7 Update 45
24-12-2016 17:43:16 Removed QuickTime
24-12-2016 18:59:16 Removed Apple Application Support
24-12-2016 19:04:32 Removed Apple Software Update
24-12-2016 19:57:24 Installed AVG 2016
24-12-2016 19:58:19 Installed AVG
25-12-2016 14:56:40 Geplanter Prüfpunkt
25-12-2016 15:05:04 Removed System Requirements Lab CYRI
25-12-2016 15:06:28 ??????? Counter-Strike 1.6
25-12-2016 15:07:01 chip 1-click download service wurde entfernt.
25-12-2016 17:08:42 Windows-Modulinstallation
26-12-2016 17:45:49 Windows Update
26-12-2016 18:21:53 Windows Update
26-12-2016 21:46:53 Windows Update
27-12-2016 12:24:55 Windows Update
28-12-2016 11:00:29 Geplanter Prüfpunkt
29-12-2016 18:41:34 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #5
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #6
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #7
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #8
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #9
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/27/2016 09:49:15 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\Suiolirim\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\BYSL5O0L.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog

Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (12/27/2016 08:03:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm winamp.exe, Version 5.6.3.3235 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1144
Anfangszeit: 01d260718ab6cea4
Zeitpunkt der Beendigung: 0

Error: (12/27/2016 01:33:50 AM) (Source: profsvc) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\TEMP. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden. 

 DETAIL - Das Verzeichnis ist nicht leer.

Error: (12/27/2016 01:15:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung sidebar.exe, Version 6.0.6002.18005, Zeitstempel 0x49e035b8, fehlerhaftes Modul avghooka.dll, Version 16.141.0.7996, Zeitstempel 0x58526173, Ausnahmecode 0xc0000005, Fehleroffset 0x0000000000003d3b,
Prozess-ID 0x1234, Anwendungsstartzeit 01d25fd64aa69aff.

Error: (12/27/2016 01:11:22 AM) (Source: profsvc) (EventID: 1502) (User: SUIOLIRIM)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigter lokales Profil. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (12/27/2016 01:11:22 AM) (Source: profsvc) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.  for C:\Users\Suiolirim\ntuser.dat

Error: (12/26/2016 11:57:27 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (12/26/2016 11:57:26 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (12/26/2016 11:29:17 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Das Zusammenstellen der Leistungsindikatorendaten vom Dienst "PolicyAgent" wurde deaktiviert, da mindestens ein Fehler von der Leistungsindikatorenbibliothek für diesen Dienst verursacht wurde. Die Fehler, die diese Aktion erzwungen haben, wurden in das Ereignisprotokoll der Anwendung geschrieben. Die Fehler müssen behoben werden, bevor die Leistungsindikatoren für diesen Dienst aktiviert werden.

Error: (12/26/2016 11:29:17 PM) (Source: Perflib) (EventID: 1005) (User: )
Description: Die Open-Prozedur "OpenIPSecPerformanceData" in der DLL "C:\Windows\System32\ipsecsvc.dll" für den "PolicyAgent"-Dienst wurde nicht gefunden. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


Systemfehler:
=============
Error: (12/30/2016 11:28:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "UPnP-Gerätehost" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (12/30/2016 11:28:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/30/2016 11:28:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Beep
Lbd

Error: (12/30/2016 11:28:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/30/2016 11:28:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/30/2016 11:28:06 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/30/2016 11:28:06 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/30/2016 11:28:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/29/2016 07:04:14 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/29/2016 11:31:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "UPnP-Gerätehost" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.


CodeIntegrity:
===================================
  Date: 2016-12-30 11:33:45.225
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 11:33:44.555
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 11:33:43.697
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 11:33:42.963
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 11:33:41.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 11:33:40.904
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 11:33:40.218
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 11:33:39.485
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 11:32:18.583
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\avguniva.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 11:32:17.959
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\avguniva.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) 9650 Quad-Core Processor
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 4093.58 MB
Verfügbarer physikalischer RAM: 1631.29 MB
Summe virtueller Speicher: 10129.08 MB
Verfügbarer virtueller Speicher: 7287.14 MB

==================== Laufwerke ================================

Drive c: (HP) (Fixed) (Total:582.63 GB) (Free:326.17 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.54 GB) (Free:1.83 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=582.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=60b0beaa0a18804ea4e6be06afc5f06c
# end=init
# utc_time=2016-12-30 10:57:36
# local_time=2016-12-30 11:57:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 31902
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=60b0beaa0a18804ea4e6be06afc5f06c
# end=updated
# utc_time=2016-12-30 11:02:14
# local_time=2016-12-30 12:02:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=60b0beaa0a18804ea4e6be06afc5f06c
# engine=31902
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-30 01:50:13
# local_time=2016-12-30 02:50:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 10716 320629719 0 0
# scanned=343427
# found=5
# cleaned=0
# scan_time=10078
sh=04EC8A07BF983CB8814CC0F6B6C64E5364A62892 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.AT evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\ConduitCommon\modules\3.5.0.12\SearchProtector.jsm.vir"
sh=1375DE55437E815574B7BE56CFD3DE9428ED205D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.AT evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\ConduitCommon\modules\3.6.0.10\SearchProtector.jsm.vir"
sh=FE982B3F3F3C4B74A9E1B55BFC0F4059E1CC205A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.AT evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\ConduitCommon\modules\3.7.0.6\SearchProtector.jsm.vir"
sh=2ACEA095EA0B95808EE81D3E6EC2246821E5C557 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.AT evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\SearchProtector.jsm.vir"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Suiolirim\AppData\Local\temp\DMR\dmr_72.exe"
         
Da ständig was gefunden wird, werde ich das Gefühl nicht los, dass irgendwo tief im Inneren des Systems ein fieser, hartnäckiger Virus sein Unwesen treibt.

Geändert von Suiolirim (30.12.2016 um 14:57 Uhr)

Alt 30.12.2016, 19:12   #20
burningice
/// Malwareteam
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Also wenn zwei Rootkit Scans von verschiedenen Herstellern sagen, da ist kein Anzeichen für einen Rootkit, und ich seh manuell auch keine, dann würde ich mich trauen zu sagen dass da keiner ist.

Spielst du abundzu mit CheatEngine oder hast Emulatoren für CDs laufen, um .iso einlesen zu können oder sowas? Das kann so eine Meldung verursachen.

AVG sagt ja nur, dass es einen ungewöhnlichen Zugriff gab, stuft die Gefahr ja selber nur als Mittel ein, bei einem Rootkit Fund schaut das anders aus.


Schritt: 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
GroupPolicy\User: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
FF NetworkProxy: Mozilla\Firefox\Profiles\bysl5o0l.default -> no_proxies_on", ""
S2 F-Secure Gatekeeper Handler Starter; "C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe" [X]
S3 FSDFWD; "C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe" [X]
S2 FSMA; "C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE" [X]
S3 FSORSPClient; "C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe" [X]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [X]
S1 Beep; kein ImagePath
U0 aswVmm; kein ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 dump_wmimmc; \??\C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [X]
S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Corporate Edition\kerneld.amd64 [X]
S3 F-Secure Gatekeeper; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [X]
S1 F-Secure HIPS; \??\C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [X]
S1 fsvista; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\Sandra.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\SUIOLIRIM\AppData\Local\Temp\001408.tmp [X]
C:\Windows\SysWOW64\runouce.exe
Task: {1999CD70-9319-4CFE-A0BA-D9C090D34E00} - System32\Tasks\{BEE4217B-8ABE-4656-AF30-A1E53573390E} => pcalua.exe -a C:\Users\Suiolirim\Downloads\codec_sniper.exe -d C:\Users\Suiolirim\Downloads
Task: {371EDA46-91D3-487E-8BFB-AD3438044152} - System32\Tasks\{C47CCFEC-B5BF-4BDC-B6AC-ECF2C3FFBE23} => pcalua.exe -a C:\Users\Suiolirim\Downloads\sp39950.exe -d C:\Users\Suiolirim\Downloads
Task: {69DE6AF7-90C9-49F6-AD87-448F63F65C7B} - System32\Tasks\{8882EA47-8D98-4195-8E81-8829D8EE1259} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {CE551541-E9D7-4613-AC11-CAD718A79641} - System32\Tasks\{427676C2-46CD-43AE-B1E5-74F84C5F9AEB} => pcalua.exe -a E:\eauninstall.exe -d E:\
Task: {E396FCA1-66F1-4B58-A20C-846BE4DB237A} - System32\Tasks\{473F0C77-2CCD-4EDB-BA86-019EA51AA096} => pcalua.exe -a "C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe" -d "C:\Program Files (x86)\ICQ6Toolbar"
Task: {F0C531CD-5438-4DB3-8688-84F50D9FD370} - System32\Tasks\{CE75FCDC-B7D3-434D-8B4F-3FDBAF6014C1} => pcalua.exe -a C:\Users\Suiolirim\Downloads\UDKInstall-UncleFred.exe -d C:\Users\Suiolirim\Downloads
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B [286]
AlternateDataStreams: C:\ProgramData\TEMP:364682BC [234]
AlternateDataStreams: C:\ProgramData\TEMP:BD36345D [200]
C:\ProgramData\ICQ
[-HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}]
[-HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}]
[-HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}]
[-HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}]
[-HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975}]
[-HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing]

emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 31.12.2016, 12:45   #21
Suiolirim
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Suiolirim (Administrator) auf SUIOLIRIM (31-12-2016 12:39:06)
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Geladene Profile: Suiolirim (Verfügbare Profile: Suiolirim)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Run: [Google Update] => C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-24] (Google Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9CA86A35-94EC-4BED-A5DB-38C113AD5714}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{A615081A-DB1C-42C8-8B6A-0E4FEC46738B}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg64.dll [2009-10-18] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-18] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Browsing Protection Class -> {C6867EB7-8350-4856-877F-93CF8AE3DC9C} -> Keine Datei
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default [2016-12-31]
FF Extension: (Grooveshark Unlocker) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\groovesharkUnlocker@overlord1337.xpi [2016-12-26]
FF Extension: (Distrust) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\trustme@gness.com [2009-04-14] [ist nicht signiert]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-29] [ist nicht signiert]
FF Extension: (NoScript) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-25]
FF Extension: (BugMeNot Plugin) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2016-12-25]
FF Extension: (WOT) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-05-17] [ist nicht signiert]
FF Extension: (Fasterfox) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a99} [2009-04-14] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-25]
FF Extension: (Greasemonkey) - C:\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-12-25]
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2016-12-24] [ist nicht signiert]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-12-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-23] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (Eset Plugin) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-07-06] [ist nicht signiert]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=14 -> C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-14] (Google)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-02-14] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Limited)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-1653470619-1168622029-2061882709-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-02-14] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npigl.dll [2007-02-12] (Indiepath Ltd)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll [2009-07-03] (NHN USA Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-01-07] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Plugin: (Shockwave Flash) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\49.0.2623.112\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (igLoader) - C:\Program Files (x86)\Mozilla Firefox\plugins\npigl.dll (Indiepath Ltd)
CHR Plugin: (ijji Auto Install Plugin for Mozilla) - C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll (NHN USA Inc.)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => Keine Datei
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Google Updater) - C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Unity Player) - C:\Users\Suiolirim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Keine Datei
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Keine Datei
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\Default [2016-12-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Suiolirim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-24]
StartMenuInternet: Google Chrome - C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2016-12-15] (AVG Technologies CZ, s.r.o.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [69632 2008-07-14] () [Datei ist nicht signiert]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert]
S2 gupdate1c986c7e6048a9a; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-08] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3404560 2010-01-04] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-09-03] (Brother Industries Ltd.)
R1 FSES; C:\Windows\System32\drivers\fses.sys [46664 2011-04-30] (F-Secure Corporation)
R1 FSFW; C:\Windows\System32\drivers\fsdfw.sys [95784 2011-04-30] (F-Secure Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [42248 2012-11-15] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-24] (REALiX(tm))
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89432 2012-08-13] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [613720 2012-11-15] (Kaspersky Lab)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-10-06] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-10-06] (Nokia)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4774 2012-02-02] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-06-06] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
R3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-15] (Anchorfree Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2009-10-06] (Nokia)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-30 21:45 - 2016-12-30 21:45 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Steam
2016-12-30 21:45 - 2016-12-30 21:45 - 00000000 ____D C:\Users\Suiolirim
2016-12-30 21:43 - 2016-12-30 21:43 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Steam
2016-12-30 11:57 - 2016-12-30 11:57 - 00000000 ____D C:\Program Files (x86)\ESET
2016-12-29 11:35 - 2016-12-29 11:49 - 00000000 ____D C:\ProgramData\HitmanPro
2016-12-27 21:40 - 2016-12-27 21:41 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-12-27 21:10 - 2016-12-27 21:10 - 00000000 ____H C:\Windows\SwSys2.bmp
2016-12-27 21:10 - 2016-12-27 21:10 - 00000000 ____H C:\Windows\SwSys1.bmp
2016-12-27 20:07 - 2016-12-27 20:10 - 00192922 _____ C:\TDSSKiller.3.1.0.12_27.12.2016_20.07.16_log.txt
2016-12-27 01:11 - 2016-12-27 01:33 - 00000000 ____D C:\Users\TEMP
2016-12-27 00:32 - 2016-10-07 17:12 - 02528768 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-27 00:32 - 2016-10-07 16:52 - 01544704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-12-27 00:27 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-12-27 00:27 - 2014-12-08 02:37 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-12-27 00:14 - 2016-03-10 18:07 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-27 00:14 - 2016-03-10 17:43 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-12-27 00:09 - 2015-12-05 18:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-12-27 00:09 - 2015-12-05 18:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2VDEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ADEC.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-12-27 00:09 - 2015-12-05 18:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-12-27 00:09 - 2015-12-05 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-12-27 00:09 - 2015-12-05 18:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-12-27 00:09 - 2015-12-05 17:41 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01539072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01350656 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01127424 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 01090560 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-12-27 00:09 - 2015-12-05 17:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00819200 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-12-27 00:09 - 2015-12-05 17:41 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 01571328 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-12-27 00:09 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-12-27 00:09 - 2015-12-05 17:40 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 01074176 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-12-27 00:09 - 2015-12-05 17:39 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-12-27 00:09 - 2015-12-05 17:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-12-27 00:09 - 2015-12-05 17:39 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-12-27 00:09 - 2015-12-05 17:22 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-12-27 00:09 - 2013-10-30 05:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-12-27 00:09 - 2013-10-30 03:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-12-27 00:06 - 2016-11-08 18:09 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-27 00:06 - 2016-11-08 18:02 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-27 00:04 - 2015-11-05 10:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-12-27 00:04 - 2015-11-05 09:55 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-12-27 00:04 - 2015-11-05 08:54 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-12-26 23:59 - 2016-09-10 17:44 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-12-26 23:59 - 2016-09-10 17:27 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-12-26 23:51 - 2015-07-10 20:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-12-26 23:51 - 2015-07-10 20:35 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-12-26 23:39 - 2015-11-02 18:04 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-12-26 23:39 - 2015-11-02 17:44 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-12-26 23:38 - 2015-09-02 22:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-12-26 23:38 - 2015-09-02 22:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-12-26 23:30 - 2016-03-18 19:15 - 01915392 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-12-26 23:30 - 2016-03-18 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-26 23:30 - 2016-03-18 18:10 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-12-26 23:30 - 2016-03-18 18:10 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-26 23:22 - 2016-10-04 15:41 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-26 23:17 - 2016-11-09 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-26 23:17 - 2016-11-09 16:22 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-26 23:15 - 2016-10-07 17:19 - 04692712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-26 23:15 - 2016-08-12 20:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-26 23:15 - 2016-03-22 00:00 - 01589168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-26 23:15 - 2016-03-22 00:00 - 01171488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-26 23:11 - 2016-04-09 22:17 - 00975360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-12-26 23:11 - 2016-04-09 21:48 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-12-26 23:09 - 2016-03-18 19:15 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-12-26 23:09 - 2016-03-18 19:15 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-12-26 23:09 - 2016-03-18 18:10 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-12-26 23:06 - 2016-11-11 18:14 - 00820736 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-26 23:06 - 2016-11-11 17:59 - 00648704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-26 23:01 - 2016-10-27 17:16 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-26 23:01 - 2016-10-27 17:03 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-26 22:59 - 2016-03-04 17:52 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-12-26 22:59 - 2016-03-04 17:40 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-12-26 22:57 - 2015-05-31 09:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-12-26 22:57 - 2015-05-31 08:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-12-26 22:55 - 2015-10-10 16:48 - 00736192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-12-26 22:53 - 2016-06-25 17:04 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-12-26 22:53 - 2016-06-25 17:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-26 22:53 - 2016-06-25 17:04 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-12-26 22:53 - 2016-06-25 17:03 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-12-26 22:53 - 2016-06-25 17:03 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-26 22:53 - 2016-06-25 16:37 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-12-26 22:53 - 2016-06-25 16:09 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-12-26 22:53 - 2016-06-25 16:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-12-26 22:53 - 2016-06-25 15:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-12-26 22:43 - 2016-03-17 20:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-12-26 22:43 - 2016-03-17 18:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-12-26 22:43 - 2016-03-17 18:45 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-12-26 22:43 - 2016-02-06 03:12 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-26 22:43 - 2016-02-06 03:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-26 22:43 - 2016-02-06 03:02 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-26 22:43 - 2016-02-06 03:01 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-26 22:43 - 2016-02-06 01:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-26 22:43 - 2016-02-06 01:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-26 22:42 - 2014-06-15 23:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-12-26 22:42 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-12-26 22:42 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-12-26 22:42 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-12-26 22:42 - 2014-06-13 18:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-12-26 22:42 - 2014-06-13 18:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-12-26 22:39 - 2015-05-04 23:51 - 10627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-12-26 22:39 - 2015-05-04 23:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-12-26 22:39 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-12-26 22:39 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-12-26 22:39 - 2015-05-04 23:33 - 13427712 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-12-26 22:39 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-12-26 22:39 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-12-26 22:39 - 2015-05-04 23:32 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-12-26 22:39 - 2015-05-04 22:39 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-12-26 22:39 - 2015-05-04 22:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-12-26 22:37 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-12-26 22:37 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-12-26 22:37 - 2015-07-09 15:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-12-26 22:31 - 2015-07-18 16:41 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-12-26 22:26 - 2016-10-17 23:20 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-26 22:26 - 2016-10-17 23:20 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 01019904 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-26 22:26 - 2016-10-17 23:19 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-26 22:26 - 2016-10-17 23:19 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-26 22:26 - 2016-10-17 23:19 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:05 - 00807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-26 22:26 - 2016-10-17 23:04 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-12-26 22:26 - 2016-10-17 23:04 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-12-26 22:26 - 2016-10-17 23:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-12-26 22:26 - 2016-10-17 23:04 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-12-26 22:26 - 2016-10-17 23:04 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-12-26 22:26 - 2016-10-07 17:13 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-26 22:26 - 2016-10-07 17:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-26 22:26 - 2016-10-07 16:52 - 00573952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-12-26 22:26 - 2016-10-07 16:51 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-12-26 22:24 - 2016-02-06 03:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-12-26 22:24 - 2014-10-10 02:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-12-26 22:24 - 2014-10-10 02:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-26 22:24 - 2014-10-10 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-26 22:24 - 2014-10-10 00:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-26 22:24 - 2014-10-10 00:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-26 22:22 - 2016-08-03 17:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-12-26 22:22 - 2016-08-03 16:45 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-12-26 22:22 - 2016-08-03 15:41 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-12-26 22:22 - 2016-08-03 15:40 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-12-26 22:22 - 2016-08-03 15:40 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-12-26 22:20 - 2016-11-16 18:20 - 00364776 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-26 22:20 - 2016-05-10 16:55 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-12-26 22:20 - 2016-05-10 16:54 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-12-26 22:20 - 2016-05-10 16:54 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-12-26 22:20 - 2016-05-10 16:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-12-26 22:20 - 2016-05-10 15:55 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-12-26 22:20 - 2016-05-10 15:55 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-12-26 22:20 - 2016-05-10 15:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-12-26 22:16 - 2014-06-26 23:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-12-26 22:16 - 2014-06-26 23:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-12-26 22:16 - 2014-06-06 05:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-12-26 22:16 - 2014-06-06 05:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-12-26 22:12 - 2016-12-26 22:12 - 00541952 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuMSI7623.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 00013972 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuUI7623.txt
2016-12-26 22:12 - 2015-07-29 01:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-26 22:12 - 2015-07-29 01:31 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-12-26 22:12 - 2014-10-03 02:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-12-26 22:12 - 2014-10-03 02:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-12-26 22:12 - 2014-10-03 02:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-12-26 22:12 - 2014-10-03 02:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-12-26 22:12 - 2014-10-03 02:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-12-26 22:12 - 2014-10-03 02:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-12-26 22:12 - 2014-10-03 02:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-12-26 22:12 - 2014-10-03 00:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2016-12-26 22:11 - 2016-12-26 22:12 - 01303922 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64MSI7583.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 00014024 _____ C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64UI7583.txt
2016-12-26 22:09 - 2015-04-24 16:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-12-26 22:09 - 2015-04-24 16:41 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-12-26 22:07 - 2015-11-10 18:03 - 01208832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-12-26 22:07 - 2015-11-10 18:03 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-12-26 22:07 - 2015-11-10 17:40 - 01683968 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-12-26 22:07 - 2015-11-10 17:40 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-12-26 22:07 - 2015-01-29 02:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-12-26 22:07 - 2015-01-29 02:33 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-12-26 22:06 - 2015-03-05 03:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-12-26 22:06 - 2015-03-05 02:58 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-12-26 22:06 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-12-26 22:06 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-12-26 22:06 - 2014-12-06 03:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-12-26 22:06 - 2014-12-06 03:54 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-12-26 22:06 - 2014-08-27 01:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-12-26 22:06 - 2014-08-27 01:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-12-26 22:05 - 2015-07-21 16:50 - 00154048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2016-12-26 22:05 - 2015-07-21 16:50 - 00068544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-12-26 22:05 - 2015-07-21 16:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-12-26 22:05 - 2015-07-21 16:40 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2016-12-26 22:05 - 2015-04-11 00:33 - 00384512 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-12-26 22:05 - 2015-04-11 00:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\services.exe
2016-12-26 22:05 - 2014-12-06 03:54 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-12-26 22:04 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-12-26 22:04 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-12-26 22:04 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-12-26 22:04 - 2015-11-13 17:42 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-12-26 22:04 - 2015-11-13 16:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-12-26 22:03 - 2014-10-24 02:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-12-26 22:03 - 2014-10-24 01:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdohlp.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2016-12-26 22:02 - 2016-01-30 04:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-12-26 22:02 - 2016-01-30 04:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbeio.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2016-12-26 22:02 - 2016-01-30 04:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasads.dll
2016-12-26 22:02 - 2016-01-30 04:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasdatastore.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-12-26 22:02 - 2016-01-30 03:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-12-26 22:02 - 2016-01-30 03:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-12-26 22:02 - 2016-01-30 03:44 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-12-26 22:02 - 2016-01-30 03:43 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-12-26 22:02 - 2016-01-30 03:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-12-26 22:02 - 2016-01-30 03:43 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-12-26 22:02 - 2016-01-30 03:43 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-12-26 22:02 - 2016-01-30 02:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-12-26 22:02 - 2016-01-30 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iashost.exe
2016-12-26 22:02 - 2014-09-05 00:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-12-26 22:01 - 2015-08-05 16:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-12-26 22:00 - 2016-11-20 17:57 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-26 22:00 - 2016-11-20 15:16 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-26 22:00 - 2016-11-20 15:13 - 00521448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-26 22:00 - 2016-11-20 15:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-26 22:00 - 2016-10-08 17:08 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-26 22:00 - 2016-10-08 17:07 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-26 22:00 - 2016-10-08 16:51 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-26 22:00 - 2016-08-10 17:12 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-26 22:00 - 2016-08-10 17:12 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-26 22:00 - 2016-08-10 16:44 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-26 22:00 - 2016-08-10 16:43 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-26 22:00 - 2016-05-14 16:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-26 22:00 - 2016-05-14 16:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-26 22:00 - 2016-03-18 19:15 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-26 22:00 - 2016-02-06 03:12 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-26 22:00 - 2016-02-06 03:11 - 00802304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-26 22:00 - 2016-02-06 03:01 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-26 22:00 - 2016-02-06 02:59 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-26 22:00 - 2015-06-27 15:30 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-26 22:00 - 2015-06-27 15:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-26 22:00 - 2015-01-09 01:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-26 21:59 - 2016-11-08 18:10 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-26 21:59 - 2016-11-08 18:01 - 02264576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-26 21:59 - 2015-10-13 15:45 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-12-26 21:59 - 2015-10-13 15:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-12-26 21:59 - 2015-06-17 16:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-26 21:59 - 2015-06-17 16:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-26 21:59 - 2014-06-02 22:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-26 21:59 - 2014-06-02 22:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-26 21:59 - 2014-06-02 22:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-26 21:59 - 2014-06-02 21:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-26 21:59 - 2014-06-02 11:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-26 21:59 - 2014-06-02 11:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-26 21:56 - 2016-10-17 23:19 - 00975872 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-26 21:56 - 2016-10-17 23:04 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-26 21:56 - 2016-09-15 01:23 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-26 21:56 - 2016-09-15 01:01 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-12-26 21:56 - 2016-04-09 21:53 - 00901352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-12-26 21:56 - 2016-04-09 21:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00726016 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-12-26 21:55 - 2016-05-12 16:56 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-12-26 21:55 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-12-26 21:55 - 2016-05-12 16:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-12-26 21:55 - 2016-05-12 16:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-12-26 21:55 - 2016-05-12 16:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-12-26 21:55 - 2016-05-12 16:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-12-26 21:53 - 2016-02-02 16:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-12-26 21:49 - 2016-11-20 18:12 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-26 21:49 - 2016-11-20 17:55 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-26 21:49 - 2015-11-20 15:15 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-26 21:49 - 2015-07-01 16:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-12-26 21:49 - 2015-07-01 16:43 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-12-26 21:17 - 2014-01-30 11:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-12-26 21:17 - 2014-01-30 08:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-12-26 21:17 - 2013-10-11 05:23 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-12-26 21:17 - 2013-10-11 05:23 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-12-26 21:17 - 2013-10-11 03:29 - 00217074 _____ C:\Windows\system32\WFP.TMF
2016-12-26 21:17 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-12-26 21:16 - 2016-11-09 01:44 - 18807296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-26 21:16 - 2016-11-09 01:41 - 02351104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-26 21:16 - 2016-11-09 01:36 - 10941952 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 01392640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-26 21:16 - 2016-11-09 01:35 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-26 21:16 - 2016-11-09 01:34 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-26 21:16 - 2016-11-09 01:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-12-26 21:16 - 2016-11-09 01:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-26 21:16 - 2016-11-09 01:33 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-26 21:16 - 2016-11-09 01:33 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-12-26 21:16 - 2016-11-09 01:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-12-26 21:16 - 2016-11-09 01:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-12-26 21:16 - 2016-11-09 01:06 - 01815552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-26 21:16 - 2016-11-09 01:05 - 12841472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-26 21:16 - 2016-11-09 01:03 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-26 21:16 - 2016-11-09 01:02 - 09756160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-26 21:16 - 2016-11-09 01:01 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-26 21:16 - 2016-11-09 01:01 - 01129984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 01805312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-26 21:16 - 2016-11-09 01:00 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-12-26 21:16 - 2016-11-09 01:00 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-26 21:16 - 2016-11-09 01:00 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-26 21:16 - 2016-11-09 00:59 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-12-26 21:16 - 2016-11-09 00:59 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-12-26 21:16 - 2016-11-09 00:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-12-26 21:16 - 2014-04-05 10:10 - 01422784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-12-26 21:16 - 2013-10-03 16:02 - 01278976 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-26 21:16 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-26 21:15 - 2013-10-22 10:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-12-26 21:15 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-12-26 21:15 - 2013-10-11 05:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-12-26 21:15 - 2013-10-11 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-12-26 21:15 - 2013-10-11 03:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-12-26 21:15 - 2013-10-11 03:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-12-26 21:15 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-12-26 21:15 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-12-26 21:15 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2016-12-26 21:15 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-12-26 21:15 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-12-26 18:22 - 2016-11-08 16:49 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-26 17:46 - 2016-09-08 15:39 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-12-26 17:46 - 2016-09-08 15:39 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-12-26 17:36 - 2016-12-26 17:36 - 00001628 _____ C:\Users\Suiolirim\Downloads\sg_backup_2016-12-26-1736.spg
2016-12-25 17:11 - 2016-12-25 17:11 - 00383208 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-25 17:11 - 2016-12-25 17:11 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01561600 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01154560 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00486912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-12-25 17:10 - 2016-12-25 17:10 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-12-25 17:07 - 2016-12-25 17:07 - 00000041 _____ C:\Windows\woubak-pwrscheme-temp.txt
2016-12-25 17:07 - 2016-12-25 17:07 - 00000041 _____ C:\Windows\woubak-pwrscheme-act.txt
2016-12-24 20:29 - 2016-12-31 12:36 - 00002894 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Suiolirim)
2016-12-24 20:29 - 2016-12-24 20:31 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\IObit
2016-12-24 20:29 - 2016-12-24 20:30 - 00002083 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-12-24 20:29 - 2016-12-24 20:29 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-12-24 20:29 - 2016-12-24 20:29 - 00003262 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\Windows\IObit
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\ProgramData\ProductData
2016-12-24 20:29 - 2016-12-24 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-12-24 20:28 - 2016-12-25 12:53 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\IObit
2016-12-24 20:03 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\AVG
2016-12-24 20:02 - 2016-12-24 20:02 - 00000805 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-12-24 20:02 - 2016-12-24 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-12-24 19:59 - 2016-12-24 19:59 - 00000000 ___HD C:\$AVG
2016-12-24 19:57 - 2016-12-31 12:06 - 00000000 ____D C:\ProgramData\MFAData
2016-12-24 19:57 - 2016-12-24 19:57 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\MFAData
2016-12-24 19:52 - 2016-12-31 12:16 - 00003564 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-24 19:52 - 2016-12-24 19:57 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-24 19:52 - 2016-12-24 19:52 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\CEF
2016-12-24 19:50 - 2016-12-24 20:03 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Avg
2016-12-24 19:50 - 2016-12-24 19:59 - 00000000 ____D C:\ProgramData\Avg
2016-12-24 19:50 - 2016-12-24 19:56 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\AvgSetupLog
2016-12-24 18:53 - 2016-12-24 18:53 - 00003640 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000UA
2016-12-24 18:53 - 2016-12-24 18:53 - 00003368 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000Core
2016-12-24 17:57 - 2016-12-31 12:37 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Mozilla
2016-12-24 17:56 - 2016-12-24 18:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-24 17:24 - 2016-12-30 15:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-24 17:24 - 2016-12-24 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-24 17:24 - 2016-12-24 17:24 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-24 17:24 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-24 17:24 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-01 02:18 - 2016-12-01 02:18 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-12-01 02:18 - 2016-12-01 02:18 - 00018088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-12-01 01:37 - 2016-12-01 01:37 - 00018088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-31 12:39 - 2013-10-30 09:29 - 00000000 ____D C:\FRST
2016-12-31 12:32 - 2009-04-05 13:25 - 00000008 __RSH C:\Users\Suiolirim\ntuser.pol
2016-12-31 12:32 - 2009-02-02 15:45 - 00000000 ____D C:\Users\Suiolirim
2016-12-31 12:31 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-31 12:31 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-31 12:31 - 2006-11-02 16:22 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-31 12:30 - 2010-02-11 14:51 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-12-31 12:29 - 2006-11-02 16:42 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-31 12:23 - 2006-11-02 14:34 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-12-31 12:02 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\tracing
2016-12-30 23:19 - 2011-09-19 15:13 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-30 13:39 - 2009-02-04 13:54 - 00001064 _____ C:\Windows\Tasks\Google Software Updater.job
2016-12-28 00:08 - 2009-02-02 17:50 - 00000000 ____D C:\Users\Suiolirim\Documents\TrackMania
2016-12-27 21:48 - 2013-10-29 21:26 - 00000000 ____D C:\AdwCleaner
2016-12-27 21:41 - 2009-03-01 14:20 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-12-27 19:10 - 2011-03-20 18:28 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\Auslogics
2016-12-27 13:24 - 2013-10-29 21:41 - 00000000 ____D C:\Windows\ERUNT
2016-12-27 13:15 - 2008-09-13 06:16 - 00696342 _____ C:\Windows\system32\perfh007.dat
2016-12-27 13:15 - 2008-09-13 06:16 - 00156498 _____ C:\Windows\system32\perfc007.dat
2016-12-27 13:15 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\inf
2016-12-27 13:15 - 2006-11-02 13:46 - 01632730 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-27 12:48 - 2009-07-06 19:46 - 01608186 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-27 01:32 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache
2016-12-27 01:07 - 2009-02-02 17:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-27 00:37 - 2006-11-02 16:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-12-27 00:37 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-12-27 00:37 - 2006-11-02 14:33 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-27 00:36 - 2013-10-31 16:07 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-12-27 00:36 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-12-26 23:29 - 2013-07-15 18:55 - 00000000 ____D C:\Windows\system32\MRT
2016-12-26 23:23 - 2006-11-02 13:35 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-12-26 22:24 - 2010-06-05 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-26 18:26 - 2006-11-02 16:21 - 00463984 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-25 15:26 - 2013-06-10 15:07 - 00000000 ____D C:\Program Files (x86)\DevPro
2016-12-25 15:12 - 2010-08-06 15:08 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-12-25 15:08 - 2008-09-12 20:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-25 15:03 - 2011-05-08 15:32 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Unity
2016-12-25 15:02 - 2009-02-15 14:57 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Macromedia
2016-12-25 15:02 - 2009-02-02 16:04 - 00000000 ____D C:\Users\Suiolirim\AppData\LocalLow\Adobe
2016-12-25 15:02 - 2009-02-02 16:01 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-12-25 15:02 - 2008-09-12 20:56 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-24 20:29 - 2011-03-02 13:42 - 00000000 ____D C:\ProgramData\IObit
2016-12-24 20:29 - 2011-03-02 13:41 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-24 20:02 - 2011-04-22 15:49 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\TuneUp Software
2016-12-24 19:50 - 2009-05-23 09:33 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Downloaded Installations
2016-12-24 18:58 - 2013-02-08 16:54 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-24 18:58 - 2013-02-08 16:54 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-24 18:52 - 2013-02-28 15:51 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148260198865912
2016-12-24 18:52 - 2013-02-08 16:55 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148260198784910
2016-12-24 18:51 - 2013-02-08 16:55 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148260198497907
2016-12-24 18:40 - 2012-04-25 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-24 17:59 - 2011-10-08 14:11 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-24 17:46 - 2009-02-02 16:15 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-24 17:40 - 2010-05-26 13:15 - 00002059 _____ C:\Users\Suiolirim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-24 17:33 - 2009-02-02 15:46 - 00000000 ____D C:\Users\Suiolirim\AppData\Local\Adobe
2016-12-24 17:24 - 2013-01-06 19:32 - 00000903 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-24 17:24 - 2013-01-06 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-12-24 17:24 - 2009-05-20 15:05 - 00000000 ____D C:\Users\Suiolirim\AppData\Roaming\Malwarebytes
2016-12-24 17:24 - 2009-05-20 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-24 17:19 - 2011-06-15 13:27 - 00002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-12-24 17:18 - 2009-06-30 14:25 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-24 17:18 - 2009-06-30 14:25 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-03-08 16:33 - 2013-03-08 16:33 - 0000191 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFX5SA.log
2011-03-13 12:04 - 2011-03-13 12:22 - 0000041 _____ () C:\Users\Suiolirim\AppData\Roaming\TheHunterSettings_live.cfg
2011-02-21 12:25 - 2015-04-06 15:39 - 0000254 _____ () C:\Users\Suiolirim\AppData\Roaming\wklnhst.dat
2009-03-08 16:26 - 2010-02-27 16:31 - 0001100 _____ () C:\Users\Suiolirim\AppData\Local\d3d8caps.dat
2009-05-09 19:07 - 2013-05-16 12:56 - 0001356 _____ () C:\Users\Suiolirim\AppData\Local\d3d9caps.dat
2009-02-22 20:10 - 2010-04-14 12:51 - 0001460 _____ () C:\Users\Suiolirim\AppData\Local\d3d9caps64.dat
2009-02-02 19:46 - 2009-12-20 19:22 - 0007168 _____ () C:\Users\Suiolirim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-03-27 22:02 - 2015-04-09 13:40 - 0348394 _____ () C:\Users\Suiolirim\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2010-03-27 22:02 - 2010-03-27 22:02 - 0000002 _____ () C:\Users\Suiolirim\AppData\Local\dd_dotnetfx35error.txt
2010-03-27 22:02 - 2015-04-09 13:40 - 0240504 _____ () C:\Users\Suiolirim\AppData\Local\dd_dotnetfx35install.txt
2009-06-09 13:57 - 2009-06-09 13:57 - 0402640 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI0710.txt
2013-02-08 16:54 - 2013-02-08 16:54 - 0364352 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI08CA.txt
2009-06-09 14:00 - 2009-06-09 14:00 - 0415660 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI08CC.txt
2010-04-02 18:56 - 2010-04-02 18:58 - 0418332 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI110D.txt
2010-04-02 18:58 - 2010-04-02 18:58 - 0407074 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI1295.txt
2010-03-30 13:17 - 2010-03-30 13:17 - 0442364 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI2358.txt
2011-09-16 15:05 - 2011-09-16 15:05 - 0512626 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI24ED.txt
2011-05-18 11:52 - 2011-05-18 11:52 - 0361952 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI3D99.txt
2010-08-06 15:09 - 2010-08-06 15:09 - 0427316 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI57C6.txt
2011-05-06 16:16 - 2011-05-06 16:16 - 0366200 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI5DE5.txt
2009-10-12 06:43 - 2009-10-12 06:43 - 0366808 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI60F5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0353238 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI62B5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0400340 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI62BC.txt
2011-05-04 11:26 - 2011-05-04 11:26 - 0360800 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI639F.txt
2009-04-04 11:15 - 2009-04-04 11:15 - 0417434 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI6604.txt
2011-05-12 20:38 - 2011-05-12 20:38 - 0427518 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI7AB9.txt
2011-04-19 15:13 - 2011-04-19 15:13 - 0364108 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistMSI7CE1.txt
2009-06-09 13:57 - 2009-06-09 13:57 - 0012046 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI0710.txt
2013-02-08 16:54 - 2013-02-08 16:54 - 0014102 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI08CA.txt
2009-06-09 14:00 - 2009-06-09 14:00 - 0012158 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI08CC.txt
2010-04-02 18:56 - 2010-04-02 18:58 - 0016562 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI110D.txt
2010-04-02 18:58 - 2010-04-02 18:58 - 0016042 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI1295.txt
2010-03-30 13:17 - 2010-03-30 13:17 - 0013882 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI2358.txt
2011-09-16 14:31 - 2011-09-16 15:06 - 0016292 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI24ED.txt
2011-05-18 11:52 - 2011-05-18 11:52 - 0013346 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI3D99.txt
2010-08-06 15:09 - 2010-08-06 15:09 - 0013538 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI57C6.txt
2011-05-06 16:16 - 2011-05-06 16:16 - 0015098 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI5DE5.txt
2009-10-12 06:43 - 2009-10-12 06:43 - 0011170 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI60F5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0014622 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI62B5.txt
2010-08-01 09:57 - 2010-08-01 09:57 - 0014390 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI62BC.txt
2011-05-04 11:26 - 2011-05-04 11:26 - 0013298 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI639F.txt
2009-04-04 11:15 - 2009-04-04 11:15 - 0011410 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI6604.txt
2011-05-12 20:38 - 2011-05-12 20:38 - 0014288 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI7AB9.txt
2011-04-19 15:13 - 2011-04-19 15:13 - 0014346 _____ () C:\Users\Suiolirim\AppData\Local\dd_vcredistUI7CE1.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 0541952 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuMSI7623.txt
2016-12-26 22:12 - 2016-12-26 22:12 - 0013972 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_lp_x64_deuUI7623.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 1303922 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64MSI7583.txt
2016-12-26 22:11 - 2016-12-26 22:12 - 0014024 _____ () C:\Users\Suiolirim\AppData\Local\dd_vstor40_x64UI7583.txt
2011-04-03 19:15 - 2011-04-03 19:15 - 0000096 _____ () C:\Users\Suiolirim\AppData\Local\fusioncache.dat
2010-03-27 22:02 - 2015-04-09 13:40 - 0006904 _____ () C:\Users\Suiolirim\AppData\Local\uxeventlog.txt
2011-10-15 14:44 - 2011-10-15 14:45 - 0001850 _____ () C:\ProgramData\1318686248.2288.bin
2011-04-19 16:50 - 2011-04-27 12:01 - 1555999 _____ () C:\ProgramData\bdinstall.bin
2008-09-12 21:06 - 2008-09-12 21:06 - 0000349 _____ () C:\ProgramData\hpzinstall.log
2009-12-18 20:20 - 2009-12-18 20:20 - 0000000 _____ () C:\ProgramData\leverage.drm.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Suiolirim\hash.dat


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-31 12:38

==================== Ende von FRST.txt ============================
         

Alt 31.12.2016, 12:46   #22
Suiolirim
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Suiolirim (31-12-2016 12:48:45)
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-02-02 13:39:16)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1653470619-1168622029-2061882709-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1653470619-1168622029-2061882709-1004 - Limited - Enabled)
Gast (S-1-5-21-1653470619-1168622029-2061882709-501 - Limited - Disabled)
Suiolirim (S-1-5-21-1653470619-1168622029-2061882709-1000 - Administrator - Enabled) => C:\Users\Suiolirim

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

A.V.A (HKLM-x32\...\{42AF51C0-4028-46CF-B616-FB1F75286457}) (Version: 24.18.03866 - A.V.A)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Reader X (10.1.16) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AVG (Version: 16.141.7996 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4749 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.141.7996 - AVG Technologies)
Bloodline Champions (HKLM-x32\...\{6C90C4C4-559D-4FE8-A4BF-37550E74D1FC}) (Version: 1.0.0 - Stunlock Studios)
Cards_Calendar_OrderGift_DoMorePlugout (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: .1707 - CyberLink Corp.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version:  - )
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Free Audio CD Burner version 1.2 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.2 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Limited.)
Google Chrome (HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Hardware Diagnose Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.0.26 - S2 Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Advisor (HKLM-x32\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.9152.3107 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Demo (HKLM-x32\...\{97ABD26A-3249-46CB-B2E2-F66E64B2E480}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM-x32\...\{F405DC00-37F3-4A5F-97F4-C1310CCEE53A}) (Version: 5.7.0.2693 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.2.3309 - Hewlett-Packard)
HP My Display (HKLM-x32\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 1.36.003 - Portrait Displays, Inc.)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Update (HKLM-x32\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
igLoader (HKLM\...\igLoader) (Version: 3.0.0.0 - Indiepath Ltd)
ijji REACTOR (HKLM-x32\...\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}) (Version: 1.00.0000 - ijji)
JDownloader 0.9 (HKLM-x32\...\1489-3350-5074-6281) (Version: 0.9 - AppWork GmbH)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2913 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.50.1040 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}) (Version: 12.00.1280 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.0) (Version: 12.0.1278 - Logitech Inc.)
Mafia II - Demo (HKLM-x32\...\Steam App 50280) (Version:  - 2K Czech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM-x32\...\{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}) (Version: 6.10.050 - muvee Technologies)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version:  - NCsoft)
Neffy 1,3,29,0 (HKLM-x32\...\Neffy) (Version: 1,3,29,0 - CDNetworks)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.80.5.1 - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{C50EF365-2898-489A-B6C7-30DAA466E9A2}) (Version: 7.1.23.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.40.6 - Nokia)
Nokia PC Suite (x32 Version: 7.1.40.6 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Optimierte Multimedia-Tastatur-Lösung (HKLM-x32\...\KBD) (Version:  - Hewlett-Packard)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.5.2 - Pando Networks Inc.)
PC Connectivity Solution (HKLM-x32\...\{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}) (Version: 9.44.0.3 - Nokia)
Pivot Software (x32 Version: 8.21.013 - Portrait Displays, Inc.) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.4109 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2926 - CyberLink Corp.)
PowerDirector (x32 Version: 6.5.2926 - CyberLink Corp.) Hidden
Pro Evolution Soccer 2013 DEMO2 (HKLM-x32\...\{E244E649-B7FB-4644-B387-CA882AEC7577}) (Version: 1.00.0000 - KONAMI)
PSSWCORE (x32 Version: 2.03.0000 - Hewlett-Packard) Hidden
Python 2.5.2 (HKLM-x32\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Quake Live Mozilla Plugin (HKLM-x32\...\{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}) (Version: 1.0.520 - id Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
SDK (x32 Version: 1.40.002 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1405.0 - Hi-Rez Studios)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
sp41119 (HKLM\...\sp41119) (Version:  - Hewlett-Packard)
sp44626 (HKLM-x32\...\sp44626) (Version:  - Hewlett-Packard)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spider-Man(TM) - Web of Shadows (x32 Version: 1.0 - Activision) Hidden
Spider-Man(TM) - Web of Shadows 1.1 Patch (x32 Version:  - ) Hidden
Spider-Man(TM) - Web of Shadows 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Spider-Man(TM) - Web of Shadows-Spiel (HKLM-x32\...\InstallShield_{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}) (Version: 1.1 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Suffering (remove only) (HKLM-x32\...\The Suffering) (Version: 1.7.0.11.2.4.3 - Midway Home Entertainment Inc.)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6.0 - Texas Instruments Incorporated)
Tiggit (HKLM-x32\...\{B2F036FE-A916-4EBB-8621-5403444940D3}_is1) (Version:  - )
TmNationsForever Update 2010-03-15 (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.980.1 - Hi-Rez Studios)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoToolkit01 (x32 Version: 110.0.171.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.4) (HKLM\...\8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA) (Version: 06/01/2009 7.01.0.4 - Nokia)
Windows-Treiberpaket - Nokia Modem  (10/05/2009 4.2) (HKLM\...\05B59228C7E1C21DFBE89260F879BD95880548D8) (Version: 10/05/2009 4.2 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\ChromeHTML: -> C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Suiolirim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03324EB8-3058-4313-B9EE-950B21C99340} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster\AutoUpdate.exe
Task: {0876C721-124D-482C-99CC-C227984A5313} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000Core => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {16B29D05-4229-426F-91A7-70AA518A3DBD} - System32\Tasks\Driver Booster SkipUAC (Suiolirim) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {37241EC8-CE22-470A-8D14-C4635CA28E96} - System32\Tasks\Google Updater and Installer => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {468EF5B9-5FB1-4743-B57F-2607EADD3A6C} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {797F9A29-E4B1-4A89-95EC-E0C6390E174A} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {909EF21F-8367-4215-B19B-D2D63CD93DE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {A70CC805-CD67-4C58-8BA3-C23E1D557A95} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {AAF676D5-7928-48FE-847C-178D6882F5E0} - System32\Tasks\{07BB79A0-80F9-418A-AABC-0A8C1849E8E6} => pcalua.exe -a C:\Users\Suiolirim\Downloads\Shockwave_Installer_Slim.exe -d C:\Users\Suiolirim\Downloads
Task: {B9494889-CE9C-4519-B409-3E15B8F62C99} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-14] (Google) <==== ACHTUNG
Task: {CC5DB0D3-211A-4178-AAC6-8C2DD660C736} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D078570E-9D97-4A49-A19A-5B2BDC527CD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)
Task: {EAB594A7-CC95-4935-B350-B742B93906DF} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {EEAE5D3F-FDF6-4E0B-901C-F530C5162126} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {FF994E75-520F-481A-9643-222BEA60F6CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1653470619-1168622029-2061882709-1000UA => C:\Users\Suiolirim\AppData\Local\Google\Update\GoogleUpdate.exe [2016-12-24] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe <==== ACHTUNG
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A5EDC403-DA13-4BD5-8F96-610C0E80242D}.job => C:\Windows\system32\msfeedssync.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Suiolirim\Desktop\Desktop\Spiele\A.V.A.lnk -> C:\Program Files (x86)\ijji\ijji REACTOR\REACTOR.exe (NHN Corporation) -> redirect:hxxp://reactor.ijji.com/index.nhn?gameid=u_ava

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-06-03 11:35 - 2013-04-30 03:46 - 00045056 _____ () C:\Windows\system32\atitmp64.dll
2009-02-05 16:19 - 2008-07-14 13:43 - 00069632 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
2016-12-24 19:52 - 2016-12-24 19:51 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7582 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7478 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 13:34 - 2013-10-30 16:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Suiolirim\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^Users^Suiolirim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Suiolirim\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Suiolirim\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => %SystemRoot%\system32\dfsr.exe
FirewallRules: [{142CF540-DB64-465E-A8C1-9F78FA381836}] => c:\Program Files (x86)\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{B71241FB-92BA-49E3-A31E-3A7F3F0DFD3A}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{A17A4EDB-D87B-4B68-A02B-747FAC300F23}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{0BDA7AAB-DCA1-435C-A48F-6E216D97E904}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{666B2C21-AD76-4154-880B-30198A16A391}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{9916A79E-A0E1-448C-9440-99A722F4A146}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{940E7A3E-C940-423C-AD06-29A4B695EADE}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{1BB2C654-2F8B-4A45-A6A5-E0D583FCCFF0}C:\program files (x86)\xfire\xfire.exe] => C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{1920CFB5-3D03-45C7-9232-7316A42DA08F}C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe] => C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{801523C9-9625-4A22-B5DA-012AB9CDBBE6}C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe] => C:\users\Suiolirim\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{296C58F4-423F-4733-A6C8-0266D853859F}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{BB74B909-F12D-4DC5-AA76-EC51D725D96A}C:\program files (x86)\tmnationsforever\tmforever.exe] => C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{FF0D0FF4-F437-4C3E-8D79-4B926E9D2389}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [TCP Query User{6E4270A5-4F0B-497B-BD9E-9806BC81A6BA}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C5820BA9-E570-4520-B7AC-772C07A81D24}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{15D6A789-2649-4B96-80F0-F825DF2AD011}] => C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{BEE99D8C-1502-4FF9-B3E3-1923215121C4}] => C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [TCP Query User{9AF4BE5F-C323-4E8D-AB2C-92559E9024F6}C:\ijji\english\ava\binaries\ava.exe] => C:\ijji\english\ava\binaries\ava.exe
FirewallRules: [UDP Query User{1C7EA198-6846-4BA1-B6B9-BC20A756C3EE}C:\ijji\english\ava\binaries\ava.exe] => C:\ijji\english\ava\binaries\ava.exe
FirewallRules: [{E3240DF4-D51C-4D38-9EAB-623834D37138}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{820FCAF3-31E0-4205-B709-F34BFBB6CA59}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{C290CB18-BDDD-4357-8C8A-B9B268D7AA7A}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{14D48E4D-66F0-4E59-9D3C-F365B36C3768}] => LPort=8394
FirewallRules: [{D2764897-B2FE-4D38-83AC-3A21A01D18D7}] => LPort=8394
FirewallRules: [{C5A80CCF-0D8F-45A8-9397-820E756CBD92}] => LPort=6983
FirewallRules: [{2779EC5B-8F17-44FB-8EAA-4402A80FC8C2}] => LPort=6983
FirewallRules: [{A96A26A7-A94C-4032-97BB-8400AB0A5626}] => LPort=6895
FirewallRules: [{2FD91BFF-97D6-4913-9AD5-A222762A64D6}] => LPort=6895
FirewallRules: [{8DF2CC18-8566-4E98-A4B6-BFA8FF2D5F89}] => LPort=8394
FirewallRules: [{C6A02ED0-E470-444A-B0CF-8752F9177DF1}] => LPort=8394
FirewallRules: [{E1ED97B3-7BD3-4BCE-9F93-B6934D645BD8}] => LPort=6971
FirewallRules: [{3ECC23F2-B8A7-4727-91CA-32BA5732E411}] => LPort=6971
FirewallRules: [{A9804527-902B-430E-8E68-627A9C721CFD}] => LPort=6992
FirewallRules: [{F9EDCFA4-89A5-4DB2-B0DB-343725E338D6}] => LPort=6992
FirewallRules: [{A04224C7-1161-4930-A4A1-71B503C62F2A}] => LPort=8395
FirewallRules: [{AAEE3DC0-D134-4141-9029-735A288FB41B}] => LPort=8395
FirewallRules: [{A7A12F77-9901-4FBD-B010-1B8D18D431B5}] => LPort=6989
FirewallRules: [{A10E189B-D236-4463-9DD8-3F7812C74C96}] => LPort=6989
FirewallRules: [{6D96D44D-BDD6-44C7-BFBE-3031B0AD141D}] => LPort=8396
FirewallRules: [{AD3D861F-41C7-45FC-989B-F567BB336D85}] => LPort=8396
FirewallRules: [{9A3E605E-B6AE-4B4D-9F78-7211B2D7ABD0}] => LPort=6987
FirewallRules: [{CD230630-6598-460B-A8DF-9E8CB966BF04}] => LPort=6987
FirewallRules: [TCP Query User{E1FF3428-E405-42AA-8F4E-F62BBC6563C2}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{7B2F750A-F25D-4AC8-94EE-784E2D6E7B7D}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{A5014B5F-EB16-458A-9B18-0E192C5479C0}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{97D7FCFA-8F3D-45E9-9B9E-F41E726566A2}] => svchost.exe
FirewallRules: [{ED8D12EA-84FA-43BD-B4D5-84BB31EFF679}] => LPort=6969
FirewallRules: [{759E874B-F517-4DE1-9011-1548BAF9F2CB}] => LPort=6969
FirewallRules: [{12F593EB-C1D8-45C3-A234-FFB3507F4AA6}] => LPort=6887
FirewallRules: [{CE01052E-243A-4D1B-BACE-CBEEC2FA5B8D}] => LPort=6887
FirewallRules: [{161FFAA0-791D-42AB-A8F8-771AC048803C}] => LPort=6993
FirewallRules: [{E5446C2A-E718-4EB7-B98B-2E1DF101D142}] => LPort=6993
FirewallRules: [{93955E75-5EC8-45D8-8FC1-139404C5C7A3}] => LPort=6928
FirewallRules: [{5EFFC13D-8A46-4DCB-AC86-0F3C65BE1489}] => LPort=6928
FirewallRules: [{8776558C-D184-4828-8C7A-C5A089F5760A}] => LPort=6932
FirewallRules: [{A978E1E9-B712-476A-8D3D-0DEE1A19FA75}] => LPort=6932
FirewallRules: [{C0952C5D-9782-432C-9726-5B09B1F0D48E}] => LPort=6966
FirewallRules: [{99087EDA-484F-48C3-B6B0-1532CFF72BA0}] => LPort=6966
FirewallRules: [{BA80CDAD-145A-4D29-AE7F-0E1359A82B89}] => LPort=6951
FirewallRules: [{C863FF2E-1B91-4E0B-B75C-D1781ECD7FEA}] => LPort=6951
FirewallRules: [{61E53A93-0F1A-4FA4-9FD1-2DDCDBE0E9DC}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{91B6BA44-B87D-45E4-858F-743C7FD808A5}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{2116F8AC-598A-4C93-8182-BB9D504AED82}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{77CD8069-8BC3-45B6-A309-55A4A8F08FE4}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{50134214-C0A4-4EEC-95E0-75BCD64C2F2B}] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{60570471-4616-4BC9-8FEA-1F2583535B30}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{CCFC29F3-1D6A-4CCF-ADA8-C96ADD82C573}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{3B453461-7FBC-40E2-83E7-AA2E0341CB95}] => LPort=80
FirewallRules: [{052CC513-CDE1-49FE-B133-1D21BBDBDABE}] => LPort=80
FirewallRules: [{B5E2656E-15C0-41B7-9769-A920CDEC2102}] => LPort=80
FirewallRules: [{4E0BA1D0-8A0D-41D0-A50A-135BF5479A13}] => LPort=6886
FirewallRules: [{162EFF4E-559C-42A4-AD5D-06A191ED3AEE}] => LPort=6886
FirewallRules: [{3E545E1E-550A-4926-A29E-B2BF6DE5C90F}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{B3979143-560D-4E60-9A26-988424B5CF5F}] => C:\Program Files (x86)\ijji\ijji REACTOR\ijjiOptimizer.exe
FirewallRules: [{5AFEF734-8FF3-4146-87E4-AA5D6B810544}] => LPort=6942
FirewallRules: [{C710B987-8D89-4FF5-B0B3-842C96383D80}] => LPort=6942
FirewallRules: [TCP Query User{93AD976D-2DD9-46E3-81BB-807D48059F3D}C:\riot games\league of legends\lol.launcher.exe] => C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [UDP Query User{85D588FD-75AE-4335-9F6A-10DEA033EC54}C:\riot games\league of legends\lol.launcher.exe] => C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [TCP Query User{E7338126-609A-4EAC-B423-4F5526DC0D11}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{D6129EA7-10E2-4E43-9597-4B0D2D4DFC8C}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{A5D4D5B6-CDE6-4F47-BFBE-54245A900907}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0F000594-AA61-45E8-B4E2-0DA479D33ED5}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{170F4ADD-F2FA-4DDF-8B82-122EAFFA6D72}] => C:\Users\Suiolirim\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{37C7F240-4AD1-4FA7-8FF0-4C93A865B756}] => C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{61829264-178A-4C46-941D-14035D91AE3F}] => C:\Program Files (x86)\Steam\SteamApps\common\Mafia II - Public Demo\launcher.exe
FirewallRules: [{30E6ACDF-B210-4870-9D13-EC3F5187EF55}] => C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{D9E8AC58-D0C3-4243-B21C-0EF4BE946695}] => C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{C7988D9A-6F21-4EDF-8FAF-F2DC42FB1150}] => C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F9220BDC-0B89-48B9-97C8-EEEA3D6547E6}] => C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{B43DB5D8-CF3B-413A-B2AC-AEEF5E428EE1}C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{DDEE711F-EA90-4CF9-B8AB-4A76BEE6C872}C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => C:\users\Suiolirim\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [TCP Query User{328D7D41-E260-4F31-9192-E0ACDF98B84C}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [UDP Query User{DF5BFEA2-C531-46AD-B058-644F3AD49A9E}C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [TCP Query User{8C871AAA-97CE-4F37-B428-32981CCBF79E}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{0519083D-2865-45D7-B2E5-DB4347C1DE67}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{490F30FC-5C8B-4F68-82CB-0161A6091219}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{AC54CEF7-EF4E-4681-AE4C-E3FA25413122}C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{221CD564-6E30-46D6-9E20-1A768EE03FB9}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{2D72EBD4-D438-4A2D-8AA7-05CABE373ABD}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [TCP Query User{A68F557A-9F61-474E-8175-F75A35B25C4E}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{55524AEE-DFDB-4B01-A374-DD3BCD83C159}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [{D21EAE32-A14F-49E1-9386-CD6ABD8F71CB}] => C:\Program Files (x86)\Steam\SteamApps\kedmaron\source sdk base 2007\hl2.exe
FirewallRules: [{32C7BBFE-2E99-4246-B40B-5584AA3EC12F}] => C:\Program Files (x86)\Steam\SteamApps\kedmaron\source sdk base 2007\hl2.exe
FirewallRules: [TCP Query User{F36D63AD-DB72-4F02-803D-FC83F41E19F5}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{442F9794-F04B-47A3-865C-27B923C49C6A}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [TCP Query User{2AD5586E-7429-4E08-B9B9-F54C8F59DC33}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [UDP Query User{9E3FAE17-C13A-4527-9254-6B9BB3EFBFC8}C:\program files (x86)\devpro\devpro.dll] => C:\program files (x86)\devpro\devpro.dll
FirewallRules: [{CEB4543E-C57B-43FD-A6F4-AA7B227D2031}] => C:\Users\Suiolirim\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{9BE6A3EE-5667-4017-B5D9-C83797F59CF4}] => C:\Users\Suiolirim\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{DF792DD1-43ED-41D2-9F57-849F45725C7F}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{EDE7D6F0-5871-4845-B1A5-D7E22B23FEE7}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{83C90927-DA80-406F-B96A-43CBA6B95C83}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{9CF67B40-23CD-4756-BDB7-8BEF5012481B}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{5782FB5B-74E0-47CF-8B86-66DF517A6204}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{E68A430B-2682-4D72-90C9-15B9B6847694}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{3FCDC4A2-7E0E-41D4-8A86-CAAC7770CE23}C:\program files (x86)\orbitdownloader\orbitnet.exe] => C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{4F1E5257-F211-4208-B9B4-038E24F101AE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{123CBE76-2CF1-4915-A0F9-FD5CB8948EEE}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{A5042C3D-F620-42A4-A380-8F90788CFD4B}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{B2407D88-C8FB-47EF-86BD-6EF9D0F5F96F}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{CD37A3F8-B1F9-414D-98C5-13ED42373B90}C:\program files (x86)\icq6.5\icq.exe] => C:\program files (x86)\icq6.5\icq.exe
FirewallRules: [TCP Query User{01CF36B3-53D7-48B4-9B03-3251C957E619}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{0D6B3718-AF62-4995-A42C-634B511D87E3}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{368B8E69-5C8A-4808-8689-91DD33666A80}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [UDP Query User{C8CF3C1D-C545-4CE2-8B24-3180A6C42E23}C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe] => C:\users\Suiolirim\desktop\spiele\soldat\soldat.exe
FirewallRules: [TCP Query User{96F4B891-987E-452A-8688-2A1AE5AB2450}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe
FirewallRules: [UDP Query User{39A261AC-57D7-4222-9865-41279AA2CEEF}C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\codemasters\der herr der ringe online\lotroclient.exe
FirewallRules: [TCP Query User{4A0BEB63-24CD-42F3-82EF-2AC6D1272F5A}C:\program files (x86)\lf2_v2.0a\lf2.exe] => C:\program files (x86)\lf2_v2.0a\lf2.exe
FirewallRules: [UDP Query User{B7159DF2-A378-4D19-885B-060C67C4736B}C:\program files (x86)\lf2_v2.0a\lf2.exe] => C:\program files (x86)\lf2_v2.0a\lf2.exe
FirewallRules: [{F053A9A1-EC50-494B-A6ED-30DED1174676}] => C:\Program Files (x86)\Electronic Arts\BattleForge\Bootstrapper.exe
FirewallRules: [{ECEF42B0-05D7-4A8B-B2D5-529BF3272D35}] => C:\Program Files (x86)\Electronic Arts\BattleForge\Bootstrapper.exe
FirewallRules: [{C254FA8F-C296-4875-88D9-F06A68F4FE1E}] => C:\Program Files (x86)\Electronic Arts\BattleForge\BattleForge.exe
FirewallRules: [{E4361063-FE81-404F-BD9A-C59F57562962}] => C:\Program Files (x86)\Electronic Arts\BattleForge\BattleForge.exe
FirewallRules: [TCP Query User{112D5F12-DE4E-4004-8692-A1ECBC54AE19}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [UDP Query User{6DBB1113-CA30-44DB-AA16-CC35918FCDCC}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [TCP Query User{1BE5DCA5-2A5E-40BF-921F-2839CF6F2E11}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [UDP Query User{B0B987FB-8864-4489-9068-8E6AB1310D4B}C:\program files (x86)\runes of magic\launcher.exe] => C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [TCP Query User{F749247B-CA0E-4BD7-96B0-6A58B58D4D5A}C:\program files (x86)\runes of magic\client.exe] => C:\program files (x86)\runes of magic\client.exe
FirewallRules: [UDP Query User{3FA3A994-70B0-4072-8782-FAC5B7DFA64F}C:\program files (x86)\runes of magic\client.exe] => C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{D4CA132A-27A4-4CE8-BF4E-62AFAD46B7E5}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{638F4C0A-FFDE-4F03-ACC5-5BCAC95116B4}] => C:\WINDOWS\Temp\~os2F79.tmp\ossproxy.exe
FirewallRules: [{B75C269B-90FA-44DE-9C34-18B2932F28EE}] => C:\WINDOWS\Temp\~osFF46.tmp\ossproxy.exe
FirewallRules: [{75F3DB81-1D2E-4B89-AF6A-CFF76E7E550F}] => C:\WINDOWS\Temp\~os9D29.tmp\ossproxy.exe
FirewallRules: [TCP Query User{EABC7109-3C89-4250-9A38-66678391F70E}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [UDP Query User{C23095AC-B05A-4868-8487-F461563ADD37}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [TCP Query User{C7D693FF-A488-4E11-BCEB-309D1EFD3E32}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [UDP Query User{61E89F01-72B1-4A94-91BA-E0AC0F6026C8}C:\soldat\soldat.exe] => C:\soldat\soldat.exe
FirewallRules: [TCP Query User{E3A69D0F-B2B8-4EB6-A704-D25F25197AB9}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [UDP Query User{47FE9A67-8C3A-42C1-A50E-B79A49945843}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [TCP Query User{C78CB71C-CC8F-4B76-ABF5-3D595AAB70F1}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [UDP Query User{2FAB23CD-A439-4EF8-AE65-5D7F7A462F36}C:\soldat1.5\soldat.exe] => C:\soldat1.5\soldat.exe
FirewallRules: [{0FDC3F9C-04FE-492A-A79A-B02FAFE579F7}] => C:\Users\Suiolirim\AppData\Local\Temp\7zSE4C4.tmp\SymNRT.exe
FirewallRules: [{06C28427-8487-4CB0-9142-EDC4AFC7F72F}] => C:\Users\Suiolirim\AppData\Local\Temp\7zSE4C4.tmp\SymNRT.exe
FirewallRules: [{97CDE443-BC5A-421B-8A8A-3BB20F7DB2AE}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
FirewallRules: [{F0BD004A-576A-4377-9316-4ADD7FF18DC5}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe
FirewallRules: [{FEC2E465-A314-4324-B91A-81E6BC2BCFA3}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{1D41AFF8-7624-4CC3-AF42-9062E776303E}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{EE479594-F653-4E16-B152-F8F14AFC937E}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{838348B6-1652-4D24-A732-DC46BC18CF50}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{E0289FFB-3EEF-4184-922D-0C8B46E30345}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{D8BD6308-CA1E-4029-B10D-B57683C3B311}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{AD13FE61-E214-4308-821B-52C3707F9AB6}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{8F00C1CB-3CA1-4895-9442-ABE57F581F08}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{4BE23B6B-C2FF-4CFF-880C-95309DB9787A}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{E3B6BD91-6567-47E3-ADAE-735B8943CEA1}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B92DEA49-6D76-4240-A313-E31E422B5115}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B62C89A7-6336-4307-A8B7-0E39807DFA7A}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{B659E396-83DD-4484-A277-C39F12E853BD}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS681B.tmp\SymNRT.exe
FirewallRules: [{F576D727-7DEA-4496-A354-9BEDE7ADD1B2}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS681B.tmp\SymNRT.exe
FirewallRules: [{945CB294-6051-49AF-923F-43C432A68E10}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS5F26.tmp\SymNRT.exe
FirewallRules: [{4C6E9204-A037-420E-80BA-417E429CC713}] => C:\Users\Suiolirim\AppData\Local\Temp\7zS5F26.tmp\SymNRT.exe
FirewallRules: [{0B2B42F7-1871-4B4E-BB35-828F2F9F8B1B}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{CBC7A2CD-E43E-4F6E-B6DA-9B28A5F44391}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{2AF45CE1-7A03-44D4-BBD6-7DCB490D5436}] => C:\Program Files (x86)\BitTorrent\bittorrent.exe
FirewallRules: [{070BA28A-1491-44DC-84B4-B20EBEDF6629}] => C:\Program Files (x86)\BitTorrent\bittorrent.exe
FirewallRules: [TCP Query User{DF740346-0168-4F28-80D6-69CD84AB20AA}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{4FD0DC72-B64A-4A45-8132-F59C028EEFFB}C:\program files (x86)\valve\hl.exe] => C:\program files (x86)\valve\hl.exe
FirewallRules: [{E2D0B330-83EF-4332-8FA5-D2CE9A8643CE}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{A5D3560A-694E-415D-9081-53F7DFA5A692}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{53FD7FE9-28FC-4296-8B83-78B173776DEC}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{FDCA922A-E158-4E38-8E22-086CDA408762}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{7BE0E932-197D-4407-A713-9C998D0E4E91}] => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{E4E5FE6A-3176-4185-B524-A97D09D3AEB7}] => C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{CD3846B0-EF6A-45D0-A183-CE5B3C61CADD}] => C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{3577C9B0-D9C5-45F3-9D0A-FA1F6F058BF0}] => C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C441440-1B93-4701-913F-41774EA23F6B}] => C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{30B7C787-CBAF-4048-9796-DE3133FF112C}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe] => C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe
FirewallRules: [UDP Query User{8912F681-8E06-4AF3-B489-746C21EAB615}C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe] => C:\program files (x86)\usarmy\america's army 3\binaries\aa3game.exe
FirewallRules: [TCP Query User{96A221CB-F866-41A0-BE68-B18361907904}C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe] => C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe
FirewallRules: [UDP Query User{8B96A856-917C-4C6E-AD79-7AC5E155C364}C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe] => C:\users\Suiolirim\downloads\fogdownloader-rom_2_1_0_1871.exe
FirewallRules: [{D32E0499-661A-4779-8E26-5B587243BE7B}] => C:\Cs 1.6\Steam.exe
FirewallRules: [{FB6F4FD6-12BF-4D44-B281-8F4875B3124B}] => C:\Cs 1.6\Steam.exe
FirewallRules: [{D9EBE7F8-0324-4189-A9D6-EBB773C17F86}] => C:\Users\Suiolirim\AppData\Local\Temp\ijjiOptimizer.exe
FirewallRules: [{5BC5D678-A2FF-4647-B859-57F6E347DDCC}] => C:\Users\Suiolirim\AppData\Local\Temp\ijjiOptimizer.exe
FirewallRules: [TCP Query User{6385691A-9447-42C9-9B2E-B18E5D7DC435}C:\soldat2\soldat.exe] => C:\soldat2\soldat.exe
FirewallRules: [UDP Query User{3863E502-4198-464C-92B6-1F301BDCA9A8}C:\soldat2\soldat.exe] => C:\soldat2\soldat.exe
FirewallRules: [TCP Query User{698BE46D-87A0-430F-8586-23D12B1973AB}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [UDP Query User{DE05E973-9F2B-4456-ACF8-74AEF60577B7}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [TCP Query User{F2A7F3FC-EC6F-4171-94E6-924BC4F2FCEF}C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{7389077C-02F9-4FEA-AA26-BCFBBF712AE2}C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex03.799\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{DB6D63B3-092B-4426-ACC1-9DB22C3D4562}C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{2C0D4C1D-4428-41A9-ACD8-5AA5618786A5}C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe] => C:\users\Suiolirim\appdata\local\temp\rar$ex07.944\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{907CFEAA-1FF5-429F-821E-48D9A9F84A19}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{4A6C56D9-EDD1-4D26-B9DE-8C743448EB0A}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{C56193DC-E430-49A5-A8D4-4A4763E60F63}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{B1CA55F8-2A25-4619-87C9-EF2E0E1C993B}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{A4EB908A-D57C-44C7-89A2-77DADF45D973}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{6295282A-53FC-4AE1-A484-36D5BB4B92E6}] => C:\Program Files (x86)\League of Legends\Air\LolClient.exe
FirewallRules: [{CE6702D4-9DD4-49BC-B0A8-AF958F71E4AF}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [{E29F5297-E873-42A0-A8D1-CE09E5A500C4}] => C:\Program Files (x86)\League of Legends\Game\League of Legends.exe
FirewallRules: [TCP Query User{1CFE621F-1CEB-4D76-AF71-0E4BDBA192AB}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [UDP Query User{97B0F469-9067-448C-A18C-2A09B05D25C7}C:\users\Suiolirim\desktop\soldat\soldat.exe] => C:\users\Suiolirim\desktop\soldat\soldat.exe
FirewallRules: [{F10C861E-DC16-4269-9F30-AB88FE56A749}] => C:\Games\air\LolClient.exe
FirewallRules: [{04B84668-252C-4FDD-92ED-23C2734E1628}] => C:\Games\air\LolClient.exe
FirewallRules: [{8FDA3253-ED10-42EC-BB6C-EA6C9BD53C16}] => C:\Games\game\League of Legends.exe
FirewallRules: [{B07DED30-29DB-4594-B74D-FC2534A04BBE}] => C:\Games\game\League of Legends.exe
FirewallRules: [TCP Query User{BEBBC708-6C78-4F37-8031-EB723B05801E}C:\program files (x86)\heroes of newerth\hon.exe] => C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [UDP Query User{788B43DE-D4B1-4EA7-B4AD-8F282F438BCE}C:\program files (x86)\heroes of newerth\hon.exe] => C:\program files (x86)\heroes of newerth\hon.exe
FirewallRules: [{6520B0AA-EC1D-4B8C-BB1C-111610C5CA53}] => C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{8D9EFAD6-AF8D-4146-A93F-D027958A96E3}] => C:\Program Files (x86)\theHunter\launcher\launcher.exe
FirewallRules: [{F7FEE872-64ED-4AF5-A018-D30D370C75E4}] => C:\Program Files (x86)\theHunter\game\theHunter.exe
FirewallRules: [{2B9C99B5-0242-4B3E-B995-965A00372346}] => C:\Program Files (x86)\theHunter\game\theHunter.exe
FirewallRules: [TCP Query User{EF27C3D8-398E-40A4-ADDC-D8BC95C3F684}C:\program files (x86)\devpro\devpro_lan.exe] => C:\program files (x86)\devpro\devpro_lan.exe
FirewallRules: [UDP Query User{33CAA96D-1711-4FFD-BD56-4F46464F9924}C:\program files (x86)\devpro\devpro_lan.exe] => C:\program files (x86)\devpro\devpro_lan.exe
FirewallRules: [TCP Query User{A9ED4002-7A57-48E7-B795-30595ACA2EA2}C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe
FirewallRules: [UDP Query User{06EB48A4-5422-4CAC-9EB9-9C7FAD04D9F8}C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe] => C:\program files (x86)\ubisoft\heroes of might and magic v\bina1\h5_game.exe
FirewallRules: [TCP Query User{3EC0E2CF-DEA9-4C51-9947-CEC76A765BD2}C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe] => C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe
FirewallRules: [UDP Query User{61612DA4-F1E5-4BD4-B209-1133759DD96E}C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe] => C:\program files (x86)\devpro\ygopro_vs_ai_debug.exe
FirewallRules: [{FF9E5FDA-BF4C-4041-AD35-BF85E2AEC875}] => C:\Program Files (x86)\Activision\Spider-Man - Web of Shadows\image\pc\Spider-Man Web of Shadows.exe
FirewallRules: [{125FF535-789C-4856-AF6F-B0A8D4168A4A}] => C:\Program Files (x86)\Activision\Spider-Man - Web of Shadows\image\pc\Spider-Man Web of Shadows.exe
FirewallRules: [TCP Query User{C3C08D20-40B9-4675-BDA3-93BD1A4BD83D}C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe] => C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe
FirewallRules: [UDP Query User{E3419AF2-CB6B-4F5F-937C-26446748B66B}C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe] => C:\program files (x86)\steam\steamapps\common\metro 2033\metro2033benchmark.exe
FirewallRules: [{86D92C95-CDD9-43F2-A13A-2A5002859A92}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{043BEABF-FD86-4D68-955F-EC4F131C1CD4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A0698A7-E529-4834-BBA6-49D2CA1AEEFB}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3A5EB6FB-71DD-441E-9A9C-CEE72EC3D1DC}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5A813D49-D9EE-4303-9EDB-10C53A4EEF09}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6160C656-30EA-49C3-8AF7-72C4EDAEEA49}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BDCD0FCC-DB7C-4E5F-BA4E-6BB3D428B3D4}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C80D91EE-8854-4F93-A790-C0D2F5E91F86}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{AA8A4988-CF3B-4B39-B274-13612F249C17}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{1CB2C1FC-38D6-4D67-839F-F21388A3121E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{17C163B0-538E-48B5-A435-00E01A3D1C3D}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{616442F7-6FDF-4877-81BC-71C628B02919}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{A649B2CB-C0AE-4CC7-89D7-41274F5192B7}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{90D4E229-023D-4A84-8DD2-22A361919B0D}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{4215572E-1F7F-4C55-BFBB-F4377BB41D7F}] => C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FirewallRules: [{91427663-C98B-4251-914A-6A3778B9A534}] => C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe

==================== Wiederherstellungspunkte =========================

21-03-2016 21:29:25 Geplanter Prüfpunkt
24-04-2016 17:08:43 Removed QuickTime
07-07-2016 12:36:22 Geplanter Prüfpunkt
25-08-2016 16:28:07 Geplanter Prüfpunkt
23-10-2016 13:29:11 Geplanter Prüfpunkt
25-10-2016 21:44:18 Geplanter Prüfpunkt
24-12-2016 17:40:21 Removed Java 7 Update 45
24-12-2016 17:43:16 Removed QuickTime
24-12-2016 18:59:16 Removed Apple Application Support
24-12-2016 19:04:32 Removed Apple Software Update
24-12-2016 19:57:24 Installed AVG 2016
24-12-2016 19:58:19 Installed AVG
25-12-2016 14:56:40 Geplanter Prüfpunkt
25-12-2016 15:05:04 Removed System Requirements Lab CYRI
25-12-2016 15:06:28 ??????? Counter-Strike 1.6
25-12-2016 15:07:01 chip 1-click download service wurde entfernt.
25-12-2016 17:08:42 Windows-Modulinstallation
26-12-2016 17:45:49 Windows Update
26-12-2016 18:21:53 Windows Update
26-12-2016 21:46:53 Windows Update
27-12-2016 12:24:55 Windows Update
28-12-2016 11:00:29 Geplanter Prüfpunkt
29-12-2016 18:41:34 Geplanter Prüfpunkt
30-12-2016 21:52:47 OpenOffice 4.0.1 wird entfernt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #5
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #6
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #7
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #8
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-6zu4-Adapter #9
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/31/2016 12:32:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Suiolirim\Desktop\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (12/30/2016 04:44:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Suiolirim\Desktop\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (12/30/2016 04:44:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Suiolirim\Desktop\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (12/30/2016 04:44:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Suiolirim\Desktop\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (12/30/2016 03:42:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (12/30/2016 11:57:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Suiolirim\Desktop\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (12/30/2016 11:57:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Suiolirim\Desktop\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (12/30/2016 11:57:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Suiolirim\Desktop\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (12/30/2016 11:57:14 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Suiolirim\Desktop\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (12/30/2016 11:57:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Suiolirim\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.


Systemfehler:
=============
Error: (12/31/2016 12:32:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "UPnP-Gerätehost" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (12/31/2016 12:32:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/31/2016 12:32:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/31/2016 12:32:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/31/2016 12:32:09 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/31/2016 12:32:09 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/31/2016 12:32:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/31/2016 12:29:15 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (12/31/2016 12:03:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "UPnP-Gerätehost" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (12/31/2016 12:03:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


CodeIntegrity:
===================================
  Date: 2016-12-31 12:48:34.619
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-31 12:48:33.667
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-31 12:48:32.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-31 12:48:32.076
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-31 12:48:31.015
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-31 12:48:30.017
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-31 12:48:29.049
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-31 12:48:28.269
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-31 12:45:58.197
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-31 12:45:57.168
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) 9650 Quad-Core Processor
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 4093.58 MB
Verfügbarer physikalischer RAM: 2182.4 MB
Summe virtueller Speicher: 10135.08 MB
Verfügbarer virtueller Speicher: 7910.68 MB

==================== Laufwerke ================================

Drive c: (HP) (Fixed) (Total:582.63 GB) (Free:334.89 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.54 GB) (Free:1.83 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=582.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Suiolirim (31-12-2016 12:23:31) Run:2
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Geladene Profile: Suiolirim (Verfügbare Profile: Suiolirim)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
GroupPolicy\User: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
FF NetworkProxy: Mozilla\Firefox\Profiles\bysl5o0l.default -> no_proxies_on", ""
S2 F-Secure Gatekeeper Handler Starter; "C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe" [X]
S3 FSDFWD; "C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe" [X]
S2 FSMA; "C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE" [X]
S3 FSORSPClient; "C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe" [X]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [X]
S1 Beep; kein ImagePath
U0 aswVmm; kein ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 dump_wmimmc; \??\C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys [X]
S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Corporate Edition\kerneld.amd64 [X]
S3 F-Secure Gatekeeper; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [X]
S1 F-Secure HIPS; \??\C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [X]
S1 fsvista; \??\C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x64\Sandra.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\SUIOLIRIM\AppData\Local\Temp\001408.tmp [X]
C:\Windows\SysWOW64\runouce.exe
Task: {1999CD70-9319-4CFE-A0BA-D9C090D34E00} - System32\Tasks\{BEE4217B-8ABE-4656-AF30-A1E53573390E} => pcalua.exe -a C:\Users\Suiolirim\Downloads\codec_sniper.exe -d C:\Users\Suiolirim\Downloads
Task: {371EDA46-91D3-487E-8BFB-AD3438044152} - System32\Tasks\{C47CCFEC-B5BF-4BDC-B6AC-ECF2C3FFBE23} => pcalua.exe -a C:\Users\Suiolirim\Downloads\sp39950.exe -d C:\Users\Suiolirim\Downloads
Task: {69DE6AF7-90C9-49F6-AD87-448F63F65C7B} - System32\Tasks\{8882EA47-8D98-4195-8E81-8829D8EE1259} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {CE551541-E9D7-4613-AC11-CAD718A79641} - System32\Tasks\{427676C2-46CD-43AE-B1E5-74F84C5F9AEB} => pcalua.exe -a E:\eauninstall.exe -d E:\
Task: {E396FCA1-66F1-4B58-A20C-846BE4DB237A} - System32\Tasks\{473F0C77-2CCD-4EDB-BA86-019EA51AA096} => pcalua.exe -a "C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe" -d "C:\Program Files (x86)\ICQ6Toolbar"
Task: {F0C531CD-5438-4DB3-8688-84F50D9FD370} - System32\Tasks\{CE75FCDC-B7D3-434D-8B4F-3FDBAF6014C1} => pcalua.exe -a C:\Users\Suiolirim\Downloads\UDKInstall-UncleFred.exe -d C:\Users\Suiolirim\Downloads
AlternateDataStreams: C:\ProgramData\TEMP:07BF512B [286]
AlternateDataStreams: C:\ProgramData\TEMP:364682BC [234]
AlternateDataStreams: C:\ProgramData\TEMP:BD36345D [200]
C:\ProgramData\ICQ
[-HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}]
[-HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}]
[-HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}]
[-HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}]
[-HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975}]
[-HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing]

emptytemp:
         
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\AllowLegacyWebView => Wert erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\AllowUnhashedWebView => Wert erfolgreich entfernt
C:\Windows\system32\GroupPolicy\User => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
"HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
Firefox Proxy-Einstellungen wurden zurückgesetzt
F-Secure Gatekeeper Handler Starter => Dienst erfolgreich entfernt
FSDFWD => Dienst erfolgreich entfernt
FSMA => Dienst erfolgreich entfernt
FSORSPClient => Dienst erfolgreich entfernt
SandraAgentSrv => Dienst erfolgreich entfernt
Beep => Dienst erfolgreich entfernt
aswVmm => Dienst erfolgreich entfernt
catchme => Dienst erfolgreich entfernt
cpuz135 => Dienst erfolgreich entfernt
dump_wmimmc => Dienst erfolgreich entfernt
EverestDriver => Dienst erfolgreich entfernt
F-Secure Gatekeeper => Dienst erfolgreich entfernt
F-Secure HIPS => Dienst erfolgreich entfernt
fsvista => Dienst erfolgreich entfernt
IpInIp => Dienst erfolgreich entfernt
Lbd => Dienst erfolgreich entfernt
NwlnkFlt => Dienst erfolgreich entfernt
NwlnkFwd => Dienst erfolgreich entfernt
PCD5SRVC{8AAF211B-043E02A9-05040000} => Dienst erfolgreich entfernt
PcdrNdisuio => Dienst erfolgreich entfernt
SANDRA => Dienst erfolgreich entfernt
WinRing0_1_2_0 => Dienst erfolgreich entfernt
X6va001 => Dienst erfolgreich entfernt
C:\Windows\SysWOW64\runouce.exe => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1999CD70-9319-4CFE-A0BA-D9C090D34E00}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1999CD70-9319-4CFE-A0BA-D9C090D34E00}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{BEE4217B-8ABE-4656-AF30-A1E53573390E} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BEE4217B-8ABE-4656-AF30-A1E53573390E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{371EDA46-91D3-487E-8BFB-AD3438044152}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{371EDA46-91D3-487E-8BFB-AD3438044152}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{C47CCFEC-B5BF-4BDC-B6AC-ECF2C3FFBE23} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C47CCFEC-B5BF-4BDC-B6AC-ECF2C3FFBE23}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69DE6AF7-90C9-49F6-AD87-448F63F65C7B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69DE6AF7-90C9-49F6-AD87-448F63F65C7B}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{8882EA47-8D98-4195-8E81-8829D8EE1259} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8882EA47-8D98-4195-8E81-8829D8EE1259}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE551541-E9D7-4613-AC11-CAD718A79641}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE551541-E9D7-4613-AC11-CAD718A79641}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{427676C2-46CD-43AE-B1E5-74F84C5F9AEB} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{427676C2-46CD-43AE-B1E5-74F84C5F9AEB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E396FCA1-66F1-4B58-A20C-846BE4DB237A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E396FCA1-66F1-4B58-A20C-846BE4DB237A}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{473F0C77-2CCD-4EDB-BA86-019EA51AA096} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{473F0C77-2CCD-4EDB-BA86-019EA51AA096}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0C531CD-5438-4DB3-8688-84F50D9FD370}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0C531CD-5438-4DB3-8688-84F50D9FD370}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{CE75FCDC-B7D3-434D-8B4F-3FDBAF6014C1} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CE75FCDC-B7D3-434D-8B4F-3FDBAF6014C1}" => Schlüssel erfolgreich entfernt
C:\ProgramData\TEMP => ":07BF512B" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":364682BC" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":BD36345D" ADS erfolgreich entfernt.
C:\ProgramData\ICQ => erfolgreich verschoben
HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0} => konnte nicht entfernt werden Schlüssel. ErrorCode: 0xC0000033
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} => konnte nicht entfernt werden Schlüssel.: incorrect path. 
HKU\S-1-5-21-1653470619-1168622029-2061882709-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing => Schlüssel erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3540034 B
Java, Flash, Steam htmlcache => 1035 B
Windows/system/drivers => 20016465 B
Edge => 0 B
Chrome => 711335026 B
Firefox => 47859967 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 0 B
ProgramData => 0 B
systemprofile => 65960 B
systemprofile32 => 1506 B
LocalService => 66228 B
LocalService => 0 B
NetworkService => 67160 B
NetworkService => 0 B
Suiolirim => 301965244 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 12:29:04 ====
         
Kannst du mir bitte verraten , was alles entfernt wurde?

Geändert von Suiolirim (31.12.2016 um 13:04 Uhr)

Alt 31.12.2016, 16:56   #23
burningice
/// Malwareteam
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Hauptsächlich Kosmetik (leere Einträge) und bisschen Adware

Schritt: 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
file: C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe
file: C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt: 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 31.12.2016, 22:05   #24
Suiolirim
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Suiolirim (31-12-2016 18:20:33) Run:3
Gestartet von C:\Users\Suiolirim\Desktop\Desktop
Geladene Profile: Suiolirim (Verfügbare Profile: Suiolirim)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
file: C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe
file: C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
         
*****************


========================= file: C:\Users\Suiolirim\AppData\Local\Google\Chrome\Application\chrome.exe ========================

Datei ist digital signiert
MD5: 06FAA58219BF8B6D1BC25C2783763E11
Erstellungs- und Änderungsdatum: 2010-05-26 13:15 - 2016-04-06 11:05
Größe: 0874648
Attribute: ----A
Firmenname: Google Inc.
Interne Name: chrome_exe
Original Name: chrome.exe
Produkt: Google Chrome
Beschreibung: Google Chrome
Datei Version: 49.0.2623.112
Produkt Version: 49.0.2623.112
Urheberrecht: Copyright 2015 Google Inc. All rights reserved.

====== Ende von File: ======


========================= file: C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe ========================

Datei ist digital signiert
MD5: 408DDD80EEDE47175F6844817B90213E
Erstellungs- und Änderungsdatum: 2009-02-04 13:54 - 2011-09-14 18:35
Größe: 0194104
Attribute: ----A
Firmenname: Google
Interne Name: gusvc
Original Name: GoogleUpdaterService.exe
Produkt: Google Updater
Beschreibung: gusvc
Datei Version: 2.4.2432.1652.beta
Produkt Version: 2.4.2432.1652.beta
Urheberrecht: ©2005-2006 Google. All Rights Reserved.

====== Ende von File: ======


==== Ende von Fixlog 18:20:33 ====
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=60b0beaa0a18804ea4e6be06afc5f06c
# end=init
# utc_time=2016-12-31 05:24:20
# local_time=2016-12-31 06:24:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 31916
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=60b0beaa0a18804ea4e6be06afc5f06c
# end=updated
# utc_time=2016-12-31 05:25:16
# local_time=2016-12-31 06:25:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=60b0beaa0a18804ea4e6be06afc5f06c
# engine=31916
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-31 08:09:38
# local_time=2016-12-31 09:09:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 119881 320738884 0 0
# scanned=343161
# found=4
# cleaned=0
# scan_time=9861
sh=04EC8A07BF983CB8814CC0F6B6C64E5364A62892 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.AT evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\ConduitCommon\modules\3.5.0.12\SearchProtector.jsm.vir"
sh=1375DE55437E815574B7BE56CFD3DE9428ED205D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.AT evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\ConduitCommon\modules\3.6.0.10\SearchProtector.jsm.vir"
sh=FE982B3F3F3C4B74A9E1B55BFC0F4059E1CC205A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.AT evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\ConduitCommon\modules\3.7.0.6\SearchProtector.jsm.vir"
sh=2ACEA095EA0B95808EE81D3E6EC2246821E5C557 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.AT evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Suiolirim\AppData\Roaming\Mozilla\Firefox\Profiles\bysl5o0l.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\SearchProtector.jsm.vir"
         
Ich wünsche euch allen ein frohes neues Jahr.

Alt 02.01.2017, 13:51   #25
burningice
/// Malwareteam
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Dir auch ein frohes neues Jahr!

Also ich sehe hier keinerlei Anzeichen für eine Infektion die deine AVG Meldung rechtfertigen würde.

Lesestoff:
Sicherheitsrisiko durch Windows Vista

Auf deinem Rechner läuft noch Windows Vista. Microsoft hat dieses Betriebssystem bereits 2006 veröffentlicht und stellt den Support endgültig ab April 2017 ein, d.h. ab Mai 2017 gibt es keine weiteren Updates mehr und danach gefundene Lücken werden nicht mehr durch Updates/Hotfixes geschlossen werden können.

Voraussetzung für den Support deiner Vista-Installation sind das Service Pack 2 und der für Vista letzte unterstützte Internet Explorer (IE9). Neuere IE-Versionen (IE10/IE11) oder gar der IE-Nachfolger edge sind unter Vista nicht möglich. Es kann passieren, dass viele Virenscanneranbieter Windows Vista in Kürze nicht mehr berücksichtigen und du somit auch nicht mehr deinen favorisierten Virenscanner verwenden kannst, zB Emsisoft siehe https://helpdesk.emsisoft.com/Knowle...gefuhrt-werden

Auch bei künftigen Browsern muss man damit rechnen, dass diese unter Vista nicht mehr funktionieren; bei Google Chrome ist das ab Version 50 also seit April 2016 der Fall vgl. https://heise.de/-3174788


Mit Windows Vista nach April 2017 zu surfen wird damit ein großes Sicherheitsrisiko. Ich rate dazu, Vista umgehend durch ein aktuelleres OS zu ersetzen.



Die Logs von deinem Rechner sehen jetzt für mich sauber aus: Herzlichen Glückwunsch - du bist Clean



Zum Schluss müssen wir noch etwas aufräumen und ich gebe dir ein paar Hinweise mit auf den Weg:

Wichtig: Entfernen der verwendeten Tools
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Malwarebytes Anti-Malware (gratis Version) und ESET kannst du als Ergänzung zu deiner bestehenden Antivirus-Lösung auf dem Computer belassen und deinen Computer damit regelmäßig scannen.


Persönliche Empfehlungen
Das wichtigste zu erst:
  • Aktiviere unbedingt die automatischen Updates von Windows und stelle auch sicher, dass diese regelmäßig installiert werden.
  • Aktiviere immer eine Firewall - die in Windows integrierte reicht dazu vollkommen aus.
  • Verwende immer ein Antivirenprogramm und stelle sicher, dass es sich regelmäßig aktualisiert.

    Wenn du kein Geld ausgeben möchtest, empfehle ich dir auf Windows 8.1 bzw. Windows 10 einfach den Defender zu benutzen. Solltest du noch Windows 7 verwenden, verwende als kostenlose Lösung die Microsoft Security Essentials.
    Andere kostenlose Software wie Avira, AVG, Avast und dergleichen verwenden leider häufig Nutzerdaten: Virenschutz verkauft Nutzerdaten


    Wenn dir etwas besserer Schutz etwas wert ist, um so auch optimalerweise ganz neue Schadsoftware zu erkennen, empfehle ich dir eine der folgenden Lösungen:


Schutz vor unerwünschter Software
Adware ist zu einer Art permanenten Bedrohung geworden, weil immer mehr Programme versuchen, einem beim Installieren noch was anderes unterzujubeln - und wie schnell hat man da ein Häkchen übersehen?

Darum: pass auf, wenn du dir Software aus dem Internet herunterlädst! Viele Portale im Internet wie Chip, Softonic und Sourceforge versuchen häufig, dir Adware oder sonstige Downloader mit unerwünschten Programmen unterzujubeln. Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal, wie von FilePony.de.
Lese dir dazu auch folgenden Artikel durch: CHIP-Installer - was ist das? - Anleitungen

Selbst wenn du ein Programm von einer seriösen Quelle heruntergeladen hast, ist das keine Garantie, dass dein Programm nicht doch versucht, unerwünschte Änderungen an deinem Computer vorzunehmen. So versuchen immer mehr Programme, durch modifizierte Installationsroutinen unerwünschte Programme mit auf deinen PC zu schleusen. Das klappt leider auch häufig, weil viele Anwender nicht lesen, was auf dem Bildschirm steht und stattdessen schnell durchklicken.
Deshalb: Wenn du ein Programm installierst, wähle immer die benutzerdefinierte Installation und schaue, was du da gerade eigentlich alles mit einem Klick auf "Ok" oder "Weiter" abnickst - entferne entsprechend die Haken bei Dingen, die du nicht möchtest. Wer lesen kann, ist klar im Vorteil!



Tipps, um dein System sicherer zu machen
Halte immer deine Plug-ins und Software, insbesondere deinen Browser aktuell. Deinstalliere wenn möglich Java und den Adobe Flashplayer von deinem Computer. Neuerdings benötigt man sie fast nie mehr und stellen darum nur mehr eine unnötige Sicherheitslücke auf deinem Computer dar. Wenn du sie doch unbedingt benötigst, halte sie aber unbedingt aktuell.


Passwörter
Ändere regelmäßig deine Passwörter! Zudem musst du sichere Passwörter benutzen, das bedeutet: mindestens 8 Zeichen, Groß- und Kleinbuchstaben und Sonderzeichen.
Ganz wichtig: benutze pro Account ein anderes Passwort!
Tipp: Benutze einen Spruch, den du dir leicht merken kannst, als Hilfe für ein Passwort! Zum Beispiel: Der Himmel ist blau und wenn es regnet?-grau ==> DHibuwer?-grau


Unterstütze uns und empfiehl uns weiter

Du kennst Freunde und Bekannte, die Probleme mit ihrem Computer haben? Schick sie doch zu uns auf das Trojaner Board, wir helfen gerne

Wenn du uns mit einer Spende unterstützen möchtest, freuen wir uns sehr und dies kannst du hier tun: Spende - Trojaner-Board - Spendenkonto Herzlichen Dank dafür

Wir machen diese Tätigkeit hier freiwillig, darum freue ich mich besonders über ein kurzes Danke, wenn du mit mir zufrieden warest oder sonst über Verbesserungsvorschläge - das kannst du gerne hier machen

Besuche und like unsere Facebook-Seite!


Danke für deine Mitarbeit und alles Gute!

Bitte gib mir Bescheid, wenn du das alles gelesen hast und du keine weiteren Fragen mehr hast.
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 03.01.2017, 16:27   #26
Suiolirim
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



Herzlichen Dank für Ihre schnelle und kompetente Hilfe. Ich habe Ihre Empfehlungen zu Herzen genommen und unnötige als auch inaktuelle Programme deinstalliert. Außerdem benutze ich anstatt AVG von nun an ESET Smart Security Premium als Antivirenlösung.

Ich habe keine weiteren Fragen mehr und wünsche Ihnen alles Gute für das neue Jahr.

Liebe Grüße

Thomas

Alt 03.01.2017, 20:29   #27
burningice
/// Malwareteam
 
Windows Vista: AVG findet einen Rootkit - Standard

Windows Vista: AVG findet einen Rootkit



okay super, wünsche ich dir auch
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Antwort

Themen zu Windows Vista: AVG findet einen Rootkit
adobe, antivirus, avast, avg, combofix, defender, desktop, driver booster, entfernen, error, google, home, installation, kaspersky, mozilla, prozesse, realtek, registry, rootkit, scan, software, systemüberprüfung, teamspeak, vista, warnung, windows



Ähnliche Themen: Windows Vista: AVG findet einen Rootkit


  1. Windows 10: GMER Crashed Windows und findet rootkit
    Log-Analyse und Auswertung - 06.03.2016 (7)
  2. Windows Vista:ESET Findet Treffer trotz vorheriger Bereinigung mit Adw Cleaner und JRT
    Log-Analyse und Auswertung - 23.10.2015 (11)
  3. Windows Vista. Avira findet TR/Fareit.A.686
    Log-Analyse und Auswertung - 17.03.2015 (11)
  4. Hab ich einen Rootkit auf meinem Rechner?
    Plagegeister aller Art und deren Bekämpfung - 10.12.2014 (4)
  5. WINDOWS VISTA: AVIRA findet 'TR/Patched.Ren.Gen'
    Log-Analyse und Auswertung - 26.04.2014 (9)
  6. Windows Vista: Malwarebytes findet PUP.Optional.OpenCandy und Exploit.Drop.GS
    Log-Analyse und Auswertung - 26.03.2014 (8)
  7. Windows Vista-PC: Avira free Antivirus findet APPL/Downloader.Gen
    Log-Analyse und Auswertung - 10.02.2014 (5)
  8. Windows Vista: MBAM-Scan findet Schädlinge nach Identitätsdiebstahl
    Log-Analyse und Auswertung - 03.02.2014 (17)
  9. MBAM findet 11 Infektionen - u.a. Trojaner.Repacked (Windows Vista)
    Log-Analyse und Auswertung - 05.11.2013 (11)
  10. MBAM findet ct3297265\ism.exe (PUP.Optional.Conduit.A), Antivir nicht, Windows Vista, Computer scheint phasenweise sehr langsam
    Log-Analyse und Auswertung - 03.10.2013 (9)
  11. Windows 7, Malwarebytes findet 1 infizierte Datei: Trojan.PUP.Optional.FileScout.A, bei einen anderen Benutzer Pub.Optional.Open.Candy
    Log-Analyse und Auswertung - 30.08.2013 (32)
  12. Windows Vista PC zeigt nach dem Booten nur mehr einen weissen Bildschirm an
    Log-Analyse und Auswertung - 19.03.2013 (9)
  13. Avast! findet "Rootkit: hiddenfile" in meinem Windows Ordner
    Plagegeister aller Art und deren Bekämpfung - 05.08.2012 (1)
  14. habe (hatte) ich einen Rootkit?
    Plagegeister aller Art und deren Bekämpfung - 02.01.2011 (2)
  15. Zeigt mein LopSD log einen Rootkit?
    Plagegeister aller Art und deren Bekämpfung - 18.02.2010 (1)
  16. AVG findet Rootkit-Pakes.U in C:\WINDOWS\system32\drivers\atapi.sys
    Plagegeister aller Art und deren Bekämpfung - 05.11.2009 (10)
  17. Gmer meldet einen rootkit virus , msqpdxgeppfnhh.sys
    Log-Analyse und Auswertung - 18.01.2009 (3)

Zum Thema Windows Vista: AVG findet einen Rootkit - "Weitere Informationen" führt zu dieser Seite: What is a Generic virus? - AVG Threat Labs www.avgthreatlabs.com/us-en/virus-and-malware-information/content/generic-virus/ - Windows Vista: AVG findet einen Rootkit...
Archiv
Du betrachtest: Windows Vista: AVG findet einen Rootkit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.