Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.02.2017, 21:15   #1
High_one
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



Hallo,

ich glaube ich habe seit ca. 1 Woche immer wieder Malware auf dem Rechner und bin jetzt auf dieses Board gestossen.
Zum einen wurde über meinen Rechner auf mein Paypal Konto zugegriffen (da das Kennwort leider im Browser gespeichert war) und es wurden innerhalb von Minuten 7 Steam Gutscheine im Wert von je 50,- Euro gekauft. Mittlerweile habe ich es zum Glück von Paypal aber ersetzt bekommen.

Seitdem ist allerdings mein Windows Defender auch deaktiviert und kann nicht mehr eingeschaltet werden:
Fehlermeldung "diese App wurde über eine Gruppenrichtlinie deaktiviert"
Er hatte aber vor seiner "Deaktivierung" noch Schädlinge gemeldet, leider ging die Meldung zu schnell weg (ich konnte es mir nicht behalten).
Über die Einstellungen lässt er sich nun nicht mehr aktivieren.

Malwarebytes Anti Malware ist bei mir installiert und findet auch immer wieder was.
z.B. waren das Trotux, Winsnare, Bilibili und noch mehr (siehe LOG)
Zitat:
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2017/02/25 07:08:55 +0100</date>
<logfile>mbam-log-2017-02-25 (07-08-14).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.1.1043</version>
<malware-database>v2017.02.25.05</malware-database>
<rootkit-database>v2017.02.15.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>HIGHLANDER</hostname>
<ip>192.168.192.21</ip>
<osversion>Windows 10</osversion>
<arch>x64</arch>
<username>Daniel</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>custom</type>
<result>completed</result>
<objects>821604</objects>
<time>13347</time>
<processes>0</processes>
<modules>0</modules>
<keys>4</keys>
<values>1</values>
<datas>0</datas>
<folders>3</folders>
<files>3</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKU\S-1-5-21-1478581348-535765091-3593234125-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}</path><vendor>PUP.Optional.YTAdBlocker</vendor><action>success</action><hash>81a82f784464979f80fd203561a008f8</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4679B86E-8935-455E-850C-E95DCC2C0362}</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>delete-on-reboot</action><hash>5bceffa86444bb7b1c986bdc3dc417e9</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BikaQ_FetchAndUpgrade_CanBeDel</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>delete-on-reboot</action><hash>43e6aff8387047efeb474afeb051629e</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bilibili</path><vendor>Adware.Elex</vendor><action>success</action><hash>9297b5f2cade2a0cc7d81bd72dd36d93</hash></key>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4679B86E-8935-455E-850C-E95DCC2C0362}</path><valuename>Path</valuename><vendor>PUP.Optional.BikaQRssReader</vendor><action>delete-on-reboot</action><valuedata>\BikaQ_FetchAndUpgrade_CanBeDel</valuedata><hash>5bceffa86444bb7b1c986bdc3dc417e9</hash></value>
<folder><path>C:\Program Files (x86)\bilibili</path><vendor>Adware.Elex</vendor><action>success</action><hash>31f8f0b731776dc91ca749a70df3c040</hash></folder>
<folder><path>C:\Program Files (x86)\BikaQRssReader</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>success</action><hash>a0896443a701e55134d16dda52af3dc3</hash></folder>
<folder><path>C:\Program Files (x86)\WinSnare(4.1.0)</path><vendor>Adware.Elex</vendor><action>success</action><hash>91985552604869cdede0f262b34ec838</hash></folder>
<file><path>C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>success</action><hash>50d98324525650e64ee580c75da4669a</hash></file>
<file><path>C:\Program Files (x86)\BikaQRssReader\app.bikaQ.config</path><vendor>PUP.Optional.BikaQRssReader</vendor><action>success</action><hash>a0896443a701e55134d16dda52af3dc3</hash></file>
<file><path>C:\Program Files (x86)\WinSnare(4.1.0)\WinSnare.dll</path><vendor>Adware.Elex</vendor><action>success</action><hash>91985552604869cdede0f262b34ec838</hash></file>
</items>
</mbam-log>
SpyBot Search&Destroy hat z.B. auch diese Funde gemeldet:
Zitat:
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Macromedia.FlashPlayer.Cookies
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\admin.brightcove.com\MediaPreferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\affiliate.gameladen.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aka-cdn-ns.adtech.de\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\az731861.vo.msecnd.net\nexxCACHE_584.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\besttv39.cdn.it.best-tv.com\com.longtailvideo.jwplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\blackbird.zoomin.tv\flashCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\c.paypal.com\PayPalLSO.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\c4.ac-data.com\com.px24.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.flashtalking.com\ftLocalComms.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.flashtalking.com\FT_cookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.movad.net\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn1-ref-cl.amscontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn3-ref-cl.landing.comcontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn3.screen9.com\picsearch_user_session.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn5-ref-cl.amscontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ced.sascdn.com\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cfiles.5min.com\5minSessionTracker_www.huffingtonpost.de.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cfiles.5min.com\Storage5minCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\chatroulette.com\16chatroulette.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-castaclip.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-castaclip.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\se.videoplaza.kit.adplayer.adplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\delivery.fashiondaily.tv\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.fashiondaily.tv\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.freshmilk.tv\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\dizcdn.yobt.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\duapys4lcv8ju.cloudfront.net\settings.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\effektivesdating.info\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\embed.live-stream.tv\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\gadcreatives.mode.com\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\glatzenrechner.alpecin.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\i.bongacams.com\limit.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\images-eu.ssl-images-amazon.com\mercury.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\images-na.ssl-images-amazon.com\mercury.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\imagesrv.adition.com\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\members.bet365.com\FCE.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mpsnare.iesnare.com\stm.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\opf.ooyala.com\ima_adsets.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\oystatic.ignimgs.com\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth2.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth_id.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\perf.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pornsharing.com\tubeContextPlayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\publishing.kaloo.ga\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pxc1.adscale.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.yimg.com\com.conviva.livePass.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.yimg.com\com.yahoo.yep.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.ytimg.com\restore.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.ytimg.com\soundData.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\secureinclude.ebaystatic.com\ebayT.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\server072.20min-tv.ch\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\server072.20min-tv.ch\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\smava.postaffiliatepro.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\software.hiro.tv\HIRO_REPO.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ssl.hurra.com\restore.hurra.com.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\stake7.postaffiliatepro.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static-cdn1.ustream.tv\viewer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.allinviews.com\com.quantserve.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.medallia.com\medallia.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static1.dmcdn.net\com.dm.player.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\staticloads.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\taxi69.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\v4s.yimg.com\com.conviva.livePass.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\v4s.yimg.com\com.yahoo.yep.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.golem.de\golem_videoplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\hiro_companion_cookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\HIRO_NETWORK_CAPPING_COOKIE.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\US_FARM_lbviewster.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\US_FARM__STREMING_CLIENT_ID_COOKIE.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\webmaster.erotik.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.amateurseite.com\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cdkeys.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cellartracker.com\F2UTG.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.dailymotion.com\com.dm.player.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gameliebe.com\pap20.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gamers.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gamestar.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.hornbach.de\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.ikea.com\PAXplanner(2).sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\AdobeDynamicStream.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\naiad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.paypalobjects.com\PayPalLSO.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.paypalobjects.com\ppLsoTest.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pcgames.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pcgameshardware.de\analytics.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.spiegel.de\BandwidthCache.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\z.cdn.turner.com\com.turner.cvp.so.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\z.cdn.turner.com\octoshapeuserinfo.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aa.online-metrix.net\fpc.swf\session.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\counter.cam-content.com\visitCounter105.swf\lsps_local.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\delivery.fashiondaily.tv\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\videoplayerE.swf\dats.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\xembed7.swf\dats.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\xembed9.swf\dats.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\fapteentube.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\js.rating-widget.com\RatingWidget.swf\RatingWidget.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\lsps2007.cam-content.com\flowplayer.commercial-3.2.18.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ndirect.ppro.de\vft\clickIDs.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\securepaths.com\sp.swf\securepaths.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\swf.cam-content.com\evoChat2014_169.swf\muschiControl.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\swf.cam-content.com\evoVideoPlayerFree394.swf\evoAd_local.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\track.webgains.com\wg.swf\5930.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\uk.cdn-net.com\s.swf\_cc.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.18-schoolgirlz.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.18tube.xxx\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.ajaxcdn.org\swf.swf\dm_cookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cdn-net.com\s.swf\_cc.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.hotshame.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\#naiad\pure.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.perfektegirls.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pinkrod.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pornoid.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pornpropeller.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.sleazyneasy.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.youx.xxx\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\xxxdessert.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\a.affil.io\s\af.swf\afstorage.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aeu.alicdn.com\flash\JSocket.swf\kj.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\rtl.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\rtlbw.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\userinfo6.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\holiday_card.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\pushYetiShop.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\pwf_livesPop.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\receivedBoosterGifts.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn2.dashbida.com\prod\vpaid2-dbfp.swf\dbStore.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.fashiondaily.tv\static\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.freshmilk.tv\static\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\heias.com\x\heias_sc.swf\heias.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mp.ksta.de\bucket\novosense.swf\nodeforty_data.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mp.piano.noz.de\bucket\novosense.swf\nodeforty_data.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\movad.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\_mg549519bfa32bc606fe000007.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\_mg54d41f216e9552186d0000a0.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.zdf.de\latest\EmbeddedPlayer.swf\changeMe0815.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\publishing.kaloo.ga\media\flowplayer.commercial-3.2.18.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\rtl.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\rtlbw.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\userinfo6.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.xvideos.com\swf\flv_player_site_v4.swf\hexaplayerVolumeCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.empflix.com\embedding_player\player_v0.2.1.swf\flixstream_audio_settings.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.snacktv.de\vpaidplayer\vpaid.swf\SnackTV.sol
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www2.whatsupcams.com\fp\flowplayer.commercial.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\admin.brightcove.com\MediaPreferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\affiliate.gameladen.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aka-cdn-ns.adtech.de\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\az731861.vo.msecnd.net\nexxCACHE_584.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\besttv39.cdn.it.best-tv.com\com.longtailvideo.jwplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\blackbird.zoomin.tv\flashCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\c.paypal.com\PayPalLSO.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\c4.ac-data.com\com.px24.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.flashtalking.com\ftLocalComms.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.flashtalking.com\FT_cookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn.movad.net\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn1-ref-cl.amscontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn3-ref-cl.landing.comcontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn3.screen9.com\picsearch_user_session.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn5-ref-cl.amscontent.net\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ced.sascdn.com\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cfiles.5min.com\5minSessionTracker_www.huffingtonpost.de.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cfiles.5min.com\Storage5minCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\chatroulette.com\16chatroulette.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-castaclip.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-castaclip.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\com.videoplaza.adplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\de-ipd.cdn.videoplaza.tv\se.videoplaza.kit.adplayer.adplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\delivery.fashiondaily.tv\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.fashiondaily.tv\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.freshmilk.tv\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\dizcdn.yobt.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\duapys4lcv8ju.cloudfront.net\settings.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\effektivesdating.info\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\embed.live-stream.tv\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\gadcreatives.mode.com\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\glatzenrechner.alpecin.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\i.bongacams.com\limit.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\images-eu.ssl-images-amazon.com\mercury.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\images-na.ssl-images-amazon.com\mercury.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\imagesrv.adition.com\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\members.bet365.com\FCE.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mpsnare.iesnare.com\stm.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\opf.ooyala.com\ima_adsets.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\oystatic.ignimgs.com\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth2.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\auth_id.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.ooyala.com\perf.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pornsharing.com\tubeContextPlayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\publishing.kaloo.ga\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pxc1.adscale.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.yimg.com\com.conviva.livePass.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.yimg.com\com.yahoo.yep.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.ytimg.com\restore.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\s.ytimg.com\soundData.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\secureinclude.ebaystatic.com\ebayLSO.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\secureinclude.ebaystatic.com\ebayT.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\server072.20min-tv.ch\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\server072.20min-tv.ch\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\smava.postaffiliatepro.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\software.hiro.tv\HIRO_REPO.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ssl.hurra.com\restore.hurra.com.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\stake7.postaffiliatepro.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static-cdn1.ustream.tv\viewer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.allinviews.com\com.quantserve.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.medallia.com\medallia.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static1.dmcdn.net\com.dm.player.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\staticloads.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\taxi69.com\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\v4s.yimg.com\com.conviva.livePass.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\v4s.yimg.com\com.yahoo.yep.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.golem.de\golem_videoplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\hiro_companion_cookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\HIRO_NETWORK_CAPPING_COOKIE.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\US_FARM_lbviewster.hiro.tv_STREMING_CLIENT_ID_COOKIE.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\video.viewster.com\US_FARM__STREMING_CLIENT_ID_COOKIE.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\webmaster.erotik.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.amateurseite.com\MessengerBarCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cdkeys.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cellartracker.com\F2UTG.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.dailymotion.com\com.dm.player.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gameliebe.com\pap20.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gamers.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.gamestar.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.hornbach.de\com.jeroenwijering.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.ikea.com\PAXplanner(2).sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\AdobeDynamicStream.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\naiad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.paypalobjects.com\PayPalLSO.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.paypalobjects.com\ppLsoTest.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pcgames.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pcgameshardware.de\analytics.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.spiegel.de\BandwidthCache.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\z.cdn.turner.com\com.turner.cvp.so.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\z.cdn.turner.com\octoshapeuserinfo.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aa.online-metrix.net\fpc.swf\session.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\counter.cam-content.com\visitCounter105.swf\lsps_local.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\delivery.fashiondaily.tv\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\videoplayerE.swf\dats.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\xembed7.swf\dats.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\eu-st.xhamster.com\xembed9.swf\dats.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\fapteentube.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\js.rating-widget.com\RatingWidget.swf\RatingWidget.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\lsps2007.cam-content.com\flowplayer.commercial-3.2.18.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\ndirect.ppro.de\vft\clickIDs.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\securepaths.com\sp.swf\securepaths.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\swf.cam-content.com\evoChat2014_169.swf\muschiControl.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\swf.cam-content.com\evoVideoPlayerFree394.swf\evoAd_local.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\track.webgains.com\wg.swf\5930.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\uk.cdn-net.com\s.swf\_cc.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.18-schoolgirlz.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.18tube.xxx\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.ajaxcdn.org\swf.swf\dm_cookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.cdn-net.com\s.swf\_cc.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.hotshame.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.naiadsystems.com\#naiad\pure.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.perfektegirls.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pinkrod.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pornoid.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.pornpropeller.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.sleazyneasy.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.youx.xxx\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\xxxdessert.com\#kernelteam\preferences.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\a.affil.io\s\af.swf\afstorage.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\aeu.alicdn.com\flash\JSocket.swf\kj.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\rtl.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\rtlbw.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\bilder.rtl.de\flash\david09_player_20150112.swf\userinfo6.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\holiday_card.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\pushYetiShop.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\pwf_livesPop.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cc1.midasplayer.com\swf\CCMain.swf\receivedBoosterGifts.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\cdn2.dashbida.com\prod\vpaid2-dbfp.swf\dbStore.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.fashiondaily.tv\static\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\deliverybeta.freshmilk.tv\static\flowplayer.commercial-3.2.15.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\heias.com\x\heias_sc.swf\heias.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mp.ksta.de\bucket\novosense.swf\nodeforty_data.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\mp.piano.noz.de\bucket\novosense.swf\nodeforty_data.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\movad.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\_mg549519bfa32bc606fe000007.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\pagead2.googlesyndication.com\pagead\imgad\_mg54d41f216e9552186d0000a0.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\player.zdf.de\latest\EmbeddedPlayer.swf\changeMe0815.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\publishing.kaloo.ga\media\flowplayer.commercial-3.2.18.swf\org.flowplayer.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\rtl.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\rtlbw.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.clipfish.de\flash\clipfish_player_3.swf\userinfo6.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.xvideos.com\swf\flv_player_site_v4.swf\hexaplayerVolumeCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.empflix.com\embedding_player\player_v0.2.1.swf\flixstream_audio_settings.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www.snacktv.de\vpaidplayer\vpaid.swf\SnackTV.sol
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Z9877E7E\www2.whatsupcams.com\fp\flowplayer.commercial.swf\org.flowplayer.sol
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Win32.Graftor
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\help
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\help
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Win32.Trotux
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\help
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}\ffd
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}\chd
[+] 17-02-19 21:46:38 Moving into quarantine C:\Users\Daniel\AppData\Local\Anopert\
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\help
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}\ffd
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}\chd
[+] 17-02-19 21:46:38 Successfully cleaned C:\Users\Daniel\AppData\Local\Anopert\
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product DoubleClick
[+] 17-02-19 21:46:38 Moving into quarantine Cookie (Firefox: Daniel (default)).doubleclick.net/ (id)
[+] 17-02-19 21:46:38 Moving into quarantine Cookie (Firefox: Daniel (default)).doubleclick.net/ (IDE)
[+] 17-02-19 21:46:38 Successfully cleaned Cookie (Firefox: Daniel (default)).doubleclick.net/ (id)
[+] 17-02-19 21:46:38 Successfully cleaned Cookie (Firefox: Daniel (default)).doubleclick.net/ (IDE)
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Internet Explorer
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\TypedURLs
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Management Console
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Microsoft Management Console\Recent File List
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Direct3D
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS DirectDraw
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS DirectInput
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Office 12.0 (Excel)
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Office\12.0\Excel\File MRU
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Office\12.0\Excel\File MRU
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Office 12.0 (Word)
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Office\12.0\Word\File MRU
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Office\12.0\Word\File MRU
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Regedit
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product MS Wordpad
[+] 17-02-19 21:46:38 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
[+] 17-02-19 21:46:38 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
[i] 17-02-19 21:46:38
[i] 17-02-19 21:46:38 Product Windows.OpenWith
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CPL\OpenWithList
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CPL\OpenWithList
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Product Windows Explorer
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Product Windows Media SDK
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 17-02-19 21:46:39 Moving into quarantine HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 17-02-19 21:46:39 Successfully cleaned HKEY_USERS\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Product Verlauf
[+] 17-02-19 21:46:39 Moving into quarantine Internet Explorer (Benutzer) (Daniel)History
[+] 17-02-19 21:46:39 Successfully cleaned Internet Explorer (Benutzer) (Daniel)History
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Product Cookie
[+] 17-02-19 21:46:39 Moving into quarantine Firefox (Daniel (default))Cookies
[+] 17-02-19 21:46:39 Successfully cleaned Firefox (Daniel (default))Cookies
[i] 17-02-19 21:46:39
[i] 17-02-19 21:46:39 Summary
[i] 17-02-19 21:46:39 Errors while cleaning 0
[i] 17-02-19 21:46:39 Files moved into quarantine 185
[i] 17-02-19 21:46:39 Files successfully cleaned 185
Ich habe auch wie beschrieben jetzt mal FRST laufen lassen .. hier die Log-Ausgabe
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017
durchgeführt von Daniel (Administrator) auf HIGHLANDER (26-02-2017 20:31:51)
Gestartet von C:\Users\Daniel\Downloads
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
() C:\Windows\SysWOW64\spdsvc.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1735288 2016-09-30] (Logitech, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [DAEMON Tools Lite] => X:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-11-19]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-12-13]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2016-11-19]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam - Verknüpfung.lnk [2016-02-10]
ShortcutTarget: Steam - Verknüpfung.lnk -> X:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1			d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{27DD6B25-BC9C-4C3E-8FE2-641BBCDC0111}: [DhcpNameServer] 192.168.100.11 192.168.100.12
Tcpip\..\Interfaces\{93abd697-dc98-42c5-8239-078743b5d7f7}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fc57916e-ea56-438d-8a5b-66a75d23fe17}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/$22/
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1478581348-535765091-3593234125-1001 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default [2017-02-26]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\k40kk53n.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\k40kk53n.default -> hxxps://www.google.de/
FF Extension: (Firebug) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-12]
FF Extension: (divx helper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{7b0f509e-2df1-4fe9-bcae-93cd2ae17596}.xpi [2015-12-19] [ist nicht signiert]
FF Extension: (Video DownloadHelper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-images.xml [2014-10-21]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-maps.xml [2014-10-21]
FF HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-20] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-12]

Opera: 
=======
OPR Extension: (Kein Name) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-02-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-12-13] (Adobe Systems) [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-12-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-12-07] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-12-08] (ASUSTeK Computer Inc.)
U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe [1457664 2014-01-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-01] ()
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-19] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-19] (Electronic Arts)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [143664 2016-12-24] ()
R2 TermService; C:\WINDOWS\system32\rdpwrap.dll [116736 2017-02-13] (Stas'M Corp.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-12-07] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-12-07] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2013-03-04] (MCCI Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-05-27] (Disc Soft Ltd)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-26 20:31 - 2017-02-26 20:32 - 00015683 _____ C:\Users\Daniel\Downloads\FRST.txt
2017-02-26 20:31 - 2017-02-26 20:31 - 00000000 ____D C:\FRST
2017-02-26 20:30 - 2017-02-26 20:30 - 02423296 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2017-02-26 20:24 - 2017-02-26 20:24 - 00000000 ___HD C:\OneDriveTemp
2017-02-26 20:12 - 2017-02-26 20:12 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-02-26 20:05 - 2017-02-26 20:05 - 00000000 ____D C:\Users\Daniel\.QtWebEngineProcess
2017-02-20 18:40 - 2017-02-26 11:10 - 00000000 ____D C:\Users\Daniel\Desktop\Neuer Ordner
2017-02-19 21:52 - 2017-02-19 21:52 - 00000000 ___HD C:\$SysReset
2017-02-19 20:08 - 2017-02-19 20:08 - 01426593 _____ C:\Users\Daniel\Downloads\licensecrawler_1.85_build-1566.zip
2017-02-19 18:15 - 2017-02-19 18:16 - 02870984 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2017-02-19 17:39 - 2017-02-19 17:39 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-19 17:33 - 2017-02-19 17:33 - 00000000 ____D C:\Users\Daniel\Documents\ProcAlyzer Dumps
2017-02-19 15:36 - 2017-02-26 20:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-19 15:36 - 2017-02-26 20:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-19 15:36 - 2017-02-19 15:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-02-19 12:31 - 2017-02-19 15:35 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.4.exe
2017-02-19 12:03 - 2017-02-19 12:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareDesktop
2017-02-19 11:46 - 2017-02-19 11:46 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareUpdater
2017-02-19 11:45 - 2017-02-19 11:45 - 00000000 ____D C:\Program Files\Common Files\adaware
2017-02-19 11:44 - 2017-02-19 11:44 - 02546688 _____ C:\Users\Daniel\Downloads\Adaware_Installer.exe
2017-02-13 21:02 - 2017-02-19 14:46 - 00051015 _____ C:\WINDOWS\system32\rdpwrap.ini
2017-02-13 21:02 - 2017-02-13 21:02 - 00116736 _____ (Stas'M Corp.) C:\WINDOWS\system32\rdpwrap.dll
2017-02-12 23:01 - 2017-02-12 23:01 - 00001482 _____ C:\Users\Daniel\Desktop\Penudomataneght.default.lnk
2017-02-12 21:56 - 2017-02-12 21:56 - 00000306 __RSH C:\Users\Daniel\ntuser.pol
2017-02-12 21:33 - 2017-02-12 21:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ProxyGate
2017-02-12 21:32 - 2017-02-12 21:32 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2017-02-12 21:32 - 2017-02-12 21:32 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2017-02-12 21:32 - 2017-02-12 21:32 - 00002052 _____ C:\WINDOWS\System32\Tasks\uLlF2As5l8
2017-02-12 21:31 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\GRR242xMGC
2017-02-12 21:30 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Atikationbogot System
2017-02-12 21:30 - 2017-02-12 21:33 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-11 19:56 - 2017-02-26 20:22 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 __SHD C:\jpjiQMOQLhjpjiQMOQLh
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 ____D C:\Users\Daniel\jpjiQMOQLh
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\MicProCam
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Program Files (x86)\Client
2017-02-11 18:14 - 2017-02-11 18:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\sabnzbd
2017-02-10 16:16 - 2017-02-10 16:16 - 03287737 _____ C:\WINDOWS\70c6c8294cb8d4334ed10f21aa6b120e.exe
2017-02-10 16:12 - 2017-02-10 16:12 - 00014040 _____ C:\WINDOWS\system32\Drivers\7d084fb4bdf36fe9254301e9f5290e95.sys
2017-02-09 10:03 - 2017-02-09 10:03 - 00014040 _____ C:\WINDOWS\system32\Drivers\Lace_wpf_x64.sys
2017-02-08 12:37 - 2017-02-08 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-08 12:36 - 2017-02-08 12:36 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-08 12:36 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-08 12:36 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-08 12:36 - 2016-12-29 14:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-08 12:36 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-08 12:36 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-08 12:36 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-26 20:30 - 2014-01-11 14:35 - 00000000 _____ C:\WINDOWS\Path.idx
2017-02-26 20:25 - 2013-12-08 17:21 - 01048576 _____ C:\WINDOWS\PE_Rom.dll
2017-02-26 20:24 - 2016-10-02 17:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-26 20:24 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-26 20:24 - 2014-05-25 19:28 - 00000000 __RDO C:\Users\Daniel\OneDrive
2017-02-26 20:23 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-26 20:05 - 2016-10-02 16:48 - 00000000 ____D C:\Users\Daniel
2017-02-26 20:05 - 2014-12-14 19:45 - 00000000 ____D C:\ProgramData\Origin
2017-02-26 13:08 - 2016-10-02 16:42 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 11:04 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-26 11:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-25 10:56 - 2013-12-25 11:08 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-25 07:08 - 2014-08-25 18:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 19:45 - 2016-12-14 20:34 - 00000000 ____D C:\Users\Daniel\dwhelper
2017-02-23 18:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 18:27 - 2013-12-08 16:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 18:24 - 2013-12-08 16:48 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-20 15:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-19 20:47 - 2016-10-02 16:42 - 00346672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\ProgramData\Apple
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-02-19 19:48 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-19 19:47 - 2016-04-11 20:11 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-02-19 15:28 - 2014-03-23 09:41 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-19 11:37 - 2016-07-16 23:51 - 01045548 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-19 11:37 - 2016-07-16 23:51 - 00246560 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-19 11:37 - 2015-09-01 16:21 - 02489702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-19 11:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter
2017-02-18 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\IME
2017-02-15 21:59 - 2013-12-07 22:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2017-02-14 21:08 - 2016-10-12 19:06 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-02-12 22:48 - 2015-06-02 20:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-12 22:43 - 2014-09-21 13:48 - 00000000 ___RD C:\Users\Daniel\Desktop\Bewerbungen
2017-02-12 22:14 - 2013-12-08 08:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-12 21:33 - 2015-09-01 20:12 - 00000306 __RSH C:\ProgramData\ntuser.pol
2017-02-12 21:33 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-12 20:36 - 2015-01-11 15:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\Ubisoft Game Launcher
2017-02-08 12:37 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-12-08 19:48 - 2013-12-24 11:01 - 0000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND
2013-12-08 13:43 - 2013-12-08 13:43 - 0000017 _____ () C:\Users\Daniel\AppData\Local\resmon.resmoncfg
2015-10-19 21:01 - 2015-10-19 21:01 - 0000011 _____ () C:\ProgramData\.tv7
2016-10-02 16:44 - 2016-10-02 16:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-18 23:51

==================== Ende von FRST.txt ============================
         
--- --- ---


Ich bin dankbar für jede Hilfe!

Alt 26.02.2017, 21:40   #2
Tician
/// TB-Senior
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)





Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen.

Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst.

Ich bedanke mich für deine Geduld
__________________

__________________

Alt 27.02.2017, 22:04   #3
Tician
/// TB-Senior
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



Hallo und

Bevor wir beginnen beachte bitte Folgendes:
  • Installiere/Deinstalliere bitte nichts während wir hier an deinem Problem arbeiten
  • Speicher alle unsere Tools auf dem Desktop ab (das ist später wichtig!)
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach auf mehrere Posts aufteilen
  • Falls vorhanden: Logs die jünger als 1 Monat sind bitte posten
  • Verwende keine weiteren Tools ohne Aufforderung
  • Wichtig: Auch wenn dein Problem behoben scheint kann dein System noch infiziert sein, arbeite also bitte weiter bis ich dir ein "Clean" gebe

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst



Leider fehlt das "Addition"-Log von FRST deswegen bitte grad nochmal nach dieser Anleitung:

Schritt 1:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
__________________

Alt 28.02.2017, 17:48   #4
High_one
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



.. sry, glatt vergessen!

Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-02-2017
durchgeführt von Daniel (26-02-2017 20:32:39)
Gestartet von C:\Users\Daniel\Downloads
Windows 10 Home Version 1607 (X64) (2016-10-02 16:09:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1478581348-535765091-3593234125-500 - Administrator - Disabled)
Daniel (S-1-5-21-1478581348-535765091-3593234125-1001 - Administrator - Enabled) => C:\Users\Daniel
DefaultAccount (S-1-5-21-1478581348-535765091-3593234125-503 - Limited - Disabled)
Gast (S-1-5-21-1478581348-535765091-3593234125-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1478581348-535765091-3593234125-1008 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

15 Days (HKLM-x32\...\Steam App 342990) (Version:  - House of Tales)
3DMark (HKLM\...\Steam App 223850) (Version:  - Futuremark)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Agatha Christie - The ABC Murders (HKLM\...\Steam App 374900) (Version:  - Artefacts Studios)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Alan Wake (HKLM\...\Steam App 108710) (Version:  - Remedy Entertainment)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version:  - Creative Assembly)
Aliens: Colonial Marines (HKLM\...\Steam App 49540) (Version:  - Gearbox Software)
Anna - Extended Edition (HKLM\...\Steam App 217690) (Version:  - Dreampainters)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM\...\Steam App 65790) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Aura: Fate of the Ages (HKLM-x32\...\Steam App 65500) (Version:  - Streko Graphics)
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 4.0.0.6 - )
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
Black Mesa (HKLM-x32\...\Steam App 362890) (Version:  - Crowbar Collective)
Black Mirror (HKLM\...\Steam App 292930) (Version:  - Future Games)
Black Mirror II (HKLM-x32\...\Steam App 286460) (Version:  - Cranberry Production)
Black Mirror III (HKLM-x32\...\Steam App 286480) (Version:  - Cranberry Production)
Broken Sword 1 - Shadow of the Templars: Director's Cut (HKLM\...\Steam App 57640) (Version:  - Revolution Software Ltd)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Fall 1: The Journal (HKLM-x32\...\Steam App 260690) (Version:  - Darkling Room)
Dark Fall 2: Lights Out (HKLM-x32\...\Steam App 260710) (Version:  - Darkling Room)
DiRT Rally (HKLM\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Elegant-Treiber Paket (HKLM-x32\...\Samsung Stylish UI Pack) (Version: 1.01.74.00 (09.02.2015) - Samsung Electronics Co., Ltd.)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Fireflies Screensaver (remove only) (HKLM-x32\...\Fireflies) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Half-Life 2 (HKLM\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version:  - Valve)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Jack Keane 2 - The Fire Within (HKLM-x32\...\Steam App 236970) (Version:  - Deck 13)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Lost Horizon (HKLM-x32\...\Steam App 40350) (Version:  - Animation Arts)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
METAL GEAR SOLID V: GROUND ZEROES (HKLM\...\Steam App 311340) (Version:  - Kojima Productions)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM\...\Steam App 233290) (Version:  - Airtight Games)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.4.0.0 - Electronic Arts)
No Man's Sky (HKLM\...\Steam App 275850) (Version:  - Hello Games)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Öko-Treiber Pack (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28.05.2015) - Samsung Electronics Co., Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Overclocked: A History of Violence (HKLM-x32\...\Steam App 339850) (Version:  - House of Tales)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version:  - Obsidian Entertainment)
Pixeluvo version 1.6.0 (HKLM\...\{8CD06ADF-DEEA-4594-8E6C-9B2CACE29760}_is1) (Version: 1.6.0 - Pictopotamus Ltd)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project CARS (HKLM\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Remember Me (HKLM-x32\...\Steam App 228300) (Version:  - DONTNOD Entertainment)
Resident Evil / biohazard HD REMASTER (HKLM-x32\...\Steam App 304240) (Version:  - CAPCOM Co., Ltd.)
Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version:  - Crystal Dynamics)
Risen 3 - Titan Lords (HKLM\...\Steam App 249230) (Version:  - Piranha Bytes)
Safecracker: The Ultimate Puzzle Adventure (HKLM-x32\...\Steam App 3260) (Version:  - Kheops Studio)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.04 - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.0.0.78 - Samsung Electronics Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.12 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.26 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Syberia (HKLM\...\Steam App 46500) (Version:  - Microids)
Syberia 2 (HKLM\...\Steam App 46510) (Version:  - Microids)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
The Ball (HKLM\...\Steam App 35460) (Version:  - Teotl Studios)
The Book of Unwritten Tales (HKLM-x32\...\Steam App 215160) (Version:  - KING Art)
The Book of Unwritten Tales: The Critter Chronicles (HKLM-x32\...\Steam App 221830) (Version:  - KING Art)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Moment of Silence (HKLM-x32\...\Steam App 339840) (Version:  - House of Tales)
The Mystery of the Druids (HKLM-x32\...\Steam App 343000) (Version:  - House of Tales)
The Raven - Legacy of a Master Thief (HKLM-x32\...\Steam App 233370) (Version:  - KING Art)
The Solus Project (HKLM\...\Steam App 313630) (Version:  - Hourences)
The Stanley Parable Demo (HKLM\...\Steam App 247750) (Version:  - Galactic Cafe)
Titan Quest Anniversary Edition (HKLM\...\Steam App 475150) (Version:  - Iron Lore Entertainment)
Tom Clancy's The Division - Beta (HKLM-x32\...\Steam App 414460) (Version:  - Massive Entertainment)
Tomb Raider (HKLM\...\Steam App 203160) (Version:  - Crystal Dynamics)
Tomb Raider II (HKLM-x32\...\Steam App 225300) (Version:  - Core Design)
Transmissions: Element 120 (HKLM\...\Steam App 365300) (Version:  - Shokunin)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.12 - Samsung Electronics CO., LTD.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Wasteland 2: Director's Cut (HKLM-x32\...\Steam App 404730) (Version:  - inXile Entertainment)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WhatsApp (HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)
Yesterday (HKLM-x32\...\Steam App 205840) (Version:  - Pendulo Studios)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06EE6F2F-3D93-4BA3-A550-C9034CC41020} - \WPD\SqmUpload_S-1-5-21-1478581348-535765091-3593234125-1001 -> Keine Datei <==== ACHTUNG
Task: {0E3CE234-A495-4833-9318-08D6FE9B72D9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {13D9416E-8B02-4482-9E9A-355C443C68E8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {172D8D5B-B799-4B42-8168-9DB681715F50} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2015-04-24] ()
Task: {1B054512-C15D-404B-A7D1-40F17E580AB8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {229FE34C-3144-4F25-B3D8-FE2DF1E343EA} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: {34F2D54D-727C-4DEC-BE30-FB2FF9F83DCF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {4674980A-D352-4073-BA3B-0A96B4D2FB7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {61F89444-D967-4AF0-8634-F6468B011A99} - \Pregehabering -> Keine Datei <==== ACHTUNG
Task: {64B7D47A-A68F-4370-8AFF-938FA096E854} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {71545E37-4F9E-4090-BFA5-86C893DFEB75} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {7F4D41A3-5EC5-4C30-A45C-D139DD8AEE2B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {88B50241-7A72-4720-BF17-962F97B5B4A0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {90F87FC1-8C09-4348-805E-D1C42012250A} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {9740F4B3-DC4B-4B24-9757-31E6F4B8D439} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {992BBF82-2E12-497B-8E66-E29488D68306} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {B1B39CF6-8FE6-4C96-9CC4-237BD5A54165} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-20] (Adobe Systems Incorporated)
Task: {B21F31E4-A212-4543-AC57-EC709C4DEA1B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B3D1FB94-487A-466C-B5CA-0A38A5E336E8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {C358818D-01E0-469A-8580-5AF36129952E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D1A61186-599F-476F-BBF7-696A676F51DB} - System32\Tasks\uLlF2As5l8 => C:\Program Files (x86)\GRR242xMGC\updengine.exe  <==== ACHTUNG
Task: {E124BE7F-B769-4BFE-93D4-E3151C67B7ED} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-01-14] ()
Task: {E770174C-C5B6-4CC9-AD27-074CA994165B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-24 12:31 - 2014-11-25 12:16 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll
2016-02-15 21:01 - 2016-02-15 21:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2016-10-02 16:44 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-06 20:47 - 2016-07-17 22:43 - 00499000 ____N () C:\WINDOWS\SysWoW64\spdsvc.exe
2016-12-24 12:31 - 2016-12-24 12:31 - 00143664 ____N () C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe
2013-12-07 22:37 - 2013-12-07 22:37 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-12-08 13:39 - 2013-01-14 16:37 - 01406776 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2016-12-13 20:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-02 17:36 - 2016-10-02 17:36 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 21:55 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 21:54 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 21:54 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-23 16:31 - 2017-02-23 16:33 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 16:31 - 2017-02-23 16:33 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 16:31 - 2017-02-23 16:33 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 09:57 - 2017-02-06 09:57 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-19 12:49 - 2015-02-10 15:08 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2016-12-24 12:32 - 2015-06-11 12:42 - 03055616 ____N () C:\WINDOWS\system32\DlgSearchEngine.dll
2016-10-13 18:43 - 2017-02-19 15:28 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2013-12-07 22:37 - 2017-02-26 20:24 - 00033280 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-12-07 22:37 - 2013-12-07 22:34 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-12-08 13:39 - 2013-01-14 17:16 - 05771136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2013-12-08 13:39 - 2010-06-21 15:21 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-01-11 14:16 - 2013-03-04 21:57 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2014-01-11 14:16 - 2012-08-03 16:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2013-12-08 13:39 - 2011-07-12 19:14 - 00147456 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-12-08 13:39 - 2010-10-05 08:22 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-01-11 14:15 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2013-12-08 13:39 - 2012-10-08 17:07 - 00972288 ____N () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-12-08 13:39 - 2013-01-15 15:30 - 01040896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-01-11 14:15 - 2012-06-19 12:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-01-11 14:16 - 2012-08-14 11:14 - 01123840 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-01-11 14:16 - 2012-07-20 09:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-12-08 13:39 - 2013-04-15 14:19 - 00883712 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-12-08 13:39 - 2012-05-28 21:27 - 01622528 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-12-08 13:39 - 2011-09-19 20:18 - 01243136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-12-08 13:39 - 2011-07-21 09:06 - 00846848 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-12-08 13:39 - 2012-08-29 18:09 - 00875520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-12-07 22:37 - 2013-12-07 22:34 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-12-08 13:39 - 2010-10-05 08:22 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-01-11 14:17 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2014-01-11 14:17 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
2014-01-11 14:17 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll
2016-11-19 12:49 - 2015-02-18 14:11 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2013-12-17 10:31 - 2013-12-17 10:31 - 00491520 _____ () C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
2013-12-08 13:39 - 2009-08-12 20:15 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2014-08-25 18:14 - 00000867 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1			d3oxij66pru1i3.cloudfront.net

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{e5a42237-04bb-4b35-bccc-62b140b2d1c1}.CR2
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\StartupApproved\Run: => "Raptr"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1739C80E-0DC0-43AA-9EE8-8E8E6D8A5224}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{575BC274-12C0-494E-9588-CF520A3574D1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{ED028450-B0C5-452A-8566-BF17F1D39154}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{CC9F52F9-5FFC-4248-A2A0-3748B809CBC4}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [UDP Query User{E6B4DDC7-8CE8-4DF9-A106-4EA6752CBFD5}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{60ABD0A7-C67F-49A7-ACF7-31818F743F8A}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{BF27EF7B-D034-4288-9BA1-9C85FBC95F61}C:\program files (x86)\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\java.exe
FirewallRules: [TCP Query User{268F3E0D-1F4D-4CA9-90CC-FE4A5C90B186}C:\program files (x86)\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{7D556653-25CF-4956-A987-DC58A3AFB567}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{56B8ADB4-DB72-4E83-BBBA-E94AE3DE13EC}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{7773C64F-5744-4484-8CB6-27483E174FCB}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{136D6DF5-497D-41F6-A39B-8294194EC541}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{84EA0326-8696-48EB-9D19-7D96854A1282}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{BF281C92-B3FD-4299-8FEF-33E4EDFCD206}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{CFAD6B7C-E05D-4623-9D4F-02DB079296C9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{66F57649-F0A6-42E4-BFA6-C81322055946}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{8A8E1951-0FAF-4F1E-A3A0-8763614AC557}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe
FirewallRules: [TCP Query User{EE622A1E-8C92-44A0-B42B-E611242D5B01}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe
FirewallRules: [{86473537-7282-426D-A15B-F9CE7EE7AEB2}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{F322C8BF-D606-4881-AF3D-13EAE9277DAB}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{7CAF606E-13D1-488A-937E-3A5E750265E7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Syberia2.exe
FirewallRules: [{E2836527-0A4D-4242-8A32-F832F88831E1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Syberia2.exe
FirewallRules: [{9614330A-AE3F-43DE-992B-16D5FBFE9934}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Game.exe
FirewallRules: [{AE2BFD58-03EA-483E-B8E4-86C7A49459C3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Game.exe
FirewallRules: [{ADB5AC49-580F-4F45-B670-E68ACFE5633F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia\Game.exe
FirewallRules: [{1A09D0F6-6AC4-4F9E-B666-857F67625FE5}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia\Game.exe
FirewallRules: [{DA581AD4-6481-4425-9952-EA6784E9EEAD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5481738A-2391-4A5D-B92E-44BEAA578696}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [UDP Query User{2B4A366F-FAD3-4017-9AA4-1647A96958E0}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{839DAB1A-9273-403A-B008-F0627F961F32}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [{D0D28362-F0F7-44CE-B123-6BA216886ED7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{21645B25-F809-423C-BC7E-BCD40A462A04}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{395E6D94-A3A8-486A-963F-86075E4DD9C7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{D73B1964-0D33-44A1-9A1A-D7EB0F2179C0}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{EA6201BD-0AF4-4ED8-B9B1-5403D1D3686A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's The Division - Beta\thedivision.exe
FirewallRules: [{98A2C85E-3B99-44F4-A93B-818F6D2E28B7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's The Division - Beta\thedivision.exe
FirewallRules: [{65472F4B-BC89-41B0-867B-FD8FFDF27452}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{FB0207C7-0305-479F-9FD7-4D5094C1F503}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{52E48425-9353-4AC1-9C8D-AFEC6A5688F1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mesa\bms.exe
FirewallRules: [{946365E2-ED15-4F41-9811-4F2BE60F3D31}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mesa\bms.exe
FirewallRules: [{BA9E0BF4-DBC4-418E-9949-68784FDD4E33}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Lost Horizon\AutoStarter.exe
FirewallRules: [{98D0E662-3D8E-4A42-9336-ED27A2379564}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Lost Horizon\AutoStarter.exe
FirewallRules: [{8876BAE7-2C91-4AFD-AEA1-81E04DFB61FA}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{E103C4D8-4054-4D6E-AED1-E6483EE63E0A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{9FE8EF5E-4817-4DDA-AD4D-20F241CC9DDF}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{47329D06-5380-49B5-B732-EFD9761D56B0}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{AD47B247-1A6F-4EC4-A7EF-42EAABCC8939}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\15 Days\rhc.exe
FirewallRules: [{E17750F4-973C-4BD1-9B47-F507405ED8FC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\15 Days\rhc.exe
FirewallRules: [{429794D8-A536-4BB9-88FF-6349D5AE10BD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\PSConfig.exe
FirewallRules: [{8D2777B0-0B35-441C-A783-11CC42B9996B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\PSConfig.exe
FirewallRules: [{EB5E95FE-9229-4D9E-8A82-71D21821D97E}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\Yesterday.exe
FirewallRules: [{CA3CD382-12E9-4279-9176-847D10F61D0B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\Yesterday.exe
FirewallRules: [{44F0EAE3-E91E-426C-8B40-63244BF291EC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Aura Fate of the Ages\Aura1.exe
FirewallRules: [{BDF37CF2-51B7-4429-857F-DA1A31353397}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Aura Fate of the Ages\Aura1.exe
FirewallRules: [{5EAD1BCF-5F79-4B23-85C1-D6881005A751}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{0D567A0A-1227-43CF-B19D-2BB51A59D7DD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{9F0BF3D6-1751-4F1A-AA80-CB27A5B199AB}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{B636ABC8-7A1D-4C92-9A92-5F88AAD13D04}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{6BCEA1CA-5B5C-4845-B8BF-8EAE6368CDFC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 1 The Journal\DarkFall.exe
FirewallRules: [{344D59A1-50E8-4B8E-A8E3-C1F356F4771C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 1 The Journal\DarkFall.exe
FirewallRules: [{2E010D16-1AEB-4E97-80DB-BBB975C432FC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 2 Lights Out\DarkFall2.exe
FirewallRules: [{DD4F9206-07A4-4E95-AF8F-DE8C6D2889BD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 2 Lights Out\DarkFall2.exe
FirewallRules: [{875BF096-0334-4F7D-B21E-0341F896A181}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Jack Keane 2\JackKeane2.exe
FirewallRules: [{E25B123F-7647-40E4-9D22-D3751FFA0C40}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Jack Keane 2\JackKeane2.exe
FirewallRules: [{3BA7CB38-032D-468F-9EA1-BF58C70DBCED}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Moment of Silence\mos.exe
FirewallRules: [{65B6BC8A-86B0-45F4-AB94-6C5B08FAAC7C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Moment of Silence\mos.exe
FirewallRules: [{BEC9C3E1-C1BE-47F6-A557-FF777026890D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Mystery of the Druids\edd.exe
FirewallRules: [{718B3703-BF1B-4D9E-81B0-D02720CEA1D5}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Mystery of the Druids\edd.exe
FirewallRules: [{8A314FE0-9600-40BA-9CAD-B15FC7235B1D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Overclocked\launcher.exe
FirewallRules: [{5BF1F4A3-6412-40F9-9859-7490EE66D082}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Overclocked\launcher.exe
FirewallRules: [{EB4A5DC1-E11C-414A-A7E2-AF5586DC1086}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{E06A444F-DDD2-4626-8107-A59158259F1F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{40BD4FF6-2D64-477E-8841-7947B7DE0611}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Safecracker 2\Safecracker.exe
FirewallRules: [{5FC3D32C-4EDD-46D3-A199-EEAADA9276F7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Safecracker 2\Safecracker.exe
FirewallRules: [UDP Query User{9D0E3A1B-B85C-44B9-90E2-18DA868C2E9D}X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{F25A2969-EF73-453A-81FD-B5471B912CA0}X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{E20F5364-6C35-401A-BB8F-550ED69C3AFD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{CA850769-B9A7-465C-8774-B23421A9563A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [UDP Query User{3CDAE9AF-6ACD-4D48-95C1-7C59BB02440E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{1F1D3673-263E-40E8-8AAF-02218B57EA89}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D9C63033-5BCB-428A-A3AC-399119BFA512}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{6EFDE9D1-215C-4CC4-8381-0374767650F3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{4E6C72CD-A225-4757-B35F-6E6C0F66366C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BFEF3C7-9CB8-4E66-BB5B-B1D57EC5CD0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{671A09D7-D2E2-4DD4-A713-174BABCA1880}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{58F053FA-5C2F-4F43-A6AC-7831DCD3ACAE}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{E13C8B70-1425-4306-95E3-D6E688E3CE4B}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{86459E70-1FB0-4D13-8382-DC1852E1E43D}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{7D453B8A-7B60-407E-9AC5-80F77C05929B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{8EFD166E-EC04-439C-9952-0D5397D3441A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{657DC4F1-F725-419F-B870-5FBE3424480A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{521DFA10-E98F-4EEB-9247-9ADD117CF592}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{87EC542E-B6DD-4DC0-A315-E06D67A9662A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{8F604BE4-05D2-4E8E-8166-0FAE78B2A4C1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{0FE0C5F3-1F66-44F5-B469-E76B3302E53D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{C0E08052-458A-442B-8958-A094C92CA04C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{233040BF-7BEE-41CE-A368-9F7B4C2BD954}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{162200DA-4611-4B2A-99BB-E51FD3013CC2}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{89C69AC6-5DAB-4CF7-96F1-D1B589F48112}] => (Allow) X:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C50793C1-B69B-4328-9420-A86B3A467537}] => (Allow) X:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0C7F03C-3919-4CC8-93AC-051A2FC329CB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B87A2E28-1C36-4551-9C7A-86F9D7EC0A68}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B0CE1F7C-8206-4DCF-A294-9A348D3B438F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{21D08188-7382-428C-8B31-5473530C563C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D09B296F-4D55-4E76-9777-8E82FEF00409}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{328587F5-25B9-46A2-B4B1-A0A44396EE31}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E3B02158-DF93-4FDE-9127-26EFF2EE93ED}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{835CA50B-B28E-452D-82C3-88B1B187B616}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EE336683-1F62-409F-97A0-62B8D0B8AC95}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{DC4CAAB9-F302-4AE6-B956-F69D9EAEC60F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A10C4887-D748-4E64-8E5F-8D3699906822}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{6286FD3D-09EE-4251-ADCC-41D551223162}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{042E8287-F711-40E2-85DC-F845BBF9A9F1}] => (Allow) X:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{699CE33E-FF83-447A-8525-D06134C308D9}] => (Allow) X:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{990A0524-4CCA-4665-8AFD-8D871C6253B1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{970EA435-5AE7-4E68-A0D9-F390E1FB3A36}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{C1D18DD4-6A78-439A-9BDD-D6D3D4E9410B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{31A3A6D2-7D41-4F17-96CB-99DD94E2F84F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{DABB3354-B244-43CE-A21C-D737C02191B7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{F9CB0AE9-7B74-4EAA-A08F-62EBEC5390F3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{F92485DD-9329-404E-ADC2-2ADAF544F378}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{350A91FB-1D03-42FD-BB48-DDE7F4C95716}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{AB858FCD-CE56-445D-BBEC-632ED601AC81}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8BC79411-4563-4710-BD7A-9F13CD887673}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{FDE61F51-414D-46DC-9D68-5D6BE1DF9148}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A0DD955D-679E-4889-8333-1155FED35D27}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B561A764-4A4D-4B4C-AE3E-BAC988E6BEFD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{420E2379-6495-4691-B1A6-CA773B612E25}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{4168C511-C553-4C23-BA8B-19A85C017596}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{DE75A175-14ED-4EDE-BAAC-0747AC8498C6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{4B7C8F29-D74E-43D5-B15A-32544AA35DF2}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{0A8696D4-FC21-4370-9F33-5CD3F596CE13}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{2FDBCAEF-D8AA-4847-9079-BF84E452EC53}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{4BBDF732-EB81-4F70-BD72-D5168932870F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{FB9AEAC3-9F18-4383-9F65-E67015BF7D7B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{6B4E62A9-30C7-4E8A-9558-03880EF8F6CC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{AEE83BCE-9CB6-4C80-B973-A171156AF31B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{7C0D8F4A-D769-46F7-AB9A-AB809836BB0B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{2BDEE644-D918-472C-B7B1-EB4F0D8FF306}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{27DF5761-C692-4A48-8696-7AFEA4886DF8}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{832CAF24-BE24-464F-8C79-A2654F75CF2E}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{A4D5502F-C0E0-4488-A6F0-28BBBAFFB813}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{32DB545D-A58A-4867-AD80-F19ADB7205C9}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8684A1AD-7C17-4C17-B41D-D5066DA12F75}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{5D8F872F-4A8A-4352-80B7-3D7CEC24D3A3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8424A2E1-AC86-44FB-A6EC-D376A874A06B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8650DB81-2DB0-4D8F-B98F-5D1E9D499E95}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{41A75225-BB82-43D8-8A85-9934FF10FE0B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{1E5B3B53-1C13-4AA4-A7CC-C0948E1BAD29}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{BA8AC7D6-20B6-4D97-AE6B-DF8394995771}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{4A5EDCC5-0F33-4C86-8E4B-DAF5C0402C9B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C3549F6F-C49D-41B9-B843-48921E8C1332}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8FA60C6D-DC89-44FF-B6C3-B4139391E883}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{8019AD31-DCB7-4D4A-920A-62A360C4629A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{D8566190-AC03-45ED-A3C2-CCBC4EC3B081}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8FBC7A7A-6B5A-4FB4-9CD1-58ED9D6DAD97}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F128390E-3B0C-46E5-908C-C7633051966F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{566A0FA0-0945-434F-A27F-54EC755C68FB}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{4E097195-30BA-43F4-9576-6D03446E884C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{25C63303-CA23-44E4-9001-959567981C1F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F3438EA6-8F9E-4DB2-8F70-78B18D1F5B07}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{119633E1-DAC2-4EFE-BAC9-117ADB188578}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{28E8C348-B4C6-4473-A8A1-BCA00AC4AB9A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{927F43CF-1CCC-4C10-9DF2-0CBF4037998B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3B6737DB-A89D-4323-A958-7FE9E9DE2824}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{619C8167-E2B8-44AF-9234-2FA950BCF69D}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{5050B6F2-FCC2-4DA9-848E-C72E44C6A244}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{C88C0330-C63B-46E8-AA4C-EA0F5D22E7ED}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{0565A1D7-094B-4CBF-9203-EBA114D26634}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E69A7FD7-02CC-4B19-84DE-C4627834B6DD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{2378A96D-43B6-4385-ADD4-EB2CB6A250D8}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{4E9F20F6-A6FA-41C8-8BC5-CE08BCB0FB3F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [TCP Query User{337F983B-D3C3-4C39-ABFC-3B68CA8E7F46}X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{4F46EF22-E6F0-4846-BABE-B0C36A7F1496}X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{BAAFA752-EFA1-4AC7-A837-E98BAF4978D4}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{F1C54372-1DEA-4726-AC7C-AD20BA2F02A8}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{4315A08C-356B-465D-87F8-EA9C4EA83196}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2C5CCFF9-55BD-433D-B207-8FFB7D125415}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A0CBE5E0-5056-4E87-AB2E-FE9E90CB11A9}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{FE8F4E2E-34FB-4FDD-8260-A40777CAC976}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{E456D861-09CD-4809-A735-47350FF0DFBE}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{69F568BD-7F04-4E18-AE07-B4C33788C051}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{8A35E0AD-5F32-4A50-A336-F7674DA231DB}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{E2127EE6-C493-4A49-964B-AD151AEEBCC8}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{72384C29-D91B-4EC6-8818-0C7BF954839C}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{C2B103AC-E6BD-45F1-A068-3A16B98C8DC8}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{A81C43FA-9398-4FD4-9542-BF278030C130}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{C63B08FB-46A5-4816-B112-5847B7BC0513}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{BBD320A3-1458-42F8-A47F-4C3EBFA63075}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{A705655B-5501-462C-AF40-D0D4E20CDD87}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{92C76941-D1D9-42A8-8279-108C5FEA7028}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{E493FBF7-8858-4479-8018-1C49DA95D6E0}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{551BD7C0-8A40-4C45-8D8E-EACBFF8BDEBD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{61445A84-3B1F-43F8-B8FB-CB57CF1E4C0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{051AF3A8-1E70-4C69-8FC3-EF45607E6887}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{F58ABC6F-6DAA-424C-961B-558CFFD16A00}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{B5F01342-A4BD-4A6B-B43E-C928A2CCE50D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{9B85A96F-1974-4DEE-AD6F-9E722E7318CC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{330B33AC-D262-46F0-B85D-FC81F8D8C546}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{312BBA7C-A105-4675-9A50-E1545F7D8184}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{DE420CA8-33A8-460E-89A6-8316353F7C91}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Transmissions Element 120\hl2.exe
FirewallRules: [{300BD060-0313-42DB-8E16-27953A02866D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Transmissions Element 120\hl2.exe
FirewallRules: [{377B7FD6-6496-46DB-96B9-21B8C7EFE8DC}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror\agds.exe
FirewallRules: [{51A2C608-4045-49F3-AB4D-71559A27DBDE}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror\agds.exe
FirewallRules: [{95BB313F-B0E1-4F4E-AF97-739A942184CC}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{7E667861-5942-4074-A2D5-32FA1A29CFFE}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{325EDD4E-A511-4F5C-9B10-7509F2E9F2CC}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{2461F2EE-252A-460F-B1E0-57B47B5C194D}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{29CFDDE1-8A9B-466A-A421-BCED09FCEB5F}] => (Allow) Y:\Program Files (x86)\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{67082877-1EFC-4FB5-95EA-0998F28194B8}] => (Allow) Y:\Program Files (x86)\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{4A66F7A1-97E1-4E8C-A686-CCB30A43A7DE}] => (Allow) Y:\Program Files (x86)\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{B88D30FC-23E4-4202-B01F-08F2ACF1B72E}] => (Allow) Y:\Program Files (x86)\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{7BFEFA1C-F8D2-4037-9CA5-B1B866482E86}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{670F13E3-CCC2-42F3-B269-BDBDCAE9D855}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{B77A2C2A-ADFF-47AA-AC71-8F181843B4E9}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{59FF2A37-ABAA-4D88-B8A0-63D438B5A185}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{E255D2E7-4993-4F79-AB7C-BAC0FE74094E}] => (Allow) Y:\Program Files (x86)\Origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{E3FF5239-AC49-43F6-8542-2C31169660E4}] => (Allow) Y:\Program Files (x86)\Origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{4239BD55-86ED-466D-AE29-64CDDB188B9C}] => (Allow) Y:\Program Files (x86)\Origin\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{28BBB3A5-1243-45F5-A506-89B621B74728}] => (Allow) Y:\Program Files (x86)\Origin\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{F2DB2B19-EE2A-45FB-9814-838533E01B1C}] => (Allow) Y:\Program Files (x86)\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{97715F97-3A9E-43C9-99F1-1A2C7DAEAB29}] => (Allow) Y:\Program Files (x86)\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{9B40E5B0-0CD4-4652-986D-87394C5DE314}] => (Allow) Y:\Program Files (x86)\steamapps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{F6725B8A-7215-4939-9CEB-0D6547F0FA33}] => (Allow) Y:\Program Files (x86)\steamapps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{8EBCACC8-7049-4061-9D65-4C0B21BD0284}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE
FirewallRules: [{0578D553-BFA2-441E-BAEB-8A2FF2734D7A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{4D4DAC42-9667-4856-AEF7-8272E15C0E0A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{CF37A6B5-992C-4123-8FC8-D70FC00CFFEA}] => (Allow) Y:\Program Files (x86)\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{A87E1160-1627-44A5-8D91-6A10538C0436}] => (Allow) Y:\Program Files (x86)\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{AC4977A3-F7DB-496F-BF07-8FAB4FDF843D}] => (Allow) Y:\Program Files (x86)\steamapps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{9989DD48-C979-4EFA-944C-B945CD81A248}] => (Allow) Y:\Program Files (x86)\steamapps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{942452C6-675B-4F97-86D9-158BD645FBBF}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{7063F7F9-E007-40FB-A988-A65AD3BA6CBF}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{6570E119-D9EB-4AEB-A30C-97E051930B1E}] => (Allow) X:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5DACE60D-36D8-4785-AFF1-BAF32C15AFB8}] => (Allow) X:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{25C55644-F5BD-4950-9487-D86B9BD1F29F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{7C941A23-BCAA-454E-AB0E-A9E1D88C256D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{04378603-B9DF-496A-916E-372AA40D9276}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [{18C92F82-45A7-4AE8-B8D5-6CC7767454F0}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [TCP Query User{69485F4F-1167-43D2-96DC-061305D99C51}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
FirewallRules: [UDP Query User{85C6AEFC-A506-42A2-8A6C-6620644015AD}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
FirewallRules: [{EA3E8BE7-2E62-4FF8-B398-5EDBCEE1F14C}] => (Allow) C:\Program Files (x86)\Eye-Fi\EyeFiReceiver.exe
FirewallRules: [{A40BDE29-40B0-4152-B45B-F30FC6D496EE}] => (Allow) C:\Program Files (x86)\Eye-Fi\EyeFiReceiver.exe
FirewallRules: [{6DE3DE05-E285-45D4-A5CE-8F4FA9B57005}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{29C9359F-A97C-4147-A03C-411C34DC7632}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{ABAE4DBE-ABC3-4C97-BFD2-16E615835D43}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{F8ACAE70-2C82-438F-90E8-3DD423846F6F}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{978488F3-12BB-48B9-B6FE-889028F59138}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{315268F3-7350-4B1D-A127-5029DDAA6EEC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe
FirewallRules: [{E8C63382-201A-4F72-A2BC-35A6B644B82C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{979C9983-DF3B-4671-9431-CC179F53E892}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe
FirewallRules: [{14315F0E-69C4-4F43-B058-D1C5DB1C1984}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe
FirewallRules: [{F8BFE053-F157-4C21-A456-F77939B85878}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{335D755E-B4D5-40DA-AA66-D0536EDAC9A3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A06D4000-0273-4903-A094-0B478696F3DB}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{55E61657-CE83-4D2A-A01C-F17022EAE23E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{1BFB868A-9E31-4A9C-A99B-FE69C528A559}] => (Allow) Y:\Program Files (x86)\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{A02F3BA3-690E-4E82-8D33-EE40CFD91CCE}] => (Allow) Y:\Program Files (x86)\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{24EE5FAE-1F89-4078-BFC5-246A60A603C8}] => (Allow) Y:\Program Files (x86)\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{C0BC2666-3DE1-4059-AD96-77099F329BED}] => (Allow) Y:\Program Files (x86)\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{2A9D121A-3BF3-4BC7-BA41-32051AE8A994}] => (Allow) Y:\Program Files (x86)\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{70CDB7C2-0693-414E-AF48-4EB71AA7D554}] => (Allow) Y:\Program Files (x86)\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{2C882013-981D-4415-9703-1744EC63463E}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{C8597CE5-D682-4680-9C8E-B86D22DCCE9B}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{506CF8D0-C9F9-460F-B8D1-84C45C014A01}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{EE5C3DF8-B6E3-4C68-A2D8-866780C39AA4}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{1E6924B3-240A-4B67-AA2A-CD029A5B7A24}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{357A3E2C-5AEC-4423-A77F-9737B88CDAF3}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{4E1F4191-79B1-4B0F-8AA6-06B446B2A05E}] => (Allow) Y:\Program Files (x86)\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{31E431FB-2916-43E5-A6B8-C27CF7BDD02A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{3679DE31-A194-48C1-B4BE-B02ECA31D6DA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{33C3D88E-F5FD-445A-B46C-897D65168CCE}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [UDP Query User{F29892B8-3A47-4847-A890-DF7F3DF7A6D7}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [{47F77314-394D-4DA0-93B8-60AA0D19D70D}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{852F1FA4-5514-4DED-9BDD-5C06CDC8803E}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [TCP Query User{F089E846-4F9F-4C54-B03B-EA58EECEDE1B}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe
FirewallRules: [UDP Query User{7C9DDF66-C10D-41BF-8675-9BE29FCDA43B}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe
FirewallRules: [{66273284-F232-4318-8AF3-5CD3DA45D966}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{C4237E09-0589-4A76-A91F-E96109025E67}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{272BA0D1-8867-4EC7-8921-20355438C849}] => (Allow) Y:\Program Files (x86)\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{6CD669C0-86CA-43A3-9549-E1058BA5D0A9}] => (Allow) Y:\Program Files (x86)\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{E85B6E0C-32C3-405F-9C79-42670121902E}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{0A98E8BC-CD51-4706-B9B4-F8083D248E2A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{BE543A2C-4FD7-4675-B039-965CE70A9B41}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{B2630DCD-5FA5-451D-836F-9C7C7C3EF5DF}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{59A55441-FDBD-48F1-AD3B-F1B1A746AE7E}] => (Allow) LPort=3389
FirewallRules: [{2A7E6DD9-1033-46CE-BDE5-1A848026DEA8}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{F0E2E027-02D9-423B-B870-F5CEC612EF87}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{2AECB7C6-9075-4530-953C-5B28BCAD1B38}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{7F0C7ECE-B3F0-4628-AE08-741C381CAEEA}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe

==================== Wiederherstellungspunkte =========================

12-02-2017 20:07:33 Removed Bonjour
15-02-2017 21:43:54 Removed WinSnare
19-02-2017 11:44:44 AA11
23-02-2017 18:22:24 Windows Update
26-02-2017 20:03:07 AA11

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/26/2017 08:22:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x182c
Startzeit der fehlerhaften Anwendung: 0x01d2906599ed12ff
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 8333a5c1-646e-4a62-a8cc-e334b9be90c3
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (02/26/2017 08:22:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x182c
Startzeit der fehlerhaften Anwendung: 0x01d2906599ed12ff
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 2b04bc16-a29e-4ba9-a21a-9b93d4b85a2b
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (02/26/2017 08:05:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HIGHLANDER)
Description: Das Paket „windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (02/26/2017 08:04:06 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF (Fehler %3).

Error: (02/26/2017 08:04:06 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF (Fehler %3).

Error: (02/26/2017 08:04:06 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF (Fehler %3).

Error: (02/26/2017 08:03:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/26/2017 11:02:23 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: HIGHLANDER)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe5

Error: (02/24/2017 07:55:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/23/2017 06:24:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (02/26/2017 08:27:15 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/26/2017 08:24:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/26/2017 08:24:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinDefend" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (02/26/2017 08:22:59 PM) (Source: DCOM) (EventID: 10010) (User: HIGHLANDER)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/26/2017 08:22:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/26/2017 08:18:26 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/26/2017 08:15:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/26/2017 08:13:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/26/2017 08:10:42 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/26/2017 08:07:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-02-26 20:24:08.561
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-25 16:07:23.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 16:06:35.158
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-12 21:29:21.673
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-12 21:29:21.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-12 21:29:21.665
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-12 21:29:21.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-12 21:29:21.580
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-12 17:47:34.954
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-12 17:47:34.952
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8120 Eight-Core Processor 
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16329.31 MB
Verfügbarer physikalischer RAM: 13815.02 MB
Summe virtueller Speicher: 17353.31 MB
Verfügbarer virtueller Speicher: 14614.29 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:194.53 GB) (Free:73.58 GB) NTFS
Drive g: (HAL9000M) (Fixed) (Total:298.01 GB) (Free:280.32 GB) FAT32
Drive x: (HAL 9000) (Fixed) (Total:736.2 GB) (Free:208.36 GB) NTFS
Drive y: (DATA 9000) (Fixed) (Total:1863.01 GB) (Free:1503.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 0000735A)

Partition: GPT.
Partition 2: (Active) - (Size=230.6 GB) - (Type=83)
Partition 3: (Not Active) - (Size=1.7 GB) - (Type=82)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2ABEE185)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=194.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BA460385)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 298.1 GB) (Disk ID: 85037F94)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0B)

==================== Ende von Addition.txt ============================
         
nochmal die FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017
durchgeführt von Daniel (Administrator) auf HIGHLANDER (26-02-2017 20:31:51)
Gestartet von C:\Users\Daniel\Downloads
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
() C:\Windows\SysWOW64\spdsvc.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1735288 2016-09-30] (Logitech, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [DAEMON Tools Lite] => X:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-11-19]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-12-13]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2016-11-19]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam - Verknüpfung.lnk [2016-02-10]
ShortcutTarget: Steam - Verknüpfung.lnk -> X:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1			d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{27DD6B25-BC9C-4C3E-8FE2-641BBCDC0111}: [DhcpNameServer] 192.168.100.11 192.168.100.12
Tcpip\..\Interfaces\{93abd697-dc98-42c5-8239-078743b5d7f7}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fc57916e-ea56-438d-8a5b-66a75d23fe17}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/$22/
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1478581348-535765091-3593234125-1001 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default [2017-02-26]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\k40kk53n.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\k40kk53n.default -> hxxps://www.google.de/
FF Extension: (Firebug) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-12]
FF Extension: (divx helper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{7b0f509e-2df1-4fe9-bcae-93cd2ae17596}.xpi [2015-12-19] [ist nicht signiert]
FF Extension: (Video DownloadHelper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-images.xml [2014-10-21]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-maps.xml [2014-10-21]
FF HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-20] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-12]

Opera: 
=======
OPR Extension: (Kein Name) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-02-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-12-13] (Adobe Systems) [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-12-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-12-07] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-12-08] (ASUSTeK Computer Inc.)
U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe [1457664 2014-01-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-01] ()
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-19] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-19] (Electronic Arts)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [143664 2016-12-24] ()
R2 TermService; C:\WINDOWS\system32\rdpwrap.dll [116736 2017-02-13] (Stas'M Corp.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-12-07] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-12-07] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2013-03-04] (MCCI Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-05-27] (Disc Soft Ltd)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-26 20:31 - 2017-02-26 20:32 - 00015683 _____ C:\Users\Daniel\Downloads\FRST.txt
2017-02-26 20:31 - 2017-02-26 20:31 - 00000000 ____D C:\FRST
2017-02-26 20:30 - 2017-02-26 20:30 - 02423296 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2017-02-26 20:24 - 2017-02-26 20:24 - 00000000 ___HD C:\OneDriveTemp
2017-02-26 20:12 - 2017-02-26 20:12 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-02-26 20:05 - 2017-02-26 20:05 - 00000000 ____D C:\Users\Daniel\.QtWebEngineProcess
2017-02-20 18:40 - 2017-02-26 11:10 - 00000000 ____D C:\Users\Daniel\Desktop\Neuer Ordner
2017-02-19 21:52 - 2017-02-19 21:52 - 00000000 ___HD C:\$SysReset
2017-02-19 20:08 - 2017-02-19 20:08 - 01426593 _____ C:\Users\Daniel\Downloads\licensecrawler_1.85_build-1566.zip
2017-02-19 18:15 - 2017-02-19 18:16 - 02870984 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2017-02-19 17:39 - 2017-02-19 17:39 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-19 17:33 - 2017-02-19 17:33 - 00000000 ____D C:\Users\Daniel\Documents\ProcAlyzer Dumps
2017-02-19 15:36 - 2017-02-26 20:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-19 15:36 - 2017-02-26 20:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-19 15:36 - 2017-02-19 15:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-02-19 12:31 - 2017-02-19 15:35 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.4.exe
2017-02-19 12:03 - 2017-02-19 12:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareDesktop
2017-02-19 11:46 - 2017-02-19 11:46 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareUpdater
2017-02-19 11:45 - 2017-02-19 11:45 - 00000000 ____D C:\Program Files\Common Files\adaware
2017-02-19 11:44 - 2017-02-19 11:44 - 02546688 _____ C:\Users\Daniel\Downloads\Adaware_Installer.exe
2017-02-13 21:02 - 2017-02-19 14:46 - 00051015 _____ C:\WINDOWS\system32\rdpwrap.ini
2017-02-13 21:02 - 2017-02-13 21:02 - 00116736 _____ (Stas'M Corp.) C:\WINDOWS\system32\rdpwrap.dll
2017-02-12 23:01 - 2017-02-12 23:01 - 00001482 _____ C:\Users\Daniel\Desktop\Penudomataneght.default.lnk
2017-02-12 21:56 - 2017-02-12 21:56 - 00000306 __RSH C:\Users\Daniel\ntuser.pol
2017-02-12 21:33 - 2017-02-12 21:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ProxyGate
2017-02-12 21:32 - 2017-02-12 21:32 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2017-02-12 21:32 - 2017-02-12 21:32 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2017-02-12 21:32 - 2017-02-12 21:32 - 00002052 _____ C:\WINDOWS\System32\Tasks\uLlF2As5l8
2017-02-12 21:31 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\GRR242xMGC
2017-02-12 21:30 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Atikationbogot System
2017-02-12 21:30 - 2017-02-12 21:33 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-11 19:56 - 2017-02-26 20:22 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 __SHD C:\jpjiQMOQLhjpjiQMOQLh
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 ____D C:\Users\Daniel\jpjiQMOQLh
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\MicProCam
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Program Files (x86)\Client
2017-02-11 18:14 - 2017-02-11 18:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\sabnzbd
2017-02-10 16:16 - 2017-02-10 16:16 - 03287737 _____ C:\WINDOWS\70c6c8294cb8d4334ed10f21aa6b120e.exe
2017-02-10 16:12 - 2017-02-10 16:12 - 00014040 _____ C:\WINDOWS\system32\Drivers\7d084fb4bdf36fe9254301e9f5290e95.sys
2017-02-09 10:03 - 2017-02-09 10:03 - 00014040 _____ C:\WINDOWS\system32\Drivers\Lace_wpf_x64.sys
2017-02-08 12:37 - 2017-02-08 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-08 12:36 - 2017-02-08 12:36 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-08 12:36 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-08 12:36 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-08 12:36 - 2016-12-29 14:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-08 12:36 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-08 12:36 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-08 12:36 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-26 20:30 - 2014-01-11 14:35 - 00000000 _____ C:\WINDOWS\Path.idx
2017-02-26 20:25 - 2013-12-08 17:21 - 01048576 _____ C:\WINDOWS\PE_Rom.dll
2017-02-26 20:24 - 2016-10-02 17:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-26 20:24 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-26 20:24 - 2014-05-25 19:28 - 00000000 __RDO C:\Users\Daniel\OneDrive
2017-02-26 20:23 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-26 20:05 - 2016-10-02 16:48 - 00000000 ____D C:\Users\Daniel
2017-02-26 20:05 - 2014-12-14 19:45 - 00000000 ____D C:\ProgramData\Origin
2017-02-26 13:08 - 2016-10-02 16:42 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 11:04 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-26 11:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-25 10:56 - 2013-12-25 11:08 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-25 07:08 - 2014-08-25 18:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 19:45 - 2016-12-14 20:34 - 00000000 ____D C:\Users\Daniel\dwhelper
2017-02-23 18:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 18:27 - 2013-12-08 16:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 18:24 - 2013-12-08 16:48 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-20 15:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-19 20:47 - 2016-10-02 16:42 - 00346672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\ProgramData\Apple
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-02-19 19:48 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-19 19:47 - 2016-04-11 20:11 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-02-19 15:28 - 2014-03-23 09:41 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-19 11:37 - 2016-07-16 23:51 - 01045548 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-19 11:37 - 2016-07-16 23:51 - 00246560 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-19 11:37 - 2015-09-01 16:21 - 02489702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-19 11:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter
2017-02-18 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\IME
2017-02-15 21:59 - 2013-12-07 22:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2017-02-14 21:08 - 2016-10-12 19:06 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-02-12 22:48 - 2015-06-02 20:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-12 22:43 - 2014-09-21 13:48 - 00000000 ___RD C:\Users\Daniel\Desktop\Bewerbungen
2017-02-12 22:14 - 2013-12-08 08:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-12 21:33 - 2015-09-01 20:12 - 00000306 __RSH C:\ProgramData\ntuser.pol
2017-02-12 21:33 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-12 20:36 - 2015-01-11 15:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\Ubisoft Game Launcher
2017-02-08 12:37 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-12-08 19:48 - 2013-12-24 11:01 - 0000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND
2013-12-08 13:43 - 2013-12-08 13:43 - 0000017 _____ () C:\Users\Daniel\AppData\Local\resmon.resmoncfg
2015-10-19 21:01 - 2015-10-19 21:01 - 0000011 _____ () C:\ProgramData\.tv7
2016-10-02 16:44 - 2016-10-02 16:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-18 23:51

==================== Ende von FRST.txt ============================
         

Alt 01.03.2017, 07:54   #5
Tician
/// TB-Senior
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



Hinweis:
Unsere Tools
Zitat:
Gestartet von C:\Users\Daniel\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Außerdem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.


Da gibt es was zu tun.
Die Programme haben eine gute Vorarbeit geleistet, wir schauen mal was wir noch rausholen können


Schritt 1:

Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
  • Klicke auf Wählen Sie eine
  • Kopiere nun folgendes in die Suchleiste
    Code:
    ATTFilter
    C:\WINDOWS\70c6c8294cb8d4334ed10f21aa6b120e.exe
             
  • und klicke auf Öffnen.
  • Klicke auf Scannen!.
  • Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen

    klicke auf Neu analysieren.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.
Wiederhole die selben Schritte mit folgenden Dateien:
Code:
ATTFilter
C:\WINDOWS\system32\Drivers\7d084fb4bdf36fe9254301e9f5290e95.sys
         

Schritt 2:

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Hosts-Datei
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3:

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Schritt 4:
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

__________________
Gruß Tician

Alt 01.03.2017, 16:54   #6
High_one
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



o.k. ab sofort alles auf dem Desktop!

Schritt 1
https://www.virustotal.com/de/file/d3be1ac13e3c60e1267a636b0ae4f8fb27a238cb9c156461ba7b9a0b68c1ada1/analysis/1488382716/

Schritt 2. folgt..

.. Mist.. habe einen Fehler gemacht, habe die *sys Datei vergessen bei Schritt 1. Nach dem Neustart ist diese nun nicht mehr da! SRY

Schritt 2
(weiss nicht ob es relevant ist .. ADW hat nach dem "Löschen" mit einem Fehler seine Arbeit beendet und ich konnte nur das Programm schliessen. Den Neustart habe ich dann manuell gemacht und die Logdatei ist diese hier:
Code:
ATTFilter
# AdwCleaner v6.044 - Bericht erstellt am 01/03/2017 um 16:46:14
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-02-28.2 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Daniel - HIGHLANDER
# Gestartet von : C:\Users\Daniel\Desktop\adwcleaner_6.044.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Ordner Gefunden: C:\Users\Daniel\AppData\Local\globalUpdate
Ordner Gefunden: C:\Users\Daniel\AppData\Local\YSearchUtil
Ordner Gefunden: C:\Users\Daniel\AppData\Roaming\ProxyGate
Ordner Gefunden: C:\Program Files (x86)\globalUpdate
Ordner Gefunden: C:\Program Files (x86)\myfree codec
Ordner Gefunden: C:\Users\Daniel\AppData\Local\com


***** [ Dateien ] *****

Datei Gefunden: C:\WINDOWS\SysNative\drivers\7d084fb4bdf36fe9254301e9f5290e95.sys
Datei Gefunden: C:\WINDOWS\SysNative\drivers\LACE_WPF_X64.SYS
Datei Gefunden: C:\WINDOWS\SysNative\drivers\Lace_wpf_x64.sys


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Aufgabe Gefunden: uLlF2As5l8


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
Schlüssel Gefunden: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-368483E1C3B1}
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Wert Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Schlüssel Gefunden: HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\genesis
Schlüssel Gefunden: HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\GlobalUpdate
Schlüssel Gefunden: HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\InstalledBrowserExtensions
Schlüssel Gefunden: HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Mozilla\Extends
Schlüssel Gefunden: HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Myfree Codec
Schlüssel Gefunden: HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Browsers Apps
Schlüssel Gefunden: HKCU\Software\genesis
Schlüssel Gefunden: HKCU\Software\GlobalUpdate
Schlüssel Gefunden: HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden: HKCU\Software\Mozilla\Extends
Schlüssel Gefunden: HKCU\Software\Myfree Codec
Schlüssel Gefunden: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden: HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gefunden: HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gefunden: HKLM\SOFTWARE\Uniblue
Schlüssel Gefunden: HKLM\SOFTWARE\MaxPower
Schlüssel Gefunden: HKLM\SOFTWARE\ScreenShot
Schlüssel Gefunden: [x64] HKCU\Software\genesis
Schlüssel Gefunden: [x64] HKCU\Software\GlobalUpdate
Schlüssel Gefunden: [x64] HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden: [x64] HKCU\Software\Mozilla\Extends
Schlüssel Gefunden: [x64] HKCU\Software\Myfree Codec
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\InterSect Alliance
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1478581348-535765091-3593234125-1001\Products\BF6F818607268ED48972048E2511F1A2
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [8206 Bytes] - [01/03/2017 16:46:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8279 Bytes] ##########
         
Schitt 3
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 10 Home x64 
Ran by Daniel (Administrator) on 01.03.2017 at 16:57:42,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5 

Successfully deleted: C:\Users\Daniel\AppData\Local\ggempire (Folder) 
Successfully deleted: C:\Users\Daniel\AppData\Local\worldoftanks (Folder) 
Successfully deleted: C:\Users\Daniel\AppData\Roaming\goodgameempire (Folder) 
Successfully deleted: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\search.lnk (Shortcut) 
Successfully deleted: C:\WINDOWS\wininit.ini (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.03.2017 at 16:59:15,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Geändert von High_one (01.03.2017 um 17:07 Uhr)

Alt 01.03.2017, 17:07   #7
High_one
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



Schritt 4
FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
durchgeführt von Daniel (Administrator) auf HIGHLANDER (01-03-2017 17:04:21)
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
() C:\Windows\SysWOW64\spdsvc.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1735288 2016-09-30] (Logitech, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [DAEMON Tools Lite] => X:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-11-19]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-12-13]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2016-11-19]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam - Verknüpfung.lnk [2016-02-10]
ShortcutTarget: Steam - Verknüpfung.lnk -> X:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{27DD6B25-BC9C-4C3E-8FE2-641BBCDC0111}: [DhcpNameServer] 192.168.100.11 192.168.100.12
Tcpip\..\Interfaces\{93abd697-dc98-42c5-8239-078743b5d7f7}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fc57916e-ea56-438d-8a5b-66a75d23fe17}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/$22/
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1478581348-535765091-3593234125-1001 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default [2017-03-01]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\k40kk53n.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\k40kk53n.default -> hxxps://www.google.de/
FF Extension: (Firebug) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-12]
FF Extension: (divx helper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{7b0f509e-2df1-4fe9-bcae-93cd2ae17596}.xpi [2015-12-19] [ist nicht signiert]
FF Extension: (Video DownloadHelper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-images.xml [2014-10-21]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-maps.xml [2014-10-21]
FF HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-20] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-12]

Opera: 
=======
OPR Extension: (Kein Name) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-02-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-12-13] (Adobe Systems) [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-12-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-12-07] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-12-08] (ASUSTeK Computer Inc.)
U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe [1457664 2014-01-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-01] ()
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-19] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-19] (Electronic Arts)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [143664 2016-12-24] ()
R2 TermService; C:\WINDOWS\system32\rdpwrap.dll [116736 2017-02-13] (Stas'M Corp.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-12-07] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-12-07] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2013-03-04] (MCCI Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-05-27] (Disc Soft Ltd)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-01 17:04 - 2017-03-01 17:04 - 00014041 _____ C:\Users\Daniel\Desktop\FRST.txt
2017-03-01 16:59 - 2017-03-01 16:59 - 00000946 _____ C:\Users\Daniel\Desktop\JRT.txt
2017-03-01 16:57 - 2017-03-01 16:57 - 01663736 _____ (Malwarebytes) C:\Users\Daniel\Desktop\JRT.exe
2017-03-01 16:42 - 2017-03-01 16:46 - 00000000 ____D C:\AdwCleaner
2017-03-01 16:42 - 2017-03-01 16:43 - 04031440 _____ C:\Users\Daniel\Desktop\adwcleaner_6.044.exe
2017-03-01 16:32 - 2017-03-01 16:32 - 00000000 ___HD C:\OneDriveTemp
2017-02-26 21:22 - 2017-02-26 21:22 - 02870984 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu(1).exe
2017-02-26 21:22 - 2017-02-26 21:22 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-26 20:49 - 2017-02-26 20:49 - 00000000 ___HD C:\$SysReset
2017-02-26 20:32 - 2017-02-26 20:33 - 00088490 _____ C:\Users\Daniel\Downloads\Addition.txt
2017-02-26 20:31 - 2017-03-01 17:04 - 00000000 ____D C:\FRST
2017-02-26 20:31 - 2017-02-26 20:33 - 00026302 _____ C:\Users\Daniel\Downloads\FRST.txt
2017-02-26 20:30 - 2017-03-01 16:56 - 02423808 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2017-02-26 20:05 - 2017-02-26 20:05 - 00000000 ____D C:\Users\Daniel\.QtWebEngineProcess
2017-02-20 18:40 - 2017-02-26 11:10 - 00000000 ____D C:\Users\Daniel\Desktop\Neuer Ordner
2017-02-19 20:08 - 2017-02-19 20:08 - 01426593 _____ C:\Users\Daniel\Downloads\licensecrawler_1.85_build-1566.zip
2017-02-19 18:15 - 2017-02-19 18:16 - 02870984 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2017-02-19 17:39 - 2017-02-19 17:39 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-19 17:33 - 2017-02-19 17:33 - 00000000 ____D C:\Users\Daniel\Documents\ProcAlyzer Dumps
2017-02-19 15:36 - 2017-02-26 20:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-19 15:36 - 2017-02-26 20:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-19 15:36 - 2017-02-19 15:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-02-19 12:31 - 2017-02-19 15:35 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.4.exe
2017-02-19 12:03 - 2017-02-19 12:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareDesktop
2017-02-19 11:46 - 2017-02-19 11:46 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareUpdater
2017-02-19 11:45 - 2017-02-19 11:45 - 00000000 ____D C:\Program Files\Common Files\adaware
2017-02-19 11:44 - 2017-02-19 11:44 - 02546688 _____ C:\Users\Daniel\Downloads\Adaware_Installer.exe
2017-02-13 21:02 - 2017-02-19 14:46 - 00051015 _____ C:\WINDOWS\system32\rdpwrap.ini
2017-02-13 21:02 - 2017-02-13 21:02 - 00116736 _____ (Stas'M Corp.) C:\WINDOWS\system32\rdpwrap.dll
2017-02-12 23:01 - 2017-02-12 23:01 - 00001482 _____ C:\Users\Daniel\Desktop\Penudomataneght.default.lnk
2017-02-12 21:56 - 2017-02-12 21:56 - 00000306 __RSH C:\Users\Daniel\ntuser.pol
2017-02-12 21:32 - 2017-02-12 21:32 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2017-02-12 21:32 - 2017-02-12 21:32 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2017-02-12 21:31 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\GRR242xMGC
2017-02-12 21:30 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Atikationbogot System
2017-02-12 21:30 - 2017-02-12 21:33 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-11 19:56 - 2017-03-01 16:46 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 __SHD C:\jpjiQMOQLhjpjiQMOQLh
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 ____D C:\Users\Daniel\jpjiQMOQLh
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\MicProCam
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Program Files (x86)\Client
2017-02-11 18:14 - 2017-02-11 18:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\sabnzbd
2017-02-10 16:16 - 2017-02-10 16:16 - 03287737 _____ C:\WINDOWS\70c6c8294cb8d4334ed10f21aa6b120e.exe
2017-02-08 12:37 - 2017-02-08 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-08 12:36 - 2017-02-08 12:36 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-08 12:36 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-08 12:36 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-08 12:36 - 2016-12-29 14:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-08 12:36 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-08 12:36 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-08 12:36 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-01 16:58 - 2014-05-25 19:28 - 00000000 __RDO C:\Users\Daniel\OneDrive
2017-03-01 16:56 - 2014-01-11 14:35 - 00000000 _____ C:\WINDOWS\Path.idx
2017-03-01 16:51 - 2013-12-08 17:21 - 01048576 _____ C:\WINDOWS\PE_Rom.dll
2017-03-01 16:48 - 2016-10-02 17:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-01 16:48 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-01 16:47 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-01 16:36 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-01 16:36 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-28 17:39 - 2016-10-02 16:42 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 20:51 - 2014-08-25 18:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-26 20:05 - 2016-10-02 16:48 - 00000000 ____D C:\Users\Daniel
2017-02-26 20:05 - 2014-12-14 19:45 - 00000000 ____D C:\ProgramData\Origin
2017-02-25 10:56 - 2013-12-25 11:08 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-24 19:45 - 2016-12-14 20:34 - 00000000 ____D C:\Users\Daniel\dwhelper
2017-02-23 18:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 18:27 - 2013-12-08 16:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 18:24 - 2013-12-08 16:48 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-20 15:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-19 20:47 - 2016-10-02 16:42 - 00346672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\ProgramData\Apple
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-02-19 19:48 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-19 19:47 - 2016-04-11 20:11 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-02-19 15:28 - 2014-03-23 09:41 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-19 11:37 - 2016-07-16 23:51 - 01045548 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-19 11:37 - 2016-07-16 23:51 - 00246560 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-19 11:37 - 2015-09-01 16:21 - 02489702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-19 11:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter
2017-02-18 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\IME
2017-02-15 21:59 - 2013-12-07 22:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2017-02-14 21:08 - 2016-10-12 19:06 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-02-12 22:48 - 2015-06-02 20:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-12 22:43 - 2014-09-21 13:48 - 00000000 ___RD C:\Users\Daniel\Desktop\Bewerbungen
2017-02-12 22:14 - 2013-12-08 08:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-12 21:33 - 2015-09-01 20:12 - 00000306 __RSH C:\ProgramData\ntuser.pol
2017-02-12 21:33 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-12 20:36 - 2015-01-11 15:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\Ubisoft Game Launcher
2017-02-08 12:37 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-12-08 19:48 - 2013-12-24 11:01 - 0000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND
2013-12-08 13:43 - 2013-12-08 13:43 - 0000017 _____ () C:\Users\Daniel\AppData\Local\resmon.resmoncfg
2015-10-19 21:01 - 2015-10-19 21:01 - 0000011 _____ () C:\ProgramData\.tv7
2016-10-02 16:44 - 2016-10-02 16:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-27 17:57

==================== Ende von FRST.txt ============================
         
Addition.txt.
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-03-2017
durchgeführt von Daniel (01-03-2017 17:05:02)
Gestartet von C:\Users\Daniel\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-02 16:09:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1478581348-535765091-3593234125-500 - Administrator - Disabled)
Daniel (S-1-5-21-1478581348-535765091-3593234125-1001 - Administrator - Enabled) => C:\Users\Daniel
DefaultAccount (S-1-5-21-1478581348-535765091-3593234125-503 - Limited - Disabled)
Gast (S-1-5-21-1478581348-535765091-3593234125-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1478581348-535765091-3593234125-1008 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

15 Days (HKLM-x32\...\Steam App 342990) (Version:  - House of Tales)
3DMark (HKLM\...\Steam App 223850) (Version:  - Futuremark)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Agatha Christie - The ABC Murders (HKLM\...\Steam App 374900) (Version:  - Artefacts Studios)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Alan Wake (HKLM\...\Steam App 108710) (Version:  - Remedy Entertainment)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version:  - Creative Assembly)
Aliens: Colonial Marines (HKLM\...\Steam App 49540) (Version:  - Gearbox Software)
Anna - Extended Edition (HKLM\...\Steam App 217690) (Version:  - Dreampainters)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM\...\Steam App 65790) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Aura: Fate of the Ages (HKLM-x32\...\Steam App 65500) (Version:  - Streko Graphics)
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 4.0.0.6 - )
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
Black Mesa (HKLM-x32\...\Steam App 362890) (Version:  - Crowbar Collective)
Black Mirror (HKLM\...\Steam App 292930) (Version:  - Future Games)
Black Mirror II (HKLM-x32\...\Steam App 286460) (Version:  - Cranberry Production)
Black Mirror III (HKLM-x32\...\Steam App 286480) (Version:  - Cranberry Production)
Broken Sword 1 - Shadow of the Templars: Director's Cut (HKLM\...\Steam App 57640) (Version:  - Revolution Software Ltd)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Fall 1: The Journal (HKLM-x32\...\Steam App 260690) (Version:  - Darkling Room)
Dark Fall 2: Lights Out (HKLM-x32\...\Steam App 260710) (Version:  - Darkling Room)
DiRT Rally (HKLM\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Elegant-Treiber Paket (HKLM-x32\...\Samsung Stylish UI Pack) (Version: 1.01.74.00 (09.02.2015) - Samsung Electronics Co., Ltd.)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Fireflies Screensaver (remove only) (HKLM-x32\...\Fireflies) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Half-Life 2 (HKLM\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version:  - Valve)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Jack Keane 2 - The Fire Within (HKLM-x32\...\Steam App 236970) (Version:  - Deck 13)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Lost Horizon (HKLM-x32\...\Steam App 40350) (Version:  - Animation Arts)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
METAL GEAR SOLID V: GROUND ZEROES (HKLM\...\Steam App 311340) (Version:  - Kojima Productions)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM\...\Steam App 233290) (Version:  - Airtight Games)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.4.0.0 - Electronic Arts)
No Man's Sky (HKLM\...\Steam App 275850) (Version:  - Hello Games)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Öko-Treiber Pack (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28.05.2015) - Samsung Electronics Co., Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Overclocked: A History of Violence (HKLM-x32\...\Steam App 339850) (Version:  - House of Tales)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version:  - Obsidian Entertainment)
Pixeluvo version 1.6.0 (HKLM\...\{8CD06ADF-DEEA-4594-8E6C-9B2CACE29760}_is1) (Version: 1.6.0 - Pictopotamus Ltd)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project CARS (HKLM\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Remember Me (HKLM-x32\...\Steam App 228300) (Version:  - DONTNOD Entertainment)
Resident Evil / biohazard HD REMASTER (HKLM-x32\...\Steam App 304240) (Version:  - CAPCOM Co., Ltd.)
Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version:  - Crystal Dynamics)
Risen 3 - Titan Lords (HKLM\...\Steam App 249230) (Version:  - Piranha Bytes)
Safecracker: The Ultimate Puzzle Adventure (HKLM-x32\...\Steam App 3260) (Version:  - Kheops Studio)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.04 - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.0.0.78 - Samsung Electronics Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.12 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.26 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Syberia (HKLM\...\Steam App 46500) (Version:  - Microids)
Syberia 2 (HKLM\...\Steam App 46510) (Version:  - Microids)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
The Ball (HKLM\...\Steam App 35460) (Version:  - Teotl Studios)
The Book of Unwritten Tales (HKLM-x32\...\Steam App 215160) (Version:  - KING Art)
The Book of Unwritten Tales: The Critter Chronicles (HKLM-x32\...\Steam App 221830) (Version:  - KING Art)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Moment of Silence (HKLM-x32\...\Steam App 339840) (Version:  - House of Tales)
The Mystery of the Druids (HKLM-x32\...\Steam App 343000) (Version:  - House of Tales)
The Raven - Legacy of a Master Thief (HKLM-x32\...\Steam App 233370) (Version:  - KING Art)
The Solus Project (HKLM\...\Steam App 313630) (Version:  - Hourences)
The Stanley Parable Demo (HKLM\...\Steam App 247750) (Version:  - Galactic Cafe)
Titan Quest Anniversary Edition (HKLM\...\Steam App 475150) (Version:  - Iron Lore Entertainment)
Tom Clancy's The Division - Beta (HKLM-x32\...\Steam App 414460) (Version:  - Massive Entertainment)
Tomb Raider (HKLM\...\Steam App 203160) (Version:  - Crystal Dynamics)
Tomb Raider II (HKLM-x32\...\Steam App 225300) (Version:  - Core Design)
Transmissions: Element 120 (HKLM\...\Steam App 365300) (Version:  - Shokunin)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.12 - Samsung Electronics CO., LTD.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Wasteland 2: Director's Cut (HKLM-x32\...\Steam App 404730) (Version:  - inXile Entertainment)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WhatsApp (HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)
Yesterday (HKLM-x32\...\Steam App 205840) (Version:  - Pendulo Studios)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06EE6F2F-3D93-4BA3-A550-C9034CC41020} - \WPD\SqmUpload_S-1-5-21-1478581348-535765091-3593234125-1001 -> Keine Datei <==== ACHTUNG
Task: {0E3CE234-A495-4833-9318-08D6FE9B72D9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {13D9416E-8B02-4482-9E9A-355C443C68E8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {172D8D5B-B799-4B42-8168-9DB681715F50} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2015-04-24] ()
Task: {1B054512-C15D-404B-A7D1-40F17E580AB8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {229FE34C-3144-4F25-B3D8-FE2DF1E343EA} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: {34F2D54D-727C-4DEC-BE30-FB2FF9F83DCF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {4674980A-D352-4073-BA3B-0A96B4D2FB7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {61F89444-D967-4AF0-8634-F6468B011A99} - \Pregehabering -> Keine Datei <==== ACHTUNG
Task: {64B7D47A-A68F-4370-8AFF-938FA096E854} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {71545E37-4F9E-4090-BFA5-86C893DFEB75} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {7F4D41A3-5EC5-4C30-A45C-D139DD8AEE2B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {88B50241-7A72-4720-BF17-962F97B5B4A0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {90F87FC1-8C09-4348-805E-D1C42012250A} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {9740F4B3-DC4B-4B24-9757-31E6F4B8D439} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {992BBF82-2E12-497B-8E66-E29488D68306} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {B1B39CF6-8FE6-4C96-9CC4-237BD5A54165} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-20] (Adobe Systems Incorporated)
Task: {B21F31E4-A212-4543-AC57-EC709C4DEA1B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B3D1FB94-487A-466C-B5CA-0A38A5E336E8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {C358818D-01E0-469A-8580-5AF36129952E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {E124BE7F-B769-4BFE-93D4-E3151C67B7ED} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-01-14] ()
Task: {E770174C-C5B6-4CC9-AD27-074CA994165B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-24 12:31 - 2014-11-25 12:16 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll
2016-02-15 21:01 - 2016-02-15 21:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2016-12-24 12:31 - 2016-12-24 12:31 - 00143664 ____N () C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe
2017-01-06 20:47 - 2016-07-17 22:43 - 00499000 ____N () C:\WINDOWS\SysWoW64\spdsvc.exe
2013-12-07 22:37 - 2013-12-07 22:37 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-12-13 20:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-01-11 21:54 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 21:54 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-23 16:31 - 2017-02-23 16:33 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 16:31 - 2017-02-23 16:33 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 16:31 - 2017-02-23 16:33 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 09:57 - 2017-02-06 09:57 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-10-02 17:36 - 2016-10-02 17:36 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 21:55 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-13 18:43 - 2017-02-19 15:28 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-12-24 12:32 - 2015-06-11 12:42 - 03055616 ____N () C:\WINDOWS\system32\DlgSearchEngine.dll
2013-12-07 22:37 - 2017-03-01 16:48 - 00033280 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-12-07 22:37 - 2013-12-07 22:34 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2017-03-01 16:46 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{e5a42237-04bb-4b35-bccc-62b140b2d1c1}.CR2
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\StartupApproved\Run: => "Raptr"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1739C80E-0DC0-43AA-9EE8-8E8E6D8A5224}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{575BC274-12C0-494E-9588-CF520A3574D1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{ED028450-B0C5-452A-8566-BF17F1D39154}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{CC9F52F9-5FFC-4248-A2A0-3748B809CBC4}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [UDP Query User{E6B4DDC7-8CE8-4DF9-A106-4EA6752CBFD5}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{60ABD0A7-C67F-49A7-ACF7-31818F743F8A}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{BF27EF7B-D034-4288-9BA1-9C85FBC95F61}C:\program files (x86)\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\java.exe
FirewallRules: [TCP Query User{268F3E0D-1F4D-4CA9-90CC-FE4A5C90B186}C:\program files (x86)\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{7D556653-25CF-4956-A987-DC58A3AFB567}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{56B8ADB4-DB72-4E83-BBBA-E94AE3DE13EC}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{7773C64F-5744-4484-8CB6-27483E174FCB}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{136D6DF5-497D-41F6-A39B-8294194EC541}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{84EA0326-8696-48EB-9D19-7D96854A1282}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{BF281C92-B3FD-4299-8FEF-33E4EDFCD206}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{CFAD6B7C-E05D-4623-9D4F-02DB079296C9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{66F57649-F0A6-42E4-BFA6-C81322055946}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{8A8E1951-0FAF-4F1E-A3A0-8763614AC557}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe
FirewallRules: [TCP Query User{EE622A1E-8C92-44A0-B42B-E611242D5B01}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe
FirewallRules: [{86473537-7282-426D-A15B-F9CE7EE7AEB2}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{F322C8BF-D606-4881-AF3D-13EAE9277DAB}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{7CAF606E-13D1-488A-937E-3A5E750265E7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Syberia2.exe
FirewallRules: [{E2836527-0A4D-4242-8A32-F832F88831E1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Syberia2.exe
FirewallRules: [{9614330A-AE3F-43DE-992B-16D5FBFE9934}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Game.exe
FirewallRules: [{AE2BFD58-03EA-483E-B8E4-86C7A49459C3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Game.exe
FirewallRules: [{ADB5AC49-580F-4F45-B670-E68ACFE5633F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia\Game.exe
FirewallRules: [{1A09D0F6-6AC4-4F9E-B666-857F67625FE5}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia\Game.exe
FirewallRules: [{DA581AD4-6481-4425-9952-EA6784E9EEAD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5481738A-2391-4A5D-B92E-44BEAA578696}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [UDP Query User{2B4A366F-FAD3-4017-9AA4-1647A96958E0}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{839DAB1A-9273-403A-B008-F0627F961F32}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [{D0D28362-F0F7-44CE-B123-6BA216886ED7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{21645B25-F809-423C-BC7E-BCD40A462A04}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{395E6D94-A3A8-486A-963F-86075E4DD9C7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{D73B1964-0D33-44A1-9A1A-D7EB0F2179C0}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{EA6201BD-0AF4-4ED8-B9B1-5403D1D3686A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's The Division - Beta\thedivision.exe
FirewallRules: [{98A2C85E-3B99-44F4-A93B-818F6D2E28B7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's The Division - Beta\thedivision.exe
FirewallRules: [{65472F4B-BC89-41B0-867B-FD8FFDF27452}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{FB0207C7-0305-479F-9FD7-4D5094C1F503}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{52E48425-9353-4AC1-9C8D-AFEC6A5688F1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mesa\bms.exe
FirewallRules: [{946365E2-ED15-4F41-9811-4F2BE60F3D31}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mesa\bms.exe
FirewallRules: [{BA9E0BF4-DBC4-418E-9949-68784FDD4E33}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Lost Horizon\AutoStarter.exe
FirewallRules: [{98D0E662-3D8E-4A42-9336-ED27A2379564}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Lost Horizon\AutoStarter.exe
FirewallRules: [{8876BAE7-2C91-4AFD-AEA1-81E04DFB61FA}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{E103C4D8-4054-4D6E-AED1-E6483EE63E0A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{9FE8EF5E-4817-4DDA-AD4D-20F241CC9DDF}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{47329D06-5380-49B5-B732-EFD9761D56B0}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{AD47B247-1A6F-4EC4-A7EF-42EAABCC8939}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\15 Days\rhc.exe
FirewallRules: [{E17750F4-973C-4BD1-9B47-F507405ED8FC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\15 Days\rhc.exe
FirewallRules: [{429794D8-A536-4BB9-88FF-6349D5AE10BD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\PSConfig.exe
FirewallRules: [{8D2777B0-0B35-441C-A783-11CC42B9996B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\PSConfig.exe
FirewallRules: [{EB5E95FE-9229-4D9E-8A82-71D21821D97E}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\Yesterday.exe
FirewallRules: [{CA3CD382-12E9-4279-9176-847D10F61D0B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\Yesterday.exe
FirewallRules: [{44F0EAE3-E91E-426C-8B40-63244BF291EC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Aura Fate of the Ages\Aura1.exe
FirewallRules: [{BDF37CF2-51B7-4429-857F-DA1A31353397}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Aura Fate of the Ages\Aura1.exe
FirewallRules: [{5EAD1BCF-5F79-4B23-85C1-D6881005A751}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{0D567A0A-1227-43CF-B19D-2BB51A59D7DD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{9F0BF3D6-1751-4F1A-AA80-CB27A5B199AB}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{B636ABC8-7A1D-4C92-9A92-5F88AAD13D04}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{6BCEA1CA-5B5C-4845-B8BF-8EAE6368CDFC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 1 The Journal\DarkFall.exe
FirewallRules: [{344D59A1-50E8-4B8E-A8E3-C1F356F4771C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 1 The Journal\DarkFall.exe
FirewallRules: [{2E010D16-1AEB-4E97-80DB-BBB975C432FC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 2 Lights Out\DarkFall2.exe
FirewallRules: [{DD4F9206-07A4-4E95-AF8F-DE8C6D2889BD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 2 Lights Out\DarkFall2.exe
FirewallRules: [{875BF096-0334-4F7D-B21E-0341F896A181}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Jack Keane 2\JackKeane2.exe
FirewallRules: [{E25B123F-7647-40E4-9D22-D3751FFA0C40}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Jack Keane 2\JackKeane2.exe
FirewallRules: [{3BA7CB38-032D-468F-9EA1-BF58C70DBCED}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Moment of Silence\mos.exe
FirewallRules: [{65B6BC8A-86B0-45F4-AB94-6C5B08FAAC7C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Moment of Silence\mos.exe
FirewallRules: [{BEC9C3E1-C1BE-47F6-A557-FF777026890D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Mystery of the Druids\edd.exe
FirewallRules: [{718B3703-BF1B-4D9E-81B0-D02720CEA1D5}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Mystery of the Druids\edd.exe
FirewallRules: [{8A314FE0-9600-40BA-9CAD-B15FC7235B1D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Overclocked\launcher.exe
FirewallRules: [{5BF1F4A3-6412-40F9-9859-7490EE66D082}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Overclocked\launcher.exe
FirewallRules: [{EB4A5DC1-E11C-414A-A7E2-AF5586DC1086}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{E06A444F-DDD2-4626-8107-A59158259F1F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{40BD4FF6-2D64-477E-8841-7947B7DE0611}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Safecracker 2\Safecracker.exe
FirewallRules: [{5FC3D32C-4EDD-46D3-A199-EEAADA9276F7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Safecracker 2\Safecracker.exe
FirewallRules: [UDP Query User{9D0E3A1B-B85C-44B9-90E2-18DA868C2E9D}X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{F25A2969-EF73-453A-81FD-B5471B912CA0}X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{E20F5364-6C35-401A-BB8F-550ED69C3AFD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{CA850769-B9A7-465C-8774-B23421A9563A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [UDP Query User{3CDAE9AF-6ACD-4D48-95C1-7C59BB02440E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{1F1D3673-263E-40E8-8AAF-02218B57EA89}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D9C63033-5BCB-428A-A3AC-399119BFA512}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{6EFDE9D1-215C-4CC4-8381-0374767650F3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{4E6C72CD-A225-4757-B35F-6E6C0F66366C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BFEF3C7-9CB8-4E66-BB5B-B1D57EC5CD0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{671A09D7-D2E2-4DD4-A713-174BABCA1880}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{58F053FA-5C2F-4F43-A6AC-7831DCD3ACAE}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{E13C8B70-1425-4306-95E3-D6E688E3CE4B}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{86459E70-1FB0-4D13-8382-DC1852E1E43D}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{7D453B8A-7B60-407E-9AC5-80F77C05929B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{8EFD166E-EC04-439C-9952-0D5397D3441A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{657DC4F1-F725-419F-B870-5FBE3424480A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{521DFA10-E98F-4EEB-9247-9ADD117CF592}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{87EC542E-B6DD-4DC0-A315-E06D67A9662A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{8F604BE4-05D2-4E8E-8166-0FAE78B2A4C1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{0FE0C5F3-1F66-44F5-B469-E76B3302E53D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{C0E08052-458A-442B-8958-A094C92CA04C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{233040BF-7BEE-41CE-A368-9F7B4C2BD954}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{162200DA-4611-4B2A-99BB-E51FD3013CC2}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{89C69AC6-5DAB-4CF7-96F1-D1B589F48112}] => (Allow) X:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C50793C1-B69B-4328-9420-A86B3A467537}] => (Allow) X:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0C7F03C-3919-4CC8-93AC-051A2FC329CB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B87A2E28-1C36-4551-9C7A-86F9D7EC0A68}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B0CE1F7C-8206-4DCF-A294-9A348D3B438F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{21D08188-7382-428C-8B31-5473530C563C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D09B296F-4D55-4E76-9777-8E82FEF00409}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{328587F5-25B9-46A2-B4B1-A0A44396EE31}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E3B02158-DF93-4FDE-9127-26EFF2EE93ED}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{835CA50B-B28E-452D-82C3-88B1B187B616}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EE336683-1F62-409F-97A0-62B8D0B8AC95}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{DC4CAAB9-F302-4AE6-B956-F69D9EAEC60F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A10C4887-D748-4E64-8E5F-8D3699906822}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{6286FD3D-09EE-4251-ADCC-41D551223162}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{042E8287-F711-40E2-85DC-F845BBF9A9F1}] => (Allow) X:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{699CE33E-FF83-447A-8525-D06134C308D9}] => (Allow) X:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{990A0524-4CCA-4665-8AFD-8D871C6253B1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{970EA435-5AE7-4E68-A0D9-F390E1FB3A36}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{C1D18DD4-6A78-439A-9BDD-D6D3D4E9410B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{31A3A6D2-7D41-4F17-96CB-99DD94E2F84F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{DABB3354-B244-43CE-A21C-D737C02191B7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{F9CB0AE9-7B74-4EAA-A08F-62EBEC5390F3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{F92485DD-9329-404E-ADC2-2ADAF544F378}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{350A91FB-1D03-42FD-BB48-DDE7F4C95716}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{AB858FCD-CE56-445D-BBEC-632ED601AC81}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8BC79411-4563-4710-BD7A-9F13CD887673}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{FDE61F51-414D-46DC-9D68-5D6BE1DF9148}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A0DD955D-679E-4889-8333-1155FED35D27}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B561A764-4A4D-4B4C-AE3E-BAC988E6BEFD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{420E2379-6495-4691-B1A6-CA773B612E25}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{4168C511-C553-4C23-BA8B-19A85C017596}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{DE75A175-14ED-4EDE-BAAC-0747AC8498C6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{4B7C8F29-D74E-43D5-B15A-32544AA35DF2}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{0A8696D4-FC21-4370-9F33-5CD3F596CE13}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{2FDBCAEF-D8AA-4847-9079-BF84E452EC53}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{4BBDF732-EB81-4F70-BD72-D5168932870F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{FB9AEAC3-9F18-4383-9F65-E67015BF7D7B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{6B4E62A9-30C7-4E8A-9558-03880EF8F6CC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{AEE83BCE-9CB6-4C80-B973-A171156AF31B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{7C0D8F4A-D769-46F7-AB9A-AB809836BB0B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{2BDEE644-D918-472C-B7B1-EB4F0D8FF306}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{27DF5761-C692-4A48-8696-7AFEA4886DF8}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{832CAF24-BE24-464F-8C79-A2654F75CF2E}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{A4D5502F-C0E0-4488-A6F0-28BBBAFFB813}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{32DB545D-A58A-4867-AD80-F19ADB7205C9}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8684A1AD-7C17-4C17-B41D-D5066DA12F75}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{5D8F872F-4A8A-4352-80B7-3D7CEC24D3A3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8424A2E1-AC86-44FB-A6EC-D376A874A06B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8650DB81-2DB0-4D8F-B98F-5D1E9D499E95}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{41A75225-BB82-43D8-8A85-9934FF10FE0B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{1E5B3B53-1C13-4AA4-A7CC-C0948E1BAD29}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{BA8AC7D6-20B6-4D97-AE6B-DF8394995771}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{4A5EDCC5-0F33-4C86-8E4B-DAF5C0402C9B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C3549F6F-C49D-41B9-B843-48921E8C1332}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8FA60C6D-DC89-44FF-B6C3-B4139391E883}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{8019AD31-DCB7-4D4A-920A-62A360C4629A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{D8566190-AC03-45ED-A3C2-CCBC4EC3B081}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8FBC7A7A-6B5A-4FB4-9CD1-58ED9D6DAD97}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F128390E-3B0C-46E5-908C-C7633051966F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{566A0FA0-0945-434F-A27F-54EC755C68FB}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{4E097195-30BA-43F4-9576-6D03446E884C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{25C63303-CA23-44E4-9001-959567981C1F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F3438EA6-8F9E-4DB2-8F70-78B18D1F5B07}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{119633E1-DAC2-4EFE-BAC9-117ADB188578}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{28E8C348-B4C6-4473-A8A1-BCA00AC4AB9A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{927F43CF-1CCC-4C10-9DF2-0CBF4037998B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3B6737DB-A89D-4323-A958-7FE9E9DE2824}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{619C8167-E2B8-44AF-9234-2FA950BCF69D}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{5050B6F2-FCC2-4DA9-848E-C72E44C6A244}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{C88C0330-C63B-46E8-AA4C-EA0F5D22E7ED}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{0565A1D7-094B-4CBF-9203-EBA114D26634}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E69A7FD7-02CC-4B19-84DE-C4627834B6DD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{2378A96D-43B6-4385-ADD4-EB2CB6A250D8}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{4E9F20F6-A6FA-41C8-8BC5-CE08BCB0FB3F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [TCP Query User{337F983B-D3C3-4C39-ABFC-3B68CA8E7F46}X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{4F46EF22-E6F0-4846-BABE-B0C36A7F1496}X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{BAAFA752-EFA1-4AC7-A837-E98BAF4978D4}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{F1C54372-1DEA-4726-AC7C-AD20BA2F02A8}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{4315A08C-356B-465D-87F8-EA9C4EA83196}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2C5CCFF9-55BD-433D-B207-8FFB7D125415}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A0CBE5E0-5056-4E87-AB2E-FE9E90CB11A9}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{FE8F4E2E-34FB-4FDD-8260-A40777CAC976}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{E456D861-09CD-4809-A735-47350FF0DFBE}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{69F568BD-7F04-4E18-AE07-B4C33788C051}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{8A35E0AD-5F32-4A50-A336-F7674DA231DB}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{E2127EE6-C493-4A49-964B-AD151AEEBCC8}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{72384C29-D91B-4EC6-8818-0C7BF954839C}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{C2B103AC-E6BD-45F1-A068-3A16B98C8DC8}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{A81C43FA-9398-4FD4-9542-BF278030C130}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{C63B08FB-46A5-4816-B112-5847B7BC0513}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{BBD320A3-1458-42F8-A47F-4C3EBFA63075}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{A705655B-5501-462C-AF40-D0D4E20CDD87}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{92C76941-D1D9-42A8-8279-108C5FEA7028}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{E493FBF7-8858-4479-8018-1C49DA95D6E0}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{551BD7C0-8A40-4C45-8D8E-EACBFF8BDEBD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{61445A84-3B1F-43F8-B8FB-CB57CF1E4C0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{051AF3A8-1E70-4C69-8FC3-EF45607E6887}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{F58ABC6F-6DAA-424C-961B-558CFFD16A00}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{B5F01342-A4BD-4A6B-B43E-C928A2CCE50D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{9B85A96F-1974-4DEE-AD6F-9E722E7318CC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{330B33AC-D262-46F0-B85D-FC81F8D8C546}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{312BBA7C-A105-4675-9A50-E1545F7D8184}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{DE420CA8-33A8-460E-89A6-8316353F7C91}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Transmissions Element 120\hl2.exe
FirewallRules: [{300BD060-0313-42DB-8E16-27953A02866D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Transmissions Element 120\hl2.exe
FirewallRules: [{377B7FD6-6496-46DB-96B9-21B8C7EFE8DC}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror\agds.exe
FirewallRules: [{51A2C608-4045-49F3-AB4D-71559A27DBDE}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror\agds.exe
FirewallRules: [{95BB313F-B0E1-4F4E-AF97-739A942184CC}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{7E667861-5942-4074-A2D5-32FA1A29CFFE}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{325EDD4E-A511-4F5C-9B10-7509F2E9F2CC}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{2461F2EE-252A-460F-B1E0-57B47B5C194D}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{29CFDDE1-8A9B-466A-A421-BCED09FCEB5F}] => (Allow) Y:\Program Files (x86)\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{67082877-1EFC-4FB5-95EA-0998F28194B8}] => (Allow) Y:\Program Files (x86)\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{4A66F7A1-97E1-4E8C-A686-CCB30A43A7DE}] => (Allow) Y:\Program Files (x86)\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{B88D30FC-23E4-4202-B01F-08F2ACF1B72E}] => (Allow) Y:\Program Files (x86)\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{7BFEFA1C-F8D2-4037-9CA5-B1B866482E86}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{670F13E3-CCC2-42F3-B269-BDBDCAE9D855}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{B77A2C2A-ADFF-47AA-AC71-8F181843B4E9}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{59FF2A37-ABAA-4D88-B8A0-63D438B5A185}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{E255D2E7-4993-4F79-AB7C-BAC0FE74094E}] => (Allow) Y:\Program Files (x86)\Origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{E3FF5239-AC49-43F6-8542-2C31169660E4}] => (Allow) Y:\Program Files (x86)\Origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{4239BD55-86ED-466D-AE29-64CDDB188B9C}] => (Allow) Y:\Program Files (x86)\Origin\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{28BBB3A5-1243-45F5-A506-89B621B74728}] => (Allow) Y:\Program Files (x86)\Origin\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{F2DB2B19-EE2A-45FB-9814-838533E01B1C}] => (Allow) Y:\Program Files (x86)\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{97715F97-3A9E-43C9-99F1-1A2C7DAEAB29}] => (Allow) Y:\Program Files (x86)\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{9B40E5B0-0CD4-4652-986D-87394C5DE314}] => (Allow) Y:\Program Files (x86)\steamapps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{F6725B8A-7215-4939-9CEB-0D6547F0FA33}] => (Allow) Y:\Program Files (x86)\steamapps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{8EBCACC8-7049-4061-9D65-4C0B21BD0284}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE
FirewallRules: [{0578D553-BFA2-441E-BAEB-8A2FF2734D7A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{4D4DAC42-9667-4856-AEF7-8272E15C0E0A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{CF37A6B5-992C-4123-8FC8-D70FC00CFFEA}] => (Allow) Y:\Program Files (x86)\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{A87E1160-1627-44A5-8D91-6A10538C0436}] => (Allow) Y:\Program Files (x86)\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{AC4977A3-F7DB-496F-BF07-8FAB4FDF843D}] => (Allow) Y:\Program Files (x86)\steamapps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{9989DD48-C979-4EFA-944C-B945CD81A248}] => (Allow) Y:\Program Files (x86)\steamapps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{942452C6-675B-4F97-86D9-158BD645FBBF}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{7063F7F9-E007-40FB-A988-A65AD3BA6CBF}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{6570E119-D9EB-4AEB-A30C-97E051930B1E}] => (Allow) X:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5DACE60D-36D8-4785-AFF1-BAF32C15AFB8}] => (Allow) X:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{25C55644-F5BD-4950-9487-D86B9BD1F29F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{7C941A23-BCAA-454E-AB0E-A9E1D88C256D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{04378603-B9DF-496A-916E-372AA40D9276}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [{18C92F82-45A7-4AE8-B8D5-6CC7767454F0}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [TCP Query User{69485F4F-1167-43D2-96DC-061305D99C51}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
FirewallRules: [UDP Query User{85C6AEFC-A506-42A2-8A6C-6620644015AD}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
FirewallRules: [{EA3E8BE7-2E62-4FF8-B398-5EDBCEE1F14C}] => (Allow) C:\Program Files (x86)\Eye-Fi\EyeFiReceiver.exe
FirewallRules: [{A40BDE29-40B0-4152-B45B-F30FC6D496EE}] => (Allow) C:\Program Files (x86)\Eye-Fi\EyeFiReceiver.exe
FirewallRules: [{6DE3DE05-E285-45D4-A5CE-8F4FA9B57005}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{29C9359F-A97C-4147-A03C-411C34DC7632}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{ABAE4DBE-ABC3-4C97-BFD2-16E615835D43}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{F8ACAE70-2C82-438F-90E8-3DD423846F6F}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{978488F3-12BB-48B9-B6FE-889028F59138}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{315268F3-7350-4B1D-A127-5029DDAA6EEC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe
FirewallRules: [{E8C63382-201A-4F72-A2BC-35A6B644B82C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{979C9983-DF3B-4671-9431-CC179F53E892}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe
FirewallRules: [{14315F0E-69C4-4F43-B058-D1C5DB1C1984}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe
FirewallRules: [{F8BFE053-F157-4C21-A456-F77939B85878}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{335D755E-B4D5-40DA-AA66-D0536EDAC9A3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A06D4000-0273-4903-A094-0B478696F3DB}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{55E61657-CE83-4D2A-A01C-F17022EAE23E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{1BFB868A-9E31-4A9C-A99B-FE69C528A559}] => (Allow) Y:\Program Files (x86)\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{A02F3BA3-690E-4E82-8D33-EE40CFD91CCE}] => (Allow) Y:\Program Files (x86)\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{24EE5FAE-1F89-4078-BFC5-246A60A603C8}] => (Allow) Y:\Program Files (x86)\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{C0BC2666-3DE1-4059-AD96-77099F329BED}] => (Allow) Y:\Program Files (x86)\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{2A9D121A-3BF3-4BC7-BA41-32051AE8A994}] => (Allow) Y:\Program Files (x86)\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{70CDB7C2-0693-414E-AF48-4EB71AA7D554}] => (Allow) Y:\Program Files (x86)\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{2C882013-981D-4415-9703-1744EC63463E}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{C8597CE5-D682-4680-9C8E-B86D22DCCE9B}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{506CF8D0-C9F9-460F-B8D1-84C45C014A01}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{EE5C3DF8-B6E3-4C68-A2D8-866780C39AA4}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{1E6924B3-240A-4B67-AA2A-CD029A5B7A24}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{357A3E2C-5AEC-4423-A77F-9737B88CDAF3}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{4E1F4191-79B1-4B0F-8AA6-06B446B2A05E}] => (Allow) Y:\Program Files (x86)\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{31E431FB-2916-43E5-A6B8-C27CF7BDD02A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{3679DE31-A194-48C1-B4BE-B02ECA31D6DA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{33C3D88E-F5FD-445A-B46C-897D65168CCE}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [UDP Query User{F29892B8-3A47-4847-A890-DF7F3DF7A6D7}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [{47F77314-394D-4DA0-93B8-60AA0D19D70D}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{852F1FA4-5514-4DED-9BDD-5C06CDC8803E}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [TCP Query User{F089E846-4F9F-4C54-B03B-EA58EECEDE1B}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe
FirewallRules: [UDP Query User{7C9DDF66-C10D-41BF-8675-9BE29FCDA43B}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe
FirewallRules: [{66273284-F232-4318-8AF3-5CD3DA45D966}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{C4237E09-0589-4A76-A91F-E96109025E67}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{272BA0D1-8867-4EC7-8921-20355438C849}] => (Allow) Y:\Program Files (x86)\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{6CD669C0-86CA-43A3-9549-E1058BA5D0A9}] => (Allow) Y:\Program Files (x86)\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{E85B6E0C-32C3-405F-9C79-42670121902E}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{0A98E8BC-CD51-4706-B9B4-F8083D248E2A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{BE543A2C-4FD7-4675-B039-965CE70A9B41}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{B2630DCD-5FA5-451D-836F-9C7C7C3EF5DF}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{59A55441-FDBD-48F1-AD3B-F1B1A746AE7E}] => (Allow) LPort=3389
FirewallRules: [{2A7E6DD9-1033-46CE-BDE5-1A848026DEA8}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{F0E2E027-02D9-423B-B870-F5CEC612EF87}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{2AECB7C6-9075-4530-953C-5B28BCAD1B38}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{7F0C7ECE-B3F0-4628-AE08-741C381CAEEA}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe

==================== Wiederherstellungspunkte =========================

15-02-2017 21:43:54 Removed WinSnare
19-02-2017 11:44:44 AA11
23-02-2017 18:22:24 Windows Update
26-02-2017 20:03:07 AA11
01-03-2017 16:57:45 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/01/2017 04:57:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/01/2017 04:46:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: adwcleaner_6.044.exe, Version: 6.0.4.4, Zeitstempel: 0x58b5dbcb
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x58256ca0
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000d9d11
ID des fehlerhaften Prozesses: 0x27d8
Startzeit der fehlerhaften Anwendung: 0x01d292a28257d6c7
Pfad der fehlerhaften Anwendung: C:\Users\Daniel\Desktop\adwcleaner_6.044.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 46c614bf-65e5-4e93-bf6c-33d601047874
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/28/2017 05:44:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Daniel\Downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/27/2017 04:32:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/27/2017 04:31:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Daniel\Downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:31:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:31:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:24:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:23:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:22:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Daniel\Downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.


Systemfehler:
=============
Error: (03/01/2017 04:52:34 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/01/2017 04:49:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/01/2017 04:49:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (03/01/2017 04:47:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/01/2017 04:47:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (03/01/2017 04:46:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/01/2017 04:46:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS Com Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/01/2017 04:46:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung Printer Dianostics Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/01/2017 04:46:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung UPD Utility Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/01/2017 04:46:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Machine Debug Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-03-01 16:49:33.097
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-01 16:32:04.355
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-28 17:33:34.236
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-28 07:07:22.320
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-27 16:15:22.903
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-26 20:24:08.561
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-25 16:07:23.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 16:06:35.158
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-12 21:29:21.673
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-12 21:29:21.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8120 Eight-Core Processor 
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 16329.31 MB
Verfügbarer physikalischer RAM: 14200.96 MB
Summe virtueller Speicher: 17353.31 MB
Verfügbarer virtueller Speicher: 15035.95 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:194.53 GB) (Free:72.86 GB) NTFS
Drive g: (HAL9000M) (Fixed) (Total:298.01 GB) (Free:280.32 GB) FAT32
Drive x: (HAL 9000) (Fixed) (Total:736.2 GB) (Free:208.36 GB) NTFS
Drive y: (DATA 9000) (Fixed) (Total:1863.01 GB) (Free:1503.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 0000735A)

Partition: GPT.
Partition 2: (Active) - (Size=230.6 GB) - (Type=83)
Partition 3: (Not Active) - (Size=1.7 GB) - (Type=82)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2ABEE185)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=194.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BA460385)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 298.1 GB) (Disk ID: 85037F94)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0B)

==================== Ende von Addition.txt ============================
         

Alt 02.03.2017, 20:42   #8
Tician
/// TB-Senior
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



Gut gemacht!

ESET kam auf das System. Hattest du es zwischenzeitlich installiert und evtl. auch laufen lassen?
Wenn ja, dann Log bitte posten.


Schritt 1:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CloseProcesses:
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
OPR Extension: (Kein Name) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-02-12]
2017-02-12 21:31 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\GRR242xMGC
2017-02-12 21:30 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Atikationbogot System
2017-02-12 21:30 - 2017-02-12 21:33 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 __SHD C:\jpjiQMOQLhjpjiQMOQLh
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 ____D C:\Users\Daniel\jpjiQMOQLh
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\MicProCam
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Program Files (x86)\Client
2017-02-11 18:14 - 2017-02-11 18:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\sabnzbd
2017-02-10 16:16 - 2017-02-10 16:16 - 03287737 _____ C:\WINDOWS\70c6c8294cb8d4334ed10f21aa6b120e.exe
File: C:\Program Files\Windows Defender\MsMpEng.exe
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Schritt 2:
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.
__________________
Gruß Tician

Alt 03.03.2017, 16:14   #9
High_one
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



Schritt 1 Fixlog.txt
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-03-2017
durchgeführt von Daniel (03-03-2017 16:06:03) Run:1
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
OPR Extension: (Kein Name) - C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-02-12]
2017-02-12 21:31 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\GRR242xMGC
2017-02-12 21:30 - 2017-02-12 21:53 - 00000000 ____D C:\Program Files (x86)\Atikationbogot System
2017-02-12 21:30 - 2017-02-12 21:33 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 __SHD C:\jpjiQMOQLhjpjiQMOQLh
2017-02-11 19:55 - 2017-02-19 20:37 - 00000000 ____D C:\Users\Daniel\jpjiQMOQLh
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\MicProCam
2017-02-11 19:55 - 2017-02-11 19:55 - 00000000 ____D C:\Program Files (x86)\Client
2017-02-11 18:14 - 2017-02-11 18:14 - 00000000 ____D C:\Users\Daniel\AppData\Local\sabnzbd
2017-02-10 16:16 - 2017-02-10 16:16 - 03287737 _____ C:\WINDOWS\70c6c8294cb8d4334ed10f21aa6b120e.exe
File: C:\Program Files\Windows Defender\MsMpEng.exe
EmptyTemp:
*****************

Prozesse erfolgreich geschlossen.
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
C:\Users\Daniel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni => erfolgreich verschoben
C:\Program Files (x86)\GRR242xMGC => erfolgreich verschoben
C:\Program Files (x86)\Atikationbogot System => erfolgreich verschoben
C:\WINDOWS\system32\SSL => erfolgreich verschoben
C:\jpjiQMOQLhjpjiQMOQLh => erfolgreich verschoben
C:\Users\Daniel\jpjiQMOQLh => erfolgreich verschoben
C:\Users\Daniel\AppData\Roaming\MicProCam => erfolgreich verschoben
C:\Program Files (x86)\Client => erfolgreich verschoben
C:\Users\Daniel\AppData\Local\sabnzbd => erfolgreich verschoben
C:\WINDOWS\70c6c8294cb8d4334ed10f21aa6b120e.exe => erfolgreich verschoben

========================= File: C:\Program Files\Windows Defender\MsMpEng.exe ========================

Datei ist digital signiert
MD5: 5D31780EABBA5FB994AE217FF79AC01C
Erstellungs- und Änderungsdatum: 2016-07-16 12:43 - 2016-07-16 12:43
Größe: 0103720
Attribute: ----A
Firmenname: Microsoft Corporation
Interne Name: MsMpEng.exe
Original Name: MsMpEng.exe
Produkt: Microsoft® Windows® Operating System
Beschreibung: Antimalware Service Executable
Datei Version: 4.10.14393.0 (rs1_release.160715-1616)
Produkt Version: 4.10.14393.0
Urheberrecht: © Microsoft Corporation. All rights reserved.

====== Ende von File: ======


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 73400677 B
Java, Flash, Steam htmlcache => 707323406 B
Windows/system/drivers => 1267253 B
Edge => 13619825 B
Chrome => 0 B
Firefox => 414418537 B
Opera => 7921464 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 4640248 B
NetworkService => 514968 B
Daniel => 92714868 B

RecycleBin => 4847320 B
EmptyTemp: => 1.2 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 16:08:17 ====
         
Schritt 2 FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
durchgeführt von Daniel (Administrator) auf HIGHLANDER (03-03-2017 16:14:27)
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
() C:\Windows\SysWOW64\spdsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.693_none_42ff55c9655f38bf\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1735288 2016-09-30] (Logitech, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [DAEMON Tools Lite] => X:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-11-19]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-12-13]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2016-11-19]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Steam - Verknüpfung.lnk [2016-02-10]
ShortcutTarget: Steam - Verknüpfung.lnk -> X:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{27DD6B25-BC9C-4C3E-8FE2-641BBCDC0111}: [DhcpNameServer] 192.168.100.11 192.168.100.12
Tcpip\..\Interfaces\{93abd697-dc98-42c5-8239-078743b5d7f7}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{fc57916e-ea56-438d-8a5b-66a75d23fe17}: [DhcpNameServer] 192.168.192.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/$22/
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1478581348-535765091-3593234125-1001 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default [2017-03-03]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\k40kk53n.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\k40kk53n.default -> hxxps://www.google.de/
FF Extension: (Firebug) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-12]
FF Extension: (divx helper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{7b0f509e-2df1-4fe9-bcae-93cd2ae17596}.xpi [2015-12-19] [ist nicht signiert]
FF Extension: (Video DownloadHelper) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-images.xml [2014-10-21]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\searchplugins\google-maps.xml [2014-10-21]
FF HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\k40kk53n.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-20] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-12-13] (Adobe Systems) [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-12-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-12-07] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-12-08] (ASUSTeK Computer Inc.)
U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe [1457664 2014-01-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-01] ()
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-19] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-19] (Electronic Arts)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [143664 2016-12-24] ()
R2 TermService; C:\WINDOWS\system32\rdpwrap.dll [116736 2017-02-13] (Stas'M Corp.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-12-07] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-12-07] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2013-03-04] (MCCI Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-05-27] (Disc Soft Ltd)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-03 16:06 - 2017-03-03 16:08 - 00004161 _____ C:\Users\Daniel\Desktop\Fixlog.txt
2017-03-03 16:03 - 2017-03-03 16:03 - 00000000 ___HD C:\OneDriveTemp
2017-03-01 17:05 - 2017-03-01 17:05 - 00086831 _____ C:\Users\Daniel\Desktop\Addition.txt
2017-03-01 17:04 - 2017-03-03 16:15 - 00015116 _____ C:\Users\Daniel\Desktop\FRST.txt
2017-03-01 16:59 - 2017-03-01 16:59 - 00000946 _____ C:\Users\Daniel\Desktop\JRT.txt
2017-03-01 16:57 - 2017-03-01 16:57 - 01663736 _____ (Malwarebytes) C:\Users\Daniel\Desktop\JRT.exe
2017-03-01 16:42 - 2017-03-01 16:46 - 00000000 ____D C:\AdwCleaner
2017-03-01 16:42 - 2017-03-01 16:43 - 04031440 _____ C:\Users\Daniel\Desktop\adwcleaner_6.044.exe
2017-02-26 21:22 - 2017-02-26 21:22 - 02870984 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu(1).exe
2017-02-26 21:22 - 2017-02-26 21:22 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-26 20:49 - 2017-02-26 20:49 - 00000000 ___HD C:\$SysReset
2017-02-26 20:32 - 2017-02-26 20:33 - 00088490 _____ C:\Users\Daniel\Downloads\Addition.txt
2017-02-26 20:31 - 2017-03-03 16:14 - 00000000 ____D C:\FRST
2017-02-26 20:31 - 2017-02-26 20:33 - 00026302 _____ C:\Users\Daniel\Downloads\FRST.txt
2017-02-26 20:30 - 2017-03-01 16:56 - 02423808 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2017-02-26 20:05 - 2017-02-26 20:05 - 00000000 ____D C:\Users\Daniel\.QtWebEngineProcess
2017-02-20 18:40 - 2017-02-26 11:10 - 00000000 ____D C:\Users\Daniel\Desktop\Neuer Ordner
2017-02-19 20:08 - 2017-02-19 20:08 - 01426593 _____ C:\Users\Daniel\Downloads\licensecrawler_1.85_build-1566.zip
2017-02-19 18:15 - 2017-02-19 18:16 - 02870984 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2017-02-19 17:39 - 2017-02-19 17:39 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-19 17:33 - 2017-02-19 17:33 - 00000000 ____D C:\Users\Daniel\Documents\ProcAlyzer Dumps
2017-02-19 15:36 - 2017-02-26 20:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-19 15:36 - 2017-02-26 20:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-19 15:36 - 2017-02-19 15:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-02-19 12:31 - 2017-02-19 15:35 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.4.exe
2017-02-19 12:03 - 2017-02-19 12:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareDesktop
2017-02-19 11:46 - 2017-02-19 11:46 - 00000000 ____D C:\Users\Daniel\AppData\Local\AdAwareUpdater
2017-02-19 11:45 - 2017-02-19 11:45 - 00000000 ____D C:\Program Files\Common Files\adaware
2017-02-19 11:44 - 2017-02-19 11:44 - 02546688 _____ C:\Users\Daniel\Downloads\Adaware_Installer.exe
2017-02-13 21:02 - 2017-02-19 14:46 - 00051015 _____ C:\WINDOWS\system32\rdpwrap.ini
2017-02-13 21:02 - 2017-02-13 21:02 - 00116736 _____ (Stas'M Corp.) C:\WINDOWS\system32\rdpwrap.dll
2017-02-12 23:01 - 2017-02-12 23:01 - 00001482 _____ C:\Users\Daniel\Desktop\Penudomataneght.default.lnk
2017-02-12 21:56 - 2017-03-03 16:10 - 00000008 __RSH C:\Users\Daniel\ntuser.pol
2017-02-12 21:32 - 2017-02-12 21:32 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2017-02-12 21:32 - 2017-02-12 21:32 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2017-02-11 19:56 - 2017-03-01 16:46 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2017-02-08 12:37 - 2017-02-08 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-08 12:36 - 2017-02-08 12:36 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-08 12:36 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-08 12:36 - 2017-01-04 15:24 - 00210360 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-08 12:36 - 2016-12-29 14:06 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-08 12:36 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-08 12:36 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-08 12:36 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-08 12:36 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-03 16:12 - 2013-12-08 17:21 - 01048576 _____ C:\WINDOWS\PE_Rom.dll
2017-03-03 16:11 - 2014-05-25 19:28 - 00000000 __RDO C:\Users\Daniel\OneDrive
2017-03-03 16:10 - 2016-10-02 16:48 - 00000000 ____D C:\Users\Daniel
2017-03-03 16:09 - 2016-10-02 17:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 16:09 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-03 16:09 - 2015-09-01 20:12 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-03-03 16:08 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-03 16:07 - 2014-12-03 19:41 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Temp
2017-03-03 16:06 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-03-03 16:02 - 2016-10-02 16:42 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-02 17:58 - 2014-01-11 14:35 - 00000000 _____ C:\WINDOWS\Path.idx
2017-03-02 17:56 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-02 17:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-26 20:51 - 2014-08-25 18:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-26 20:05 - 2014-12-14 19:45 - 00000000 ____D C:\ProgramData\Origin
2017-02-25 10:56 - 2013-12-25 11:08 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-24 19:45 - 2016-12-14 20:34 - 00000000 ____D C:\Users\Daniel\dwhelper
2017-02-23 18:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 18:27 - 2013-12-08 16:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 18:24 - 2013-12-08 16:48 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-20 15:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-20 01:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-19 20:47 - 2016-10-02 16:42 - 00346672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\ProgramData\Apple
2017-02-19 19:53 - 2014-05-26 16:41 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-02-19 19:48 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-19 19:47 - 2016-04-11 20:11 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-02-19 15:28 - 2014-03-23 09:41 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-19 11:37 - 2016-07-16 23:51 - 01045548 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-19 11:37 - 2016-07-16 23:51 - 00246560 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-19 11:37 - 2015-09-01 16:21 - 02489702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-19 11:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter
2017-02-18 23:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\IME
2017-02-15 21:59 - 2013-12-07 22:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2017-02-14 21:08 - 2016-10-12 19:06 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-02-12 22:48 - 2015-06-02 20:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-12 22:43 - 2014-09-21 13:48 - 00000000 ___RD C:\Users\Daniel\Desktop\Bewerbungen
2017-02-12 22:14 - 2013-12-08 08:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-12 20:36 - 2015-01-11 15:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\Ubisoft Game Launcher
2017-02-08 12:37 - 2016-10-02 16:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-08 12:36 - 2016-10-02 16:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-12-08 19:48 - 2013-12-24 11:01 - 0000600 _____ () C:\Users\Daniel\AppData\Local\PUTTY.RND
2013-12-08 13:43 - 2013-12-08 13:43 - 0000017 _____ () C:\Users\Daniel\AppData\Local\resmon.resmoncfg
2015-10-19 21:01 - 2015-10-19 21:01 - 0000011 _____ () C:\ProgramData\.tv7
2016-10-02 16:44 - 2016-10-02 16:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-27 17:57

==================== Ende von FRST.txt ============================
         
Schritt 2 Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-03-2017
durchgeführt von Daniel (03-03-2017 16:15:37)
Gestartet von C:\Users\Daniel\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-02 16:09:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1478581348-535765091-3593234125-500 - Administrator - Disabled)
Daniel (S-1-5-21-1478581348-535765091-3593234125-1001 - Administrator - Enabled) => C:\Users\Daniel
DefaultAccount (S-1-5-21-1478581348-535765091-3593234125-503 - Limited - Disabled)
Gast (S-1-5-21-1478581348-535765091-3593234125-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1478581348-535765091-3593234125-1008 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

15 Days (HKLM-x32\...\Steam App 342990) (Version:  - House of Tales)
3DMark (HKLM\...\Steam App 223850) (Version:  - Futuremark)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Agatha Christie - The ABC Murders (HKLM\...\Steam App 374900) (Version:  - Artefacts Studios)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Alan Wake (HKLM\...\Steam App 108710) (Version:  - Remedy Entertainment)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version:  - Creative Assembly)
Aliens: Colonial Marines (HKLM\...\Steam App 49540) (Version:  - Gearbox Software)
Anna - Extended Edition (HKLM\...\Steam App 217690) (Version:  - Dreampainters)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM\...\Steam App 65790) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Aura: Fate of the Ages (HKLM-x32\...\Steam App 65500) (Version:  - Streko Graphics)
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 4.0.0.6 - )
Beyond Good and Evil (HKLM-x32\...\Uplay Install 232) (Version:  - Ubisoft)
BioShock Infinite (HKLM\...\Steam App 8870) (Version:  - Irrational Games)
Black Mesa (HKLM-x32\...\Steam App 362890) (Version:  - Crowbar Collective)
Black Mirror (HKLM\...\Steam App 292930) (Version:  - Future Games)
Black Mirror II (HKLM-x32\...\Steam App 286460) (Version:  - Cranberry Production)
Black Mirror III (HKLM-x32\...\Steam App 286480) (Version:  - Cranberry Production)
Broken Sword 1 - Shadow of the Templars: Director's Cut (HKLM\...\Steam App 57640) (Version:  - Revolution Software Ltd)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Fall 1: The Journal (HKLM-x32\...\Steam App 260690) (Version:  - Darkling Room)
Dark Fall 2: Lights Out (HKLM-x32\...\Steam App 260710) (Version:  - Darkling Room)
DiRT Rally (HKLM\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Elegant-Treiber Paket (HKLM-x32\...\Samsung Stylish UI Pack) (Version: 1.01.74.00 (09.02.2015) - Samsung Electronics Co., Ltd.)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
Fireflies Screensaver (remove only) (HKLM-x32\...\Fireflies) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Half-Life 2 (HKLM\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version:  - Valve)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Jack Keane 2 - The Fire Within (HKLM-x32\...\Steam App 236970) (Version:  - Deck 13)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Lost Horizon (HKLM-x32\...\Steam App 40350) (Version:  - Animation Arts)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
METAL GEAR SOLID V: GROUND ZEROES (HKLM\...\Steam App 311340) (Version:  - Kojima Productions)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM\...\Steam App 233290) (Version:  - Airtight Games)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.4.0.0 - Electronic Arts)
No Man's Sky (HKLM\...\Steam App 275850) (Version:  - Hello Games)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Öko-Treiber Pack (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28.05.2015) - Samsung Electronics Co., Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Overclocked: A History of Violence (HKLM-x32\...\Steam App 339850) (Version:  - House of Tales)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version:  - Obsidian Entertainment)
Pixeluvo version 1.6.0 (HKLM\...\{8CD06ADF-DEEA-4594-8E6C-9B2CACE29760}_is1) (Version: 1.6.0 - Pictopotamus Ltd)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project CARS (HKLM\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Remember Me (HKLM-x32\...\Steam App 228300) (Version:  - DONTNOD Entertainment)
Resident Evil / biohazard HD REMASTER (HKLM-x32\...\Steam App 304240) (Version:  - CAPCOM Co., Ltd.)
Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version:  - Crystal Dynamics)
Risen 3 - Titan Lords (HKLM\...\Steam App 249230) (Version:  - Piranha Bytes)
Safecracker: The Ultimate Puzzle Adventure (HKLM-x32\...\Steam App 3260) (Version:  - Kheops Studio)
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.04 - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.0.0.78 - Samsung Electronics Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.12 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.26 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Syberia (HKLM\...\Steam App 46500) (Version:  - Microids)
Syberia 2 (HKLM\...\Steam App 46510) (Version:  - Microids)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
The Ball (HKLM\...\Steam App 35460) (Version:  - Teotl Studios)
The Book of Unwritten Tales (HKLM-x32\...\Steam App 215160) (Version:  - KING Art)
The Book of Unwritten Tales: The Critter Chronicles (HKLM-x32\...\Steam App 221830) (Version:  - KING Art)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Moment of Silence (HKLM-x32\...\Steam App 339840) (Version:  - House of Tales)
The Mystery of the Druids (HKLM-x32\...\Steam App 343000) (Version:  - House of Tales)
The Raven - Legacy of a Master Thief (HKLM-x32\...\Steam App 233370) (Version:  - KING Art)
The Solus Project (HKLM\...\Steam App 313630) (Version:  - Hourences)
The Stanley Parable Demo (HKLM\...\Steam App 247750) (Version:  - Galactic Cafe)
Titan Quest Anniversary Edition (HKLM\...\Steam App 475150) (Version:  - Iron Lore Entertainment)
Tom Clancy's The Division - Beta (HKLM-x32\...\Steam App 414460) (Version:  - Massive Entertainment)
Tomb Raider (HKLM\...\Steam App 203160) (Version:  - Crystal Dynamics)
Tomb Raider II (HKLM-x32\...\Steam App 225300) (Version:  - Core Design)
Transmissions: Element 120 (HKLM\...\Steam App 365300) (Version:  - Shokunin)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.12 - Samsung Electronics CO., LTD.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Wasteland 2: Director's Cut (HKLM-x32\...\Steam App 404730) (Version:  - inXile Entertainment)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WhatsApp (HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)
Yesterday (HKLM-x32\...\Steam App 205840) (Version:  - Pendulo Studios)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06EE6F2F-3D93-4BA3-A550-C9034CC41020} - \WPD\SqmUpload_S-1-5-21-1478581348-535765091-3593234125-1001 -> Keine Datei <==== ACHTUNG
Task: {0E3CE234-A495-4833-9318-08D6FE9B72D9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {13D9416E-8B02-4482-9E9A-355C443C68E8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {172D8D5B-B799-4B42-8168-9DB681715F50} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2015-04-24] ()
Task: {1B054512-C15D-404B-A7D1-40F17E580AB8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {229FE34C-3144-4F25-B3D8-FE2DF1E343EA} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: {34F2D54D-727C-4DEC-BE30-FB2FF9F83DCF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {4674980A-D352-4073-BA3B-0A96B4D2FB7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {61F89444-D967-4AF0-8634-F6468B011A99} - \Pregehabering -> Keine Datei <==== ACHTUNG
Task: {64B7D47A-A68F-4370-8AFF-938FA096E854} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {71545E37-4F9E-4090-BFA5-86C893DFEB75} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {7F4D41A3-5EC5-4C30-A45C-D139DD8AEE2B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {88B50241-7A72-4720-BF17-962F97B5B4A0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {90F87FC1-8C09-4348-805E-D1C42012250A} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {9740F4B3-DC4B-4B24-9757-31E6F4B8D439} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {992BBF82-2E12-497B-8E66-E29488D68306} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {B1B39CF6-8FE6-4C96-9CC4-237BD5A54165} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-20] (Adobe Systems Incorporated)
Task: {B21F31E4-A212-4543-AC57-EC709C4DEA1B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B3D1FB94-487A-466C-B5CA-0A38A5E336E8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {C358818D-01E0-469A-8580-5AF36129952E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {E124BE7F-B769-4BFE-93D4-E3151C67B7ED} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-01-14] ()
Task: {E770174C-C5B6-4CC9-AD27-074CA994165B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-24 12:31 - 2014-11-25 12:16 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll
2016-02-15 21:01 - 2016-02-15 21:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2016-10-02 16:44 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-06 20:47 - 2016-07-17 22:43 - 00499000 ____N () C:\WINDOWS\SysWoW64\spdsvc.exe
2016-12-24 12:31 - 2016-12-24 12:31 - 00143664 ____N () C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe
2013-12-07 22:37 - 2013-12-07 22:37 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-12-08 13:39 - 2013-01-14 16:37 - 01406776 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2016-12-13 20:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-02 17:36 - 2016-10-02 17:36 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 21:55 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 21:54 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 21:54 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 21:54 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-23 16:31 - 2017-02-23 16:33 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 16:31 - 2017-02-23 16:33 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 16:31 - 2017-02-23 16:33 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 09:57 - 2017-02-06 09:57 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2017-01-11 21:54 - 2016-12-21 07:47 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-11-19 12:49 - 2015-02-10 15:08 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2016-12-24 12:32 - 2015-06-11 12:42 - 03055616 ____N () C:\WINDOWS\system32\DlgSearchEngine.dll
2016-10-13 18:43 - 2017-02-19 15:28 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2013-12-07 22:37 - 2017-03-03 16:09 - 00033280 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-12-07 22:37 - 2013-12-07 22:34 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-12-08 13:39 - 2013-01-14 17:16 - 05771136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2013-12-08 13:39 - 2010-06-21 15:21 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-01-11 14:16 - 2013-03-04 21:57 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2016-11-19 12:49 - 2015-02-18 14:11 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2013-12-17 10:31 - 2013-12-17 10:31 - 00491520 _____ () C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
2014-01-11 14:16 - 2012-08-03 16:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2013-12-08 13:39 - 2011-07-12 19:14 - 00147456 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-12-08 13:39 - 2010-10-05 08:22 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-01-11 14:15 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2013-12-08 13:39 - 2012-10-08 17:07 - 00972288 ____N () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-12-08 13:39 - 2013-01-15 15:30 - 01040896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-01-11 14:15 - 2012-06-19 12:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-01-11 14:16 - 2012-08-14 11:14 - 01123840 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-01-11 14:16 - 2012-07-20 09:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-12-08 13:39 - 2013-04-15 14:19 - 00883712 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-12-08 13:39 - 2012-05-28 21:27 - 01622528 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-12-08 13:39 - 2011-09-19 20:18 - 01243136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-12-08 13:39 - 2011-07-21 09:06 - 00846848 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-12-08 13:39 - 2012-08-29 18:09 - 00875520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-12-07 22:37 - 2013-12-07 22:34 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-12-08 13:39 - 2010-10-05 08:22 - 00208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-01-11 14:17 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2013-12-08 13:39 - 2009-08-12 20:15 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2017-03-01 16:46 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1478581348-535765091-3593234125-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{e5a42237-04bb-4b35-bccc-62b140b2d1c1}.CR2
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1478581348-535765091-3593234125-1001\...\StartupApproved\Run: => "Raptr"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1739C80E-0DC0-43AA-9EE8-8E8E6D8A5224}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{575BC274-12C0-494E-9588-CF520A3574D1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{ED028450-B0C5-452A-8566-BF17F1D39154}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{CC9F52F9-5FFC-4248-A2A0-3748B809CBC4}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [UDP Query User{E6B4DDC7-8CE8-4DF9-A106-4EA6752CBFD5}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{60ABD0A7-C67F-49A7-ACF7-31818F743F8A}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{BF27EF7B-D034-4288-9BA1-9C85FBC95F61}C:\program files (x86)\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\java.exe
FirewallRules: [TCP Query User{268F3E0D-1F4D-4CA9-90CC-FE4A5C90B186}C:\program files (x86)\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{7D556653-25CF-4956-A987-DC58A3AFB567}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{56B8ADB4-DB72-4E83-BBBA-E94AE3DE13EC}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{7773C64F-5744-4484-8CB6-27483E174FCB}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{136D6DF5-497D-41F6-A39B-8294194EC541}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{84EA0326-8696-48EB-9D19-7D96854A1282}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{BF281C92-B3FD-4299-8FEF-33E4EDFCD206}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{CFAD6B7C-E05D-4623-9D4F-02DB079296C9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{66F57649-F0A6-42E4-BFA6-C81322055946}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{8A8E1951-0FAF-4F1E-A3A0-8763614AC557}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe
FirewallRules: [TCP Query User{EE622A1E-8C92-44A0-B42B-E611242D5B01}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe
FirewallRules: [{86473537-7282-426D-A15B-F9CE7EE7AEB2}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{F322C8BF-D606-4881-AF3D-13EAE9277DAB}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Anna\Anna.exe
FirewallRules: [{7CAF606E-13D1-488A-937E-3A5E750265E7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Syberia2.exe
FirewallRules: [{E2836527-0A4D-4242-8A32-F832F88831E1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Syberia2.exe
FirewallRules: [{9614330A-AE3F-43DE-992B-16D5FBFE9934}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Game.exe
FirewallRules: [{AE2BFD58-03EA-483E-B8E4-86C7A49459C3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia 2\Game.exe
FirewallRules: [{ADB5AC49-580F-4F45-B670-E68ACFE5633F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia\Game.exe
FirewallRules: [{1A09D0F6-6AC4-4F9E-B666-857F67625FE5}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Syberia\Game.exe
FirewallRules: [{DA581AD4-6481-4425-9952-EA6784E9EEAD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5481738A-2391-4A5D-B92E-44BEAA578696}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [UDP Query User{2B4A366F-FAD3-4017-9AA4-1647A96958E0}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{839DAB1A-9273-403A-B008-F0627F961F32}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [{D0D28362-F0F7-44CE-B123-6BA216886ED7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{21645B25-F809-423C-BC7E-BCD40A462A04}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{395E6D94-A3A8-486A-963F-86075E4DD9C7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{D73B1964-0D33-44A1-9A1A-D7EB0F2179C0}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider (II)\Tomb2.exe
FirewallRules: [{EA6201BD-0AF4-4ED8-B9B1-5403D1D3686A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's The Division - Beta\thedivision.exe
FirewallRules: [{98A2C85E-3B99-44F4-A93B-818F6D2E28B7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's The Division - Beta\thedivision.exe
FirewallRules: [{65472F4B-BC89-41B0-867B-FD8FFDF27452}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{FB0207C7-0305-479F-9FD7-4D5094C1F503}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Remember Me\Binaries\Win32\RememberMe.exe
FirewallRules: [{52E48425-9353-4AC1-9C8D-AFEC6A5688F1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mesa\bms.exe
FirewallRules: [{946365E2-ED15-4F41-9811-4F2BE60F3D31}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mesa\bms.exe
FirewallRules: [{BA9E0BF4-DBC4-418E-9949-68784FDD4E33}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Lost Horizon\AutoStarter.exe
FirewallRules: [{98D0E662-3D8E-4A42-9336-ED27A2379564}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Lost Horizon\AutoStarter.exe
FirewallRules: [{8876BAE7-2C91-4AFD-AEA1-81E04DFB61FA}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{E103C4D8-4054-4D6E-AED1-E6483EE63E0A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{9FE8EF5E-4817-4DDA-AD4D-20F241CC9DDF}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{47329D06-5380-49B5-B732-EFD9761D56B0}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{AD47B247-1A6F-4EC4-A7EF-42EAABCC8939}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\15 Days\rhc.exe
FirewallRules: [{E17750F4-973C-4BD1-9B47-F507405ED8FC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\15 Days\rhc.exe
FirewallRules: [{429794D8-A536-4BB9-88FF-6349D5AE10BD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\PSConfig.exe
FirewallRules: [{8D2777B0-0B35-441C-A783-11CC42B9996B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\PSConfig.exe
FirewallRules: [{EB5E95FE-9229-4D9E-8A82-71D21821D97E}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\Yesterday.exe
FirewallRules: [{CA3CD382-12E9-4279-9176-847D10F61D0B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Yesterday\Yesterday.exe
FirewallRules: [{44F0EAE3-E91E-426C-8B40-63244BF291EC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Aura Fate of the Ages\Aura1.exe
FirewallRules: [{BDF37CF2-51B7-4429-857F-DA1A31353397}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Aura Fate of the Ages\Aura1.exe
FirewallRules: [{5EAD1BCF-5F79-4B23-85C1-D6881005A751}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{0D567A0A-1227-43CF-B19D-2BB51A59D7DD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Book of Unwritten Tales\bout.exe
FirewallRules: [{9F0BF3D6-1751-4F1A-AA80-CB27A5B199AB}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{B636ABC8-7A1D-4C92-9A92-5F88AAD13D04}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Critter Chronicles\CritterChronicles.exe
FirewallRules: [{6BCEA1CA-5B5C-4845-B8BF-8EAE6368CDFC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 1 The Journal\DarkFall.exe
FirewallRules: [{344D59A1-50E8-4B8E-A8E3-C1F356F4771C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 1 The Journal\DarkFall.exe
FirewallRules: [{2E010D16-1AEB-4E97-80DB-BBB975C432FC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 2 Lights Out\DarkFall2.exe
FirewallRules: [{DD4F9206-07A4-4E95-AF8F-DE8C6D2889BD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Dark Fall 2 Lights Out\DarkFall2.exe
FirewallRules: [{875BF096-0334-4F7D-B21E-0341F896A181}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Jack Keane 2\JackKeane2.exe
FirewallRules: [{E25B123F-7647-40E4-9D22-D3751FFA0C40}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Jack Keane 2\JackKeane2.exe
FirewallRules: [{3BA7CB38-032D-468F-9EA1-BF58C70DBCED}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Moment of Silence\mos.exe
FirewallRules: [{65B6BC8A-86B0-45F4-AB94-6C5B08FAAC7C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Moment of Silence\mos.exe
FirewallRules: [{BEC9C3E1-C1BE-47F6-A557-FF777026890D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Mystery of the Druids\edd.exe
FirewallRules: [{718B3703-BF1B-4D9E-81B0-D02720CEA1D5}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Mystery of the Druids\edd.exe
FirewallRules: [{8A314FE0-9600-40BA-9CAD-B15FC7235B1D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Overclocked\launcher.exe
FirewallRules: [{5BF1F4A3-6412-40F9-9859-7490EE66D082}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Overclocked\launcher.exe
FirewallRules: [{EB4A5DC1-E11C-414A-A7E2-AF5586DC1086}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{E06A444F-DDD2-4626-8107-A59158259F1F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{40BD4FF6-2D64-477E-8841-7947B7DE0611}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Safecracker 2\Safecracker.exe
FirewallRules: [{5FC3D32C-4EDD-46D3-A199-EEAADA9276F7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Safecracker 2\Safecracker.exe
FirewallRules: [UDP Query User{9D0E3A1B-B85C-44B9-90E2-18DA868C2E9D}X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{F25A2969-EF73-453A-81FD-B5471B912CA0}X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Allow) X:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{E20F5364-6C35-401A-BB8F-550ED69C3AFD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{CA850769-B9A7-465C-8774-B23421A9563A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [UDP Query User{3CDAE9AF-6ACD-4D48-95C1-7C59BB02440E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{1F1D3673-263E-40E8-8AAF-02218B57EA89}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D9C63033-5BCB-428A-A3AC-399119BFA512}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{6EFDE9D1-215C-4CC4-8381-0374767650F3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{4E6C72CD-A225-4757-B35F-6E6C0F66366C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BFEF3C7-9CB8-4E66-BB5B-B1D57EC5CD0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{671A09D7-D2E2-4DD4-A713-174BABCA1880}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{58F053FA-5C2F-4F43-A6AC-7831DCD3ACAE}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{E13C8B70-1425-4306-95E3-D6E688E3CE4B}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{86459E70-1FB0-4D13-8382-DC1852E1E43D}] => (Allow) X:\Program Files (x86)\Ubisoft\Farcry4\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{7D453B8A-7B60-407E-9AC5-80F77C05929B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{8EFD166E-EC04-439C-9952-0D5397D3441A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{657DC4F1-F725-419F-B870-5FBE3424480A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{521DFA10-E98F-4EEB-9247-9ADD117CF592}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{87EC542E-B6DD-4DC0-A315-E06D67A9662A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{8F604BE4-05D2-4E8E-8166-0FAE78B2A4C1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{0FE0C5F3-1F66-44F5-B469-E76B3302E53D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{C0E08052-458A-442B-8958-A094C92CA04C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{233040BF-7BEE-41CE-A368-9F7B4C2BD954}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{162200DA-4611-4B2A-99BB-E51FD3013CC2}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{89C69AC6-5DAB-4CF7-96F1-D1B589F48112}] => (Allow) X:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C50793C1-B69B-4328-9420-A86B3A467537}] => (Allow) X:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0C7F03C-3919-4CC8-93AC-051A2FC329CB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B87A2E28-1C36-4551-9C7A-86F9D7EC0A68}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B0CE1F7C-8206-4DCF-A294-9A348D3B438F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{21D08188-7382-428C-8B31-5473530C563C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D09B296F-4D55-4E76-9777-8E82FEF00409}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{328587F5-25B9-46A2-B4B1-A0A44396EE31}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E3B02158-DF93-4FDE-9127-26EFF2EE93ED}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{835CA50B-B28E-452D-82C3-88B1B187B616}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EE336683-1F62-409F-97A0-62B8D0B8AC95}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{DC4CAAB9-F302-4AE6-B956-F69D9EAEC60F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A10C4887-D748-4E64-8E5F-8D3699906822}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{6286FD3D-09EE-4251-ADCC-41D551223162}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{042E8287-F711-40E2-85DC-F845BBF9A9F1}] => (Allow) X:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{699CE33E-FF83-447A-8525-D06134C308D9}] => (Allow) X:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{990A0524-4CCA-4665-8AFD-8D871C6253B1}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{970EA435-5AE7-4E68-A0D9-F390E1FB3A36}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{C1D18DD4-6A78-439A-9BDD-D6D3D4E9410B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{31A3A6D2-7D41-4F17-96CB-99DD94E2F84F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{DABB3354-B244-43CE-A21C-D737C02191B7}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{F9CB0AE9-7B74-4EAA-A08F-62EBEC5390F3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{F92485DD-9329-404E-ADC2-2ADAF544F378}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{350A91FB-1D03-42FD-BB48-DDE7F4C95716}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{AB858FCD-CE56-445D-BBEC-632ED601AC81}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8BC79411-4563-4710-BD7A-9F13CD887673}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{FDE61F51-414D-46DC-9D68-5D6BE1DF9148}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A0DD955D-679E-4889-8333-1155FED35D27}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B561A764-4A4D-4B4C-AE3E-BAC988E6BEFD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{420E2379-6495-4691-B1A6-CA773B612E25}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{4168C511-C553-4C23-BA8B-19A85C017596}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{DE75A175-14ED-4EDE-BAAC-0747AC8498C6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{4B7C8F29-D74E-43D5-B15A-32544AA35DF2}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{0A8696D4-FC21-4370-9F33-5CD3F596CE13}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{2FDBCAEF-D8AA-4847-9079-BF84E452EC53}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{4BBDF732-EB81-4F70-BD72-D5168932870F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{FB9AEAC3-9F18-4383-9F65-E67015BF7D7B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{6B4E62A9-30C7-4E8A-9558-03880EF8F6CC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{AEE83BCE-9CB6-4C80-B973-A171156AF31B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{7C0D8F4A-D769-46F7-AB9A-AB809836BB0B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{2BDEE644-D918-472C-B7B1-EB4F0D8FF306}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{27DF5761-C692-4A48-8696-7AFEA4886DF8}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{832CAF24-BE24-464F-8C79-A2654F75CF2E}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{A4D5502F-C0E0-4488-A6F0-28BBBAFFB813}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{32DB545D-A58A-4867-AD80-F19ADB7205C9}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8684A1AD-7C17-4C17-B41D-D5066DA12F75}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{5D8F872F-4A8A-4352-80B7-3D7CEC24D3A3}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8424A2E1-AC86-44FB-A6EC-D376A874A06B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{8650DB81-2DB0-4D8F-B98F-5D1E9D499E95}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{41A75225-BB82-43D8-8A85-9934FF10FE0B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{1E5B3B53-1C13-4AA4-A7CC-C0948E1BAD29}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{BA8AC7D6-20B6-4D97-AE6B-DF8394995771}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{4A5EDCC5-0F33-4C86-8E4B-DAF5C0402C9B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C3549F6F-C49D-41B9-B843-48921E8C1332}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8FA60C6D-DC89-44FF-B6C3-B4139391E883}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{8019AD31-DCB7-4D4A-920A-62A360C4629A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{D8566190-AC03-45ED-A3C2-CCBC4EC3B081}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8FBC7A7A-6B5A-4FB4-9CD1-58ED9D6DAD97}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F128390E-3B0C-46E5-908C-C7633051966F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{566A0FA0-0945-434F-A27F-54EC755C68FB}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{4E097195-30BA-43F4-9576-6D03446E884C}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{25C63303-CA23-44E4-9001-959567981C1F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F3438EA6-8F9E-4DB2-8F70-78B18D1F5B07}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{119633E1-DAC2-4EFE-BAC9-117ADB188578}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{28E8C348-B4C6-4473-A8A1-BCA00AC4AB9A}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{927F43CF-1CCC-4C10-9DF2-0CBF4037998B}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{3B6737DB-A89D-4323-A958-7FE9E9DE2824}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{619C8167-E2B8-44AF-9234-2FA950BCF69D}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{5050B6F2-FCC2-4DA9-848E-C72E44C6A244}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{C88C0330-C63B-46E8-AA4C-EA0F5D22E7ED}] => (Allow) X:\Program Files (x86)\Origin\download chache\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{0565A1D7-094B-4CBF-9203-EBA114D26634}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E69A7FD7-02CC-4B19-84DE-C4627834B6DD}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{2378A96D-43B6-4385-ADD4-EB2CB6A250D8}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{4E9F20F6-A6FA-41C8-8BC5-CE08BCB0FB3F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [TCP Query User{337F983B-D3C3-4C39-ABFC-3B68CA8E7F46}X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{4F46EF22-E6F0-4846-BABE-B0C36A7F1496}X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) X:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{BAAFA752-EFA1-4AC7-A837-E98BAF4978D4}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{F1C54372-1DEA-4726-AC7C-AD20BA2F02A8}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{4315A08C-356B-465D-87F8-EA9C4EA83196}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2C5CCFF9-55BD-433D-B207-8FFB7D125415}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A0CBE5E0-5056-4E87-AB2E-FE9E90CB11A9}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{FE8F4E2E-34FB-4FDD-8260-A40777CAC976}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{E456D861-09CD-4809-A735-47350FF0DFBE}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{69F568BD-7F04-4E18-AE07-B4C33788C051}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Wasteland 2 Director's Cut\Build\WL2.exe
FirewallRules: [{8A35E0AD-5F32-4A50-A336-F7674DA231DB}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{E2127EE6-C493-4A49-964B-AD151AEEBCC8}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{72384C29-D91B-4EC6-8818-0C7BF954839C}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{C2B103AC-E6BD-45F1-A068-3A16B98C8DC8}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{A81C43FA-9398-4FD4-9542-BF278030C130}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{C63B08FB-46A5-4816-B112-5847B7BC0513}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{BBD320A3-1458-42F8-A47F-4C3EBFA63075}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{A705655B-5501-462C-AF40-D0D4E20CDD87}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{92C76941-D1D9-42A8-8279-108C5FEA7028}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{E493FBF7-8858-4479-8018-1C49DA95D6E0}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{551BD7C0-8A40-4C45-8D8E-EACBFF8BDEBD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{61445A84-3B1F-43F8-B8FB-CB57CF1E4C0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{051AF3A8-1E70-4C69-8FC3-EF45607E6887}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{F58ABC6F-6DAA-424C-961B-558CFFD16A00}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{B5F01342-A4BD-4A6B-B43E-C928A2CCE50D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{9B85A96F-1974-4DEE-AD6F-9E722E7318CC}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{330B33AC-D262-46F0-B85D-FC81F8D8C546}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{312BBA7C-A105-4675-9A50-E1545F7D8184}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{DE420CA8-33A8-460E-89A6-8316353F7C91}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Transmissions Element 120\hl2.exe
FirewallRules: [{300BD060-0313-42DB-8E16-27953A02866D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Transmissions Element 120\hl2.exe
FirewallRules: [{377B7FD6-6496-46DB-96B9-21B8C7EFE8DC}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror\agds.exe
FirewallRules: [{51A2C608-4045-49F3-AB4D-71559A27DBDE}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror\agds.exe
FirewallRules: [{95BB313F-B0E1-4F4E-AF97-739A942184CC}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{7E667861-5942-4074-A2D5-32FA1A29CFFE}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{325EDD4E-A511-4F5C-9B10-7509F2E9F2CC}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{2461F2EE-252A-460F-B1E0-57B47B5C194D}] => (Allow) Y:\Program Files (x86)\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{29CFDDE1-8A9B-466A-A421-BCED09FCEB5F}] => (Allow) Y:\Program Files (x86)\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{67082877-1EFC-4FB5-95EA-0998F28194B8}] => (Allow) Y:\Program Files (x86)\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{4A66F7A1-97E1-4E8C-A686-CCB30A43A7DE}] => (Allow) Y:\Program Files (x86)\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{B88D30FC-23E4-4202-B01F-08F2ACF1B72E}] => (Allow) Y:\Program Files (x86)\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{7BFEFA1C-F8D2-4037-9CA5-B1B866482E86}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{670F13E3-CCC2-42F3-B269-BDBDCAE9D855}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{B77A2C2A-ADFF-47AA-AC71-8F181843B4E9}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{59FF2A37-ABAA-4D88-B8A0-63D438B5A185}] => (Allow) X:\Program Files (x86)\Origin\download chache\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{E255D2E7-4993-4F79-AB7C-BAC0FE74094E}] => (Allow) Y:\Program Files (x86)\Origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{E3FF5239-AC49-43F6-8542-2C31169660E4}] => (Allow) Y:\Program Files (x86)\Origin\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{4239BD55-86ED-466D-AE29-64CDDB188B9C}] => (Allow) Y:\Program Files (x86)\Origin\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{28BBB3A5-1243-45F5-A506-89B621B74728}] => (Allow) Y:\Program Files (x86)\Origin\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{F2DB2B19-EE2A-45FB-9814-838533E01B1C}] => (Allow) Y:\Program Files (x86)\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{97715F97-3A9E-43C9-99F1-1A2C7DAEAB29}] => (Allow) Y:\Program Files (x86)\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{9B40E5B0-0CD4-4652-986D-87394C5DE314}] => (Allow) Y:\Program Files (x86)\steamapps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{F6725B8A-7215-4939-9CEB-0D6547F0FA33}] => (Allow) Y:\Program Files (x86)\steamapps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{8EBCACC8-7049-4061-9D65-4C0B21BD0284}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE
FirewallRules: [{0578D553-BFA2-441E-BAEB-8A2FF2734D7A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{4D4DAC42-9667-4856-AEF7-8272E15C0E0A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{CF37A6B5-992C-4123-8FC8-D70FC00CFFEA}] => (Allow) Y:\Program Files (x86)\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{A87E1160-1627-44A5-8D91-6A10538C0436}] => (Allow) Y:\Program Files (x86)\steamapps\common\Alan Wake\AlanWake.exe
FirewallRules: [{AC4977A3-F7DB-496F-BF07-8FAB4FDF843D}] => (Allow) Y:\Program Files (x86)\steamapps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{9989DD48-C979-4EFA-944C-B945CD81A248}] => (Allow) Y:\Program Files (x86)\steamapps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{942452C6-675B-4F97-86D9-158BD645FBBF}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{7063F7F9-E007-40FB-A988-A65AD3BA6CBF}] => (Allow) Y:\Program Files (x86)\steamapps\common\The Ball\Binaries\Win32\TheBall.exe
FirewallRules: [{6570E119-D9EB-4AEB-A30C-97E051930B1E}] => (Allow) X:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5DACE60D-36D8-4785-AFF1-BAF32C15AFB8}] => (Allow) X:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{25C55644-F5BD-4950-9487-D86B9BD1F29F}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{7C941A23-BCAA-454E-AB0E-A9E1D88C256D}] => (Allow) X:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{04378603-B9DF-496A-916E-372AA40D9276}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [{18C92F82-45A7-4AE8-B8D5-6CC7767454F0}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [TCP Query User{69485F4F-1167-43D2-96DC-061305D99C51}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
FirewallRules: [UDP Query User{85C6AEFC-A506-42A2-8A6C-6620644015AD}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
FirewallRules: [{EA3E8BE7-2E62-4FF8-B398-5EDBCEE1F14C}] => (Allow) C:\Program Files (x86)\Eye-Fi\EyeFiReceiver.exe
FirewallRules: [{A40BDE29-40B0-4152-B45B-F30FC6D496EE}] => (Allow) C:\Program Files (x86)\Eye-Fi\EyeFiReceiver.exe
FirewallRules: [{6DE3DE05-E285-45D4-A5CE-8F4FA9B57005}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{29C9359F-A97C-4147-A03C-411C34DC7632}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\TQ.exe
FirewallRules: [{ABAE4DBE-ABC3-4C97-BFD2-16E615835D43}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{F8ACAE70-2C82-438F-90E8-3DD423846F6F}] => (Allow) Y:\Program Files (x86)\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe
FirewallRules: [{978488F3-12BB-48B9-B6FE-889028F59138}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{315268F3-7350-4B1D-A127-5029DDAA6EEC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe
FirewallRules: [{E8C63382-201A-4F72-A2BC-35A6B644B82C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{979C9983-DF3B-4671-9431-CC179F53E892}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe
FirewallRules: [{14315F0E-69C4-4F43-B058-D1C5DB1C1984}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe
FirewallRules: [{F8BFE053-F157-4C21-A456-F77939B85878}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{335D755E-B4D5-40DA-AA66-D0536EDAC9A3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A06D4000-0273-4903-A094-0B478696F3DB}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{55E61657-CE83-4D2A-A01C-F17022EAE23E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{1BFB868A-9E31-4A9C-A99B-FE69C528A559}] => (Allow) Y:\Program Files (x86)\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{A02F3BA3-690E-4E82-8D33-EE40CFD91CCE}] => (Allow) Y:\Program Files (x86)\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{24EE5FAE-1F89-4078-BFC5-246A60A603C8}] => (Allow) Y:\Program Files (x86)\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{C0BC2666-3DE1-4059-AD96-77099F329BED}] => (Allow) Y:\Program Files (x86)\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{2A9D121A-3BF3-4BC7-BA41-32051AE8A994}] => (Allow) Y:\Program Files (x86)\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{70CDB7C2-0693-414E-AF48-4EB71AA7D554}] => (Allow) Y:\Program Files (x86)\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{2C882013-981D-4415-9703-1744EC63463E}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{C8597CE5-D682-4680-9C8E-B86D22DCCE9B}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{506CF8D0-C9F9-460F-B8D1-84C45C014A01}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{EE5C3DF8-B6E3-4C68-A2D8-866780C39AA4}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{1E6924B3-240A-4B67-AA2A-CD029A5B7A24}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{357A3E2C-5AEC-4423-A77F-9737B88CDAF3}] => (Allow) Y:\Program Files (x86)\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{4E1F4191-79B1-4B0F-8AA6-06B446B2A05E}] => (Allow) Y:\Program Files (x86)\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{31E431FB-2916-43E5-A6B8-C27CF7BDD02A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{3679DE31-A194-48C1-B4BE-B02ECA31D6DA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{33C3D88E-F5FD-445A-B46C-897D65168CCE}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [UDP Query User{F29892B8-3A47-4847-A890-DF7F3DF7A6D7}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [{47F77314-394D-4DA0-93B8-60AA0D19D70D}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{852F1FA4-5514-4DED-9BDD-5C06CDC8803E}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [TCP Query User{F089E846-4F9F-4C54-B03B-EA58EECEDE1B}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe
FirewallRules: [UDP Query User{7C9DDF66-C10D-41BF-8675-9BE29FCDA43B}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe
FirewallRules: [{66273284-F232-4318-8AF3-5CD3DA45D966}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{C4237E09-0589-4A76-A91F-E96109025E67}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{272BA0D1-8867-4EC7-8921-20355438C849}] => (Allow) Y:\Program Files (x86)\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{6CD669C0-86CA-43A3-9549-E1058BA5D0A9}] => (Allow) Y:\Program Files (x86)\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{E85B6E0C-32C3-405F-9C79-42670121902E}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{0A98E8BC-CD51-4706-B9B4-F8083D248E2A}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 2 - Reigning Evil\BlackMirror2.exe
FirewallRules: [{BE543A2C-4FD7-4675-B039-965CE70A9B41}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{B2630DCD-5FA5-451D-836F-9C7C7C3EF5DF}] => (Allow) Y:\Program Files (x86)\steamapps\common\Black Mirror 3 - Final Fear\BlackMirrorIII.exe
FirewallRules: [{59A55441-FDBD-48F1-AD3B-F1B1A746AE7E}] => (Allow) LPort=3389
FirewallRules: [{2A7E6DD9-1033-46CE-BDE5-1A848026DEA8}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{F0E2E027-02D9-423B-B870-F5CEC612EF87}] => (Allow) Y:\Program Files (x86)\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{2AECB7C6-9075-4530-953C-5B28BCAD1B38}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe
FirewallRules: [{7F0C7ECE-B3F0-4628-AE08-741C381CAEEA}] => (Allow) Y:\Program Files (x86)\steamapps\common\TheSolusProject\Solus\Binaries\Win64\Solus-Win64-Shipping.exe

==================== Wiederherstellungspunkte =========================

15-02-2017 21:43:54 Removed WinSnare
19-02-2017 11:44:44 AA11
23-02-2017 18:22:24 Windows Update
26-02-2017 20:03:07 AA11
01-03-2017 16:57:45 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/01/2017 04:57:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/01/2017 04:46:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: adwcleaner_6.044.exe, Version: 6.0.4.4, Zeitstempel: 0x58b5dbcb
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x58256ca0
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000d9d11
ID des fehlerhaften Prozesses: 0x27d8
Startzeit der fehlerhaften Anwendung: 0x01d292a28257d6c7
Pfad der fehlerhaften Anwendung: C:\Users\Daniel\Desktop\adwcleaner_6.044.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 46c614bf-65e5-4e93-bf6c-33d601047874
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/28/2017 05:44:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Daniel\Downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/27/2017 04:32:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/27/2017 04:31:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Daniel\Downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:31:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:31:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:24:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:23:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (02/26/2017 09:22:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Daniel\Downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.


Systemfehler:
=============
Error: (03/03/2017 04:13:47 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/03/2017 04:10:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/03/2017 04:09:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinDefend" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (03/03/2017 04:08:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/03/2017 04:06:33 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (03/03/2017 04:06:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/03/2017 04:06:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS Com Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/03/2017 04:06:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/03/2017 04:06:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung Printer Dianostics Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/03/2017 04:06:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung UPD Utility Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-03-03 16:09:45.279
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-03 15:42:14.637
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-02 17:52:48.038
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-01 16:49:33.097
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-03-01 16:32:04.355
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-28 17:33:34.236
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-28 07:07:22.320
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-27 16:15:22.903
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-26 20:24:08.561
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-25 16:07:23.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8120 Eight-Core Processor 
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 16329.31 MB
Verfügbarer physikalischer RAM: 14174.99 MB
Summe virtueller Speicher: 17353.31 MB
Verfügbarer virtueller Speicher: 15015.42 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:194.53 GB) (Free:73.55 GB) NTFS
Drive g: (HAL9000M) (Fixed) (Total:298.01 GB) (Free:280.32 GB) FAT32
Drive x: (HAL 9000) (Fixed) (Total:736.2 GB) (Free:208.36 GB) NTFS
Drive y: (DATA 9000) (Fixed) (Total:1863.01 GB) (Free:1503.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 0000735A)

Partition: GPT.
Partition 2: (Active) - (Size=230.6 GB) - (Type=83)
Partition 3: (Not Active) - (Size=1.7 GB) - (Type=82)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2ABEE185)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=194.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BA460385)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 298.1 GB) (Disk ID: 85037F94)
Partition 1: (Active) - (Size=298.1 GB) - (Type=0B)

==================== Ende von Addition.txt ============================
         

Alt 03.03.2017, 16:52   #10
High_one
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



hier noch die ESET log.txt vom 27.02. .. hatte ich da mal laufen lassen
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7a987a6e7f9aae43ae1d9e7e3c919666
# end=init
# utc_time=2017-02-26 08:22:51
# local_time=2017-02-26 09:22:51 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Finalize
Updated modules version: 32534
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7a987a6e7f9aae43ae1d9e7e3c919666
# end=init
# utc_time=2017-02-27 03:31:41
# local_time=2017-02-27 04:31:41 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 32542
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7a987a6e7f9aae43ae1d9e7e3c919666
# end=updated
# utc_time=2017-02-27 03:32:20
# local_time=2017-02-27 04:32:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7a987a6e7f9aae43ae1d9e7e3c919666
# engine=32542
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-02-27 04:50:04
# local_time=2017-02-27 05:50:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1319777 19544820 0 0
# scanned=486624
# found=0
# cleaned=0
# scan_time=4664
         

Alt 04.03.2017, 00:11   #11
Tician
/// TB-Senior
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



Schritt 1:

Downloade dir bitte Farbar's Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.
Poste bitte den Inhalt hier.
__________________
Gruß Tician

Alt 06.03.2017, 19:16   #12
High_one
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



..ok..

Schritt 1 FSS.txt
Code:
ATTFilter
Farbar Service Scanner Version: 27-01-2016
Ran by Daniel (administrator) on 06-03-2017 at 19:15:01
Running from "C:\Users\Daniel\Desktop"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
         

Alt 06.03.2017, 23:04   #13
Tician
/// TB-Senior
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



Hui, du bist ja noch da, ich dachte du wärst weg gerannt

Wir schauen das wir den Defender noch zum Laufen bringen.

Schritt 1:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /f
Reboot:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Kannst du den Defender nun aktivieren?
__________________
Gruß Tician

Alt 07.03.2017, 17:20   #14
High_one
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



haha .. ne ne .. hatte am Wochenende viel zu tun :-) .. bin ja echt froh, das hier geholfen wird!

Schritt 1 Fixlog.txt
.. und juhu .. der Defender geht wieder an!
Im Verlauf steht: Win32/Tulim.C!cl <-- ich hab mal auf entfernen gedrückt.
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Daniel (07-03-2017 17:04:59) Run:2
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /f
Reboot:
*****************


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /f =========

Der Vorgang wurde erfolgreich beendet.



========= Ende von Reg: =========



Das System musste neu gestartet werden.

==== Ende von Fixlog 17:05:00 ====
         

Alt 08.03.2017, 22:00   #15
Tician
/// TB-Senior
 
Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Standard

Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)



Na dann:

Dein PC ist nun clean

Lade dir jetzt Delfix herunter:
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte deinen Rechner abschließend neu.

Malwarebytes Anti-Malware und ESET kannst du über die Systemsteuerung deinstallieren, ich würde dir allerdings raten beides zu behalten und deinen PC damit ab und an zu scannen.

Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Lass mich dir einen Rucksack voll mit Tipps und Hinweisen geben um ein Wiedersehen so gut wie möglich zu vermeiden


Absicherung:
  • Achte immer darauf einen Virenscanner zu verwenden und diesen aktuell zu halten.
    Meine persönlichen Empfehlungen:
  • Der Internet Explorer ist nicht bekannt für seine Sicherheit, halte ihn aber trotzdem aktuell da einige Programme ihn benutzen. Benutze zum Surfen stattdessen einen der folgenden Browser:Dazu kannst du noch das Add-On Adblock Plus verwenden, damit werden Werbungen und Pop-Ups blockiert.

  • Zu guter Letzt halte deine Software aktuell, die Updates gibt es nicht ohne Grund, mit ihnen werden wichtige Sicherheitslücken geschlossen.
    Dazu gehören vor allem:
    • Windows - stelle sicher das die automatischen Updates aktiviert sind
    • Java x64 oder/und Java x86
    • PDF Reader (Achtung: Häkchen vor dem Download entfernen)
    • Flash Player (Achtung: Häkchen vor dem Download entfernen)
    • Browser (Opera, Safari, Firefox, Chrome,...)

Hinweis: Java wird heute nur noch selten gebraucht, ich würde empfehlen es zu deinstallieren wenn du dir nicht sicher bist, dass eine deiner Anwendungen es braucht


Dein Verhalten im Internet:
  • Lade dir deine Software entweder direkt von der Herstellerseite oder von übersichtlichen und sauberen Seiten wie FilePony.de herunter.
    Download-Seiten wie Chip oder Softonic mögen bequem erscheinen, sind aber nicht vertrauensvoll. Lies dir dazu am Besten das hier durch: CHIP-Installer - was ist das? - Anleitungen

  • Klicke nicht auf alles nur weil es groß ist und bunt leuchtet. Wenn die Möglichkeit besteht, dann wähle eine benutzerdefinierte Installation, in der wird dir meist die Gelegenheit gegeben zusätzliche Software (Toolbars, Suchmaschinen, etc) ab zu wählen.

  • Benutze nicht dasselbe Passwort für mehrere Seiten. Ein gutes Passwort besteht aus 7+ Zeichen und beinhaltet Großbuchstaben, Kleinbuchstaben und Sonderzeichen. Ein guter Weg sich ein Passwort zu erstellen ist die Anfangsbuchstaben eines Satzes zu nehmen.
    Ein Beispiel: Ich sitze vor dem PC, und denke mir ein Passwort aus
    Passwort: IsvdPC,udmePa

  • Solltest du bei Dateien/Downloads/Internetseiten mal nicht sicher sein ob diese sicher sind, dann schau doch einfach hier nach: https://www.virustotal.com/

  • Halte dich von Tools fern die versprechen deinen PC zu beschleunigen oder zu optimieren


Unterstütze uns!

Wenn du mit meiner Bereinigung zufrieden warst würden wir uns über eine Spende freuen. Dies kannst du hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html.

Auch über Feedback und Verbesserungsvorschläge freuen wir uns, schau dazu doch hier vorbei!


Ansonsten bleibt mir nur noch dir alles Gute zu wünschen und bedanke mich für deine Mitarbeit und dein Vertrauen
__________________
Gruß Tician

Antwort

Themen zu Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)
browser, canon, computer, desktop, einstellungen, euro, excel, firefox, flash player, home, homepage, installation, logfile, malware, mozilla, mp3, prozesse, realtek, registry, scan, server, software, svchost.exe, system, usb, windows, windowsapps, winsnare



Ähnliche Themen: Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)


  1. Malwarebytes Anti-Malware meldet beim Scan Funde!
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (11)
  2. Unberechtigter Zugriff auf mehrere Accounts (PayPal, Metin-2)
    Plagegeister aller Art und deren Bekämpfung - 29.08.2014 (13)
  3. Malwarebytes Anti-Malware viele Funde, z.B. SpyEyes, Exploit.Drop2
    Plagegeister aller Art und deren Bekämpfung - 13.08.2014 (15)
  4. PUP Funde nach Scan mit Malwarebytes Anti-Malware
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (15)
  5. Malwarebytes Anti-Malware hat 5 Funde.
    Plagegeister aller Art und deren Bekämpfung - 05.03.2014 (5)
  6. Malwarebytes Anti-Malware hat mehrere infizierte Objekte gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.01.2014 (6)
  7. Mehrere PUP Funde
    Log-Analyse und Auswertung - 12.09.2013 (15)
  8. Windows Vista, PC wird immer langsamer, CPU immer hoch, Malwarebytes Anti-Malware Funde
    Log-Analyse und Auswertung - 15.08.2013 (13)
  9. Malwarebytes Anti-Malware: Pfund eines Trojaners, Antivir: keine Funde
    Log-Analyse und Auswertung - 08.08.2013 (7)
  10. Mehrere Trojaner durch Malwarebytes Anti Malware gefunden und ein Virus durch Avira gefunden (TR/Gendal.81920.6)
    Log-Analyse und Auswertung - 10.11.2012 (1)
  11. email link Malware Funde Heur.PE@4294967295, Malware@#nwdk01o66rpro, Malware@#2x6qrvr63cjrw
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (10)
  12. Email Accounts gehackt! Malwarebytes-Anti Malware Funde: Trojan.Refroso uvm. Wer kann mir helfen
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (3)
  13. Rat bzgl. mystart.incredibar.com bzw. softonic-Funde in Malewarebytes Anti-Malware
    Log-Analyse und Auswertung - 04.07.2012 (12)
  14. eine url - mehrere funde
    Plagegeister aller Art und deren Bekämpfung - 09.09.2011 (1)
  15. Mehrere Funde mit Malwarebytes: Malware.Packer.Gen, Spyware.SpyEyes (3x), Trojan.Agent (2x)
    Plagegeister aller Art und deren Bekämpfung - 10.08.2010 (29)
  16. Mehrere Trojaner Funde
    Log-Analyse und Auswertung - 13.09.2009 (3)
  17. 7 Funde von Malwarebytes' Anti-Malware
    Log-Analyse und Auswertung - 29.06.2009 (9)

Zum Thema Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) - Hallo, ich glaube ich habe seit ca. 1 Woche immer wieder Malware auf dem Rechner und bin jetzt auf dieses Board gestossen. Zum einen wurde über meinen Rechner auf mein - Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili)...
Archiv
Du betrachtest: Paypal Abbuchungen, danach mehrere Funde mit Anti Malware (Trotux, Winsnare, Bilibili) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.