ntdll.dll virus

Po0gles · 03.08.2015, 14:20

Hallo Leute,

Nach jedem Systemstart starte ich den Task manager (in meinem fall Process explorer) und heute ist mir etwas sehr ungewöhnliches aufgefallen. Ein mir bisher noch nicht bekannter Prozess namens sched.exe hatte einen relativ hohen Arbeitsspeicherverbrauch, so bei 170mb. Habe ein bisschen geforscht und es scheint der Antivirus scheduler zu sein. Daraufhin habe ich mir die DLLs genauer angesehen und mir ist ntdll.dll ins auge gefallen, dieser verbrauchte von allen dlls am meisten (360K) . Ich habe dann eine überprüfung mit VirusTotal durchgeführt und die Datei schien tatsächlich infiziert zu sein mit 1/54 Meldungen. Das Virenprogramm "The Hacker" meldet sich auf der Seite mit dem Ergebnis "Trojan/Injector.aoc" . Ich habe darauf den Fehler gemacht die ntdll.dll datei zu ersetzen was bei neustart dazu geführt hat, dass Windows die Datei reparieren musste. Hat auch funktioniert, ich habe es dann damit versucht, Antivir neu zu installieren. Danach schien alles zu gehen, sched.exe war verschwunden und ntdll.dll wurde als virus nicht angezeigt. Ich habe dann zur Sicherheit nochmal mit antivir alle DLLs überprüft und noch einen vollständigen Scan angefangen und bin weg gegangen. Als ich zurückkam ist mir erstmal aufgefallen das der PC extrem langsam war. Ich habe versucht process explorer zu öffnen jedoch ohne hoffnung, es hat sich geweigert. Dann sind merkwürdige Dinge passiert, alles, wo ich drübergefahren bin wurde schwarz und der PC hat überhaupt nicht mehr reagiert. Die Farbe ist als ich die windows taste gedrückt habe wiedergekommen und ist nach nochmaligem drücken wieder schwarz geworden. Ich musste den PC daraufhin auf knopfdruck ausschalten und habe ihn neu gestartet, wo ich mit der Meldung "ein datenträger muss auf konsistenz überprüft werden" überrascht wurde. Die Überprüfung ist durchgelaufen und ich konnte mich wieder anmelden. Bin sofort auf den Task manager gegangen und schwupps, sched.exe ist wieder oben in der taskleiste und ntdll.dll wird wieder mit 1/54 als virus erkannt.

Was mir außerdem aufgefallen ist: ntdll.dll wird in svchost von demselben Virenprogramm nicht als Trojaner erkannt. Keine ahnung was damit anzufangen ist.

Ich weiß echt nicht weiter und hoffe ihr könnt mir helfen

schrauber · 03.08.2015, 14:34

Hi,

ntdll ist eine legitime Datei, der eine Fund bei VT ein Fehlalarm.

Po0gles · 03.08.2015, 14:50

Danke für die schnelle antwort, obwohl das beruhigend ist frage ich mich immernoch was es mit dem Systemabsturz und sched.exe auf sich hat. Weißt du etwas damit anzufangen? Sollte ich antivir deinstallieren und mir ein anderes Virenschutzprogramm anschaffen? Ich werd es erstmal nochmal mit Neuinstallation versuchen.

schrauber · 03.08.2015, 14:52

Schauen wir mal:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Po0gles · 03.08.2015, 15:08

Hier einmal die logs:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von Po0gles (Administrator) auf PO0GLES-PC (03-08-2015 16:01:32)
Gestartet von C:\Users\Po0gles\Downloads
Geladene Profile: Po0gles (Verfügbare Profile: Po0gles)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
() C:\Windows\DAODx.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Sysinternals - www.sysinternals.com) C:\Users\Po0gles\Desktop\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Po0gles\AppData\Local\Temp\PROCEXP64.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Run: [Google Update] => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-10] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL => C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL Datei nicht gefunden
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL" Datei nicht gefunden
IFEO\taskmgr.exe: [Debugger] "C:\USERS\PO0GLES\DESKTOP\PROCEXP.EXE"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-930851909-2753564859-313499025-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-930851909-2753564859-313499025-1000 -> {536AD39F-D48C-4CC2-AAF2-8BFAB983B5E2} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKU\S-1-5-21-930851909-2753564859-313499025-1000 -> {8DE67E58-F4FE-4830-A8EC-7B24084E3AA7} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=bc42c152-c4a1-42ec-97b5-da17578cef50&apn_sauid=C81C6A50-3405-406F-8FEA-79D5D8A09025
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-930851909-2753564859-313499025-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2C3B9D2F-5689-4C51-906D-8FB764CCD55E}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{4CA14983-5EDC-48BD-B497-C3F4E8B5C0F2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A8FFBF08-A4D4-41BA-9829-7351ACB37403}: [DhcpNameServer] 7.254.254.254

FireFox:
========
FF ProfilePath: C:\Users\Po0gles\AppData\Roaming\Mozilla\Firefox\Profiles\LNacfPOX.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @gametap.com/npdd,version=1.0 -> C:\Program Files (x86)\Downloader\npdd.dll [2012-07-20] (Metaboli)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2012-10-30] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2014-07-07] ( Garena)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-930851909-2753564859-313499025-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-930851909-2753564859-313499025-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Po0gles\AppData\Roaming\Mozilla\Firefox\Profiles\LNacfPOX.default\Extensions\abs@avira.com [2015-03-09]

Chrome: 
=======
CHR Profile: C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-03]
CHR Extension: (BetterTTV) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-03-03]
CHR Extension: (Google Docs) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-10]
CHR Extension: (Google Drive) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-10]
CHR Extension: (YouTube) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-10]
CHR Extension: (Adblock Plus) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-01]
CHR Extension: (Google Search) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-10]
CHR Extension: (ReChat for Twitch™) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2015-03-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Global Twitch Emotes) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2015-07-20]
CHR Extension: (Gmail) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-930851909-2753564859-313499025-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elommhojblmkninghaiajeijoinkihmk] - C:\Users\Po0gles\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [elommhojblmkninghaiajeijoinkihmk] - C:\Users\Po0gles\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.NDMC55ARS26445QLTPSDZGSHRY - C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-07-22] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) [Datei ist nicht signiert]
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-24] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-06] (Disc Soft Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-29] (Duplex Secure Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-08-03] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U3 aih1bz4r; C:\Windows\System32\Drivers\aih1bz4r.sys [0 ] (Advanced Micro Devices) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 cpuz134; \??\C:\Users\Po0gles\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FreshIO; \??\C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-03 16:01 - 2015-08-03 16:02 - 00019422 _____ C:\Users\Po0gles\Downloads\FRST.txt
2015-08-03 16:01 - 2015-08-03 16:01 - 00000000 ____D C:\FRST
2015-08-03 16:00 - 2015-08-03 16:01 - 02169856 _____ (Farbar) C:\Users\Po0gles\Downloads\FRST64.exe
2015-08-03 15:58 - 2015-08-03 15:59 - 205012312 _____ C:\Users\Po0gles\Downloads\avira_antivirus_de-de_15.0.12.408 (1).exe
2015-08-03 14:58 - 2015-08-03 14:58 - 00001186 _____ C:\Users\Po0gles\Desktop\CrystalDiskInfo.lnk
2015-08-03 14:58 - 2015-08-03 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-08-03 14:58 - 2015-08-03 14:58 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2015-08-03 14:57 - 2015-08-03 14:57 - 03908184 _____ (Crystal Dew World ) C:\Users\Po0gles\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-08-03 14:57 - 2015-08-03 14:57 - 03908184 _____ (Crystal Dew World ) C:\Users\Po0gles\Downloads\CrystalDiskInfo6_5_2-en (1).exe
2015-08-03 14:50 - 2015-08-03 14:50 - 00003408 ____N C:\bootsqm.dat
2015-08-03 13:33 - 2015-08-03 13:34 - 205012312 _____ C:\Users\Po0gles\Downloads\avira_antivirus_de-de_15.0.12.408.exe
2015-08-03 13:02 - 2015-08-03 13:02 - 00684588 _____ C:\Users\Po0gles\Downloads\ntdll.zip
2015-08-03 12:38 - 2015-08-03 12:38 - 00000000 _____ C:\Users\Po0gles\Desktop\sched.dmp
2015-08-03 11:56 - 2015-08-03 11:56 - 00079705 _____ C:\Users\Po0gles\Downloads\convert2mp3_chrome_addon-2.4.zip
2015-08-03 11:47 - 2015-08-03 23:22 - 00000000 ____D C:\Program Files\iTunes
2015-08-03 11:47 - 2015-08-03 23:22 - 00000000 ____D C:\Program Files\iPod
2015-08-03 11:47 - 2015-08-03 23:22 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-03 11:34 - 2015-08-03 11:35 - 155875632 _____ (Apple Inc.) C:\Users\Po0gles\Downloads\iTunes6464Setup.exe
2015-08-03 11:27 - 2015-08-03 11:27 - 00001713 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-03 11:01 - 2015-08-03 11:01 - 41866030 _____ C:\Users\Po0gles\Downloads\music.7z.tmp
2015-08-03 11:00 - 2015-08-03 11:02 - 41873060 _____ C:\Users\Po0gles\Downloads\music.7z
2015-08-03 10:18 - 2015-08-03 10:18 - 00102286 _____ C:\Users\Po0gles\Downloads\Youtube Mp3 Converter - Browser addon.zip
2015-08-01 22:32 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-01 22:32 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-01 22:32 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-01 22:32 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-01 22:32 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-08-01 22:32 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-21 12:12 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 12:12 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 12:12 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 12:12 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 12:12 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 12:12 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 12:12 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 12:12 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 12:12 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 12:12 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-18 12:46 - 2015-07-18 12:47 - 00586195 _____ C:\Users\Po0gles\Downloads\wopt021.zip
2015-07-17 15:45 - 2015-07-17 15:45 - 00000000 ____D C:\Users\Po0gles\AppData\Local\GWX
2015-07-15 19:06 - 2015-07-15 19:06 - 00000000 ____D C:\Users\Po0gles\Documents\AutoHotKey
2015-07-15 19:05 - 2015-07-15 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-07-15 19:05 - 2015-07-15 19:05 - 00000000 ____D C:\Program Files\AutoHotkey
2015-07-15 19:04 - 2015-07-15 19:05 - 02869078 _____ C:\Users\Po0gles\Downloads\AutoHotkey112203_Install.exe
2015-07-15 19:04 - 2015-07-15 19:04 - 01198368 _____ C:\Users\Po0gles\Downloads\AutoHotkey - CHIP-Installer.exe
2015-07-15 18:57 - 2015-07-15 18:57 - 00034633 _____ C:\Users\Po0gles\Downloads\macro.ahk
2015-07-15 12:29 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 12:29 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 12:29 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 12:29 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 12:29 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 12:29 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 12:29 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 12:29 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 12:29 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 12:29 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 12:29 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 12:29 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 12:29 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 12:29 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 12:29 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 12:29 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 12:29 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 12:29 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 12:29 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 12:29 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 12:29 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 12:29 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 12:29 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 12:29 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 12:29 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 12:29 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 12:29 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 12:29 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 12:29 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 12:29 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 12:29 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 12:29 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 12:29 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 12:29 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 12:29 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 12:29 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 12:29 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 12:29 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 12:29 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 12:29 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 12:29 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 12:29 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 12:29 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 12:29 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 12:29 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 12:29 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 12:29 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 12:29 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 12:29 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 12:29 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 12:29 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 12:29 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 12:29 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 12:29 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 12:29 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 12:29 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 12:29 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 12:29 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 12:29 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 12:29 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 12:28 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 12:28 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 12:28 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:28 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 12:28 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 12:28 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 12:28 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 12:28 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 12:28 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 12:28 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 12:28 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 12:28 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 12:28 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 12:28 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 12:28 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 12:28 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 12:28 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 12:28 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 12:28 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 12:28 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 12:28 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 12:28 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 12:28 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 12:28 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 12:28 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 12:28 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 12:28 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 12:28 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 12:28 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 12:28 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 12:27 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 12:27 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 12:27 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:27 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 12:27 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 12:27 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 12:27 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 12:27 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 12:27 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 12:27 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 12:27 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 12:27 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 12:27 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:27 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 12:27 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 12:20 - 2015-07-15 12:20 - 00302011 _____ C:\Users\Po0gles\Downloads\WindowsUpdateDiagnostic (1).diagcab
2015-07-15 11:46 - 2015-07-15 11:47 - 00000000 ____D C:\Windows\SoftwareDistributionOld
2015-07-15 11:40 - 2015-07-15 11:41 - 00302011 _____ C:\Users\Po0gles\Downloads\WindowsUpdateDiagnostic.diagcab
2015-07-15 11:31 - 2015-07-15 11:32 - 00985600 _____ C:\Users\Po0gles\Downloads\MicrosoftFixit50123.msi
2015-07-15 11:17 - 2015-07-15 11:20 - 188618008 _____ (Microsoft Corporation) C:\Users\Po0gles\Downloads\msert.exe
2015-07-15 11:17 - 2015-07-15 11:20 - 188618008 _____ (Microsoft Corporation) C:\Users\Po0gles\Downloads\msert (1).exe
2015-07-12 17:33 - 2015-07-12 17:41 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\PoESkillTree - The Awakening
2015-07-12 17:33 - 2015-07-12 17:33 - 00001167 _____ C:\Users\Public\Desktop\PoESkillTree - The Awakening.lnk
2015-07-12 17:33 - 2015-07-12 17:33 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\{B5012C21-ECA4-41AF-ABD1-F549D019B7A9}
2015-07-12 17:33 - 2015-07-12 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PoESkillTree - The Awakening
2015-07-12 17:33 - 2015-07-12 17:33 - 00000000 ____D C:\Program Files (x86)\PoESkillTree - The Awakening
2015-07-12 17:30 - 2015-07-12 17:31 - 05925620 _____ (PoESkillTree Team ) C:\Users\Po0gles\Downloads\PoESkillTree-TheAwakening-2.2.0.exe
2015-07-10 20:29 - 2015-07-10 21:05 - 03584430 _____ C:\Users\Po0gles\Downloads\PoESkillTree_Beta (2).zip
2015-07-10 20:26 - 2015-07-10 20:27 - 00206037 _____ C:\Users\Po0gles\Downloads\POESkillTree1.5.zip
2015-07-07 16:54 - 2015-07-07 16:54 - 00301224 _____ C:\Users\Po0gles\Downloads\Fuz Ro Doh 60-14884-6-0.zip
2015-07-05 19:20 - 2015-07-05 19:20 - 00000000 ____D C:\Users\Po0gles\AppData\Local\CEF

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-03 23:22 - 2014-10-21 18:15 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-03 23:22 - 2014-02-02 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-08-03 23:22 - 2014-02-02 23:34 - 00000000 ____D C:\Program Files\Java
2015-08-03 23:22 - 2013-10-18 13:14 - 00000000 ____D C:\ProgramData\Oracle
2015-08-03 23:22 - 2013-10-18 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-03 23:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-08-03 15:59 - 2012-09-07 19:16 - 01317205 _____ C:\Windows\WindowsUpdate.log
2015-08-03 15:54 - 2014-10-23 16:33 - 00370952 _____ C:\Windows\PFRO.log
2015-08-03 15:54 - 2014-10-20 16:09 - 00059792 _____ C:\Windows\setupact.log
2015-08-03 15:54 - 2014-05-16 14:39 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2015-08-03 15:54 - 2014-05-16 14:39 - 00002844 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2015-08-03 15:54 - 2014-05-16 14:39 - 00000414 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2015-08-03 15:54 - 2012-09-07 19:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-03 15:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-03 15:52 - 2015-05-11 22:33 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-08-03 15:52 - 2012-09-08 10:04 - 00000000 ____D C:\ProgramData\Avira
2015-08-03 15:46 - 2009-07-14 06:45 - 00033152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-03 15:46 - 2009-07-14 06:45 - 00033152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-03 15:34 - 2013-06-10 17:51 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA.job
2015-08-03 15:25 - 2012-10-16 20:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-03 14:34 - 2013-06-10 17:51 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core.job
2015-08-03 13:29 - 2014-08-31 13:23 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-03 13:24 - 2012-09-07 19:16 - 00000000 ____D C:\Users\Po0gles
2015-08-03 11:47 - 2012-09-16 13:46 - 00000000 ____D C:\ProgramData\Apple Computer
2015-08-03 11:33 - 2012-09-16 13:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-03 11:29 - 2012-09-16 13:47 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\Apple Computer
2015-08-03 11:27 - 2014-02-27 19:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-08-03 10:12 - 2012-09-08 05:08 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-08-03 10:12 - 2012-09-08 05:08 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-08-03 10:12 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-03 01:40 - 2012-09-08 22:29 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-03 01:33 - 2013-12-18 23:07 - 00000000 ____D C:\Users\Po0gles\AppData\Local\Battle.net
2015-08-02 11:52 - 2015-06-26 19:39 - 00000000 ____D C:\Users\Po0gles\Desktop\Scripted
2015-08-02 11:52 - 2015-02-11 00:02 - 02186753 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak
2015-08-02 11:52 - 2015-02-11 00:02 - 02186753 _____ C:\Users\Po0gles\Desktop\InstallLog.xml
2015-08-02 11:50 - 2015-02-11 00:01 - 00000000 ____D C:\Users\Po0gles\Desktop\overwrites
2015-08-02 00:40 - 2014-05-06 22:15 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-02 00:07 - 2012-09-11 18:43 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\Skype
2015-08-01 23:48 - 2013-06-10 17:52 - 00002368 _____ C:\Users\Po0gles\Desktop\Google Chrome.lnk
2015-08-01 22:34 - 2012-09-07 19:29 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-01 22:19 - 2014-01-18 22:05 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-01 22:14 - 2015-04-05 02:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-24 12:06 - 2015-02-11 00:24 - 02186355 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak1
2015-07-24 11:54 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-24 06:21 - 2014-06-02 16:22 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2014-06-02 16:22 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-24 06:21 - 2013-10-28 18:59 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-24 06:21 - 2013-10-28 18:59 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-23 21:08 - 2012-09-12 17:27 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\TS3Client
2015-07-23 12:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-22 11:53 - 2012-09-08 20:36 - 00000000 ____D C:\Users\Po0gles\Desktop\Stuff
2015-07-22 10:38 - 2009-07-14 06:45 - 00358664 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 11:15 - 2012-10-08 15:24 - 00000000 ____D C:\Users\Po0gles\Documents\ManiaPlanet
2015-07-21 11:14 - 2012-10-08 15:17 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-07-21 11:14 - 2012-10-08 15:17 - 00000000 ____D C:\Program Files (x86)\ManiaPlanet
2015-07-16 23:24 - 2015-04-05 02:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 14:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 14:29 - 2013-06-10 17:51 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA
2015-07-16 14:29 - 2013-06-10 17:51 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core
2015-07-15 19:05 - 2010-11-21 09:16 - 00000000 ____D C:\Windows\ShellNew
2015-07-15 16:25 - 2012-10-16 20:05 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 16:25 - 2012-10-16 20:05 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 16:25 - 2012-10-16 20:05 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 12:50 - 2014-12-11 17:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 12:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 12:47 - 2012-12-17 16:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 12:40 - 2013-07-22 02:58 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 12:03 - 2015-04-11 17:15 - 00000517 _____ C:\Users\Po0gles\Desktop\Neues Textdokument (3).txt
2015-07-15 09:08 - 2013-02-12 18:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 09:07 - 2015-05-16 16:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-10 16:42 - 2015-02-11 00:32 - 02169684 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak2
2015-07-08 14:32 - 2015-02-11 15:54 - 02127577 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak3
2015-07-07 17:10 - 2015-02-11 15:57 - 02120240 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak4
2015-07-07 16:43 - 2015-02-11 16:41 - 02113322 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak5
2015-07-06 16:48 - 2015-06-26 21:22 - 00000850 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-07-06 16:48 - 2015-06-26 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-07-06 16:48 - 2014-07-24 20:35 - 00000000 ____D C:\Program Files\Nexus Mod Manager

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-09-30 22:42 - 2014-05-24 19:06 - 0045270 _____ () C:\Users\Po0gles\AppData\Roaming\room_v3.dat
2013-12-16 14:26 - 2013-12-17 16:46 - 1065984 _____ () C:\Users\Po0gles\AppData\Local\file__0.localstorage
2012-10-01 18:21 - 2015-05-06 16:59 - 0007588 _____ () C:\Users\Po0gles\AppData\Local\Resmon.ResmonCfg
2012-09-28 22:01 - 2012-09-28 22:01 - 1341859 ____N () C:\Users\Po0gles\AppData\Local\Tempmusic.ogg
2014-10-23 23:01 - 2014-10-23 23:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Po0gles\AppData\Local\Temp\avgnt.exe
C:\Users\Po0gles\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Po0gles\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Po0gles\AppData\Local\Temp\Nexus Mod Manager-0.55.7.exe
C:\Users\Po0gles\AppData\Local\Temp\Nexus Mod Manager-0.55.8.exe
C:\Users\Po0gles\AppData\Local\Temp\PROCEXP64.exe
C:\Users\Po0gles\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Po0gles\AppData\Local\Temp\sfextra.dll
C:\Users\Po0gles\AppData\Local\Temp\SIntf16.dll
C:\Users\Po0gles\AppData\Local\Temp\SIntf32.dll
C:\Users\Po0gles\AppData\Local\Temp\SIntfNT.dll
C:\Users\Po0gles\AppData\Local\Temp\utils.dll
C:\Users\Po0gles\AppData\Local\Temp\YgoUpdater.exe
C:\Users\Po0gles\AppData\Local\Temp\{89235614-2896-4242-8A53-BF5D2BF344BC}.exe
C:\Users\Po0gles\AppData\Local\Temp\{F2819802-FA1F-4F90-BD1E-7C34D4401405}.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-24 14:42

==================== Ende von log ============================

Po0gles · 03.08.2015, 15:10

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Po0gles (2015-08-03 16:02:49)
Gestartet von C:\Users\Po0gles\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-930851909-2753564859-313499025-500 - Administrator - Disabled)
Gast (S-1-5-21-930851909-2753564859-313499025-501 - Limited - Disabled)
Po0gles (S-1-5-21-930851909-2753564859-313499025-1000 - Administrator - Enabled) => C:\Users\Po0gles

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

"The last Kingdom" (HKLM-x32\...\"The last Kingdom") (Version:  - )
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{047D5657-1DAC-2B16-E110-F4A9C0E7EF2C}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.1.22.03 (HKLM\...\AutoHotkey) (Version: 1.1.22.03 - Lexikos)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bellum Crucis 6.3 - Bugfixer (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Bellum Crucis 6.3 - Bugfixer) (Version:  - )
Bellum Crucis 6.3 - parte 1 (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Bellum Crucis 6.3 - parte 1) (Version:  - )
Bellum Crucis 6.3 - parte 2 (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Bellum Crucis 6.3 - parte 2) (Version:  - )
BitTorrent (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\BitTorrent) (Version: 7.9.2.32692 - BitTorrent Inc.)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.0 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dota 2 Workshop Tools Alpha (HKLM-x32\...\Steam App 316570) (Version:  - )
Downloader (HKLM-x32\...\Downloader) (Version:  - )
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
DynaGeo 3.5e (HKLM-x32\...\DynaGeo_is1) (Version:  - Roland Mechling)
EE Multiplayer Map Tool v.1.0.1 (evaluation) (HKLM-x32\...\ST6UNST #1) (Version:  - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.0.7.1 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.0.7.1 Alpha - ETS2MP Team)
Forge (HKLM-x32\...\Steam App 223390) (Version:  - Dark Vale Games)
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version:  - )
Garena Plus (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Earth (HKLM-x32\...\{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}) (Version: 7.0.1.8244 - Google)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IB2 Conqvestvs Britanniae III (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\IB2 Conqvestvs Britanniae III) (Version:  - )
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KGCM Patch 4.2 (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\KGCM Patch 4.2) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.2.5.2 (HKLM-x32\...\{8D8F47B2-0E03-4C50-9803-A01120878F96}) (Version: 4.2.5.2 - The Document Foundation)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version:  - Nadeo)
Medieval II - Kingdoms Grand Campaign Mod version 3.0 (HKLM-x32\...\0005kingdoms grand campaign mod_is1) (Version:  - )
Medieval II - Retrofit Mod version 1.0 (HKLM-x32\...\0000RetrofitMod_is1) (Version:  - )
Medieval II - Rule Britannia 1.5 version 1.5 (HKLM-x32\...\0005Rule_Britannia_is1) (Version:  - )
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version:  - )
MOS v1.3 Full Install (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\MOS v1.3 Full Install) (Version:  - )
NehrimUninstaller (HKLM-x32\...\Nehrim - Am Rande des Schicksals_is1) (Version: 1.0.0 - SureAI)
NeoEE Patch (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\NeoEE Patch) (Version: 2.0.0.2 - NeoEE)
NeoEE Patch (x32 Version: 1.0.0 - NeoEE) Hidden
NeoEE Patch (x32 Version: 2.0.0.2 - NeoEE Devlopment) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.7.24334 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PoESkillTree - The Awakening (HKLM-x32\...\{B5012C21-ECA4-41AF-ABD1-F549D019B7A9}_is1) (Version: 2.2.0 - PoESkillTree Team)
Procurement version 1.9.0 (HKLM-x32\...\{E91043A6-7DC5-4C8A-A6E4-9D618A0B80D4}_is1) (Version: 1.9.0 - Stickymaddness)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Reconquista (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Reconquista) (Version:  - )
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - )
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Sid Meier's Railroads! (HKLM-x32\...\{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}) (Version: 1.00 - Firaxis Games)
Sid Meier's Railroads! (x32 Version: 1.00 - Firaxis Games) Hidden
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1740.1 - Hi-Rez Studios)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
The Settlers III Gold Edition (HKLM-x32\...\S3 Gold) (Version:  - )
The War Z version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - Arktos Entertainment Group LLC)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Unofficial Oblivion Patch v3.4.4 (HKLM-x32\...\Unofficial Oblivion Patch_is1) (Version: 3.4.4 - Quarn, Kivan, and Arthmoor)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WorldofTanks (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\WorldofTanks) (Version:  - WorldofTanks) <==== ACHTUNG
XMedia Recode Version 3.1.2.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.2.8 - XMedia Recode)
Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll Keine Datei

==================== Wiederherstellungspunkte =========================

02-08-2015 00:38:56 Windows Update
03-08-2015 11:26:08 Installed iTunes
03-08-2015 11:32:51 Removed iTunes
03-08-2015 11:36:39 Installed iTunes
03-08-2015 11:46:13 Installed iTunes

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06DDBB41-25A3-4B68-9E86-A513222AB41D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {0BB7154E-1B00-4F89-B5B5-3318ED277F5C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {17BE4FDF-B0D4-4CA1-AB02-FD1077CF0A46} - System32\Tasks\{0A389BFB-48BB-4800-8F0C-39B0716D1D20} => pcalua.exe -a C:\Users\Po0gles\Desktop\patch\setup.exe -d C:\Users\Po0gles\Desktop\patch
Task: {1DF6A922-94C7-4149-8855-1DEEE40AF355} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {203C4532-0523-4CF1-BF44-3941FE580B63} - System32\Tasks\{5B421F82-D600-4561-947F-8F28F12CD40C} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\SteamService.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Sanctum\runasadmin.vdf" 91600
Task: {29524348-7B86-422F-9249-8C3497E3CE6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {2CFE3436-ABA9-4D1F-B615-8E3FA7DADF1E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {31F2D5CA-D49B-48E7-BCE2-A329CD543ABC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {36DDC29D-D47A-435D-86B0-D32D3C445EE3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {420B732B-3CE6-4ACC-B515-E60F9FAB32F7} - System32\Tasks\{3BCF84E9-1B6A-4B2C-95F3-05E68648A1CC} => pcalua.exe -a C:\BlueByte\Settlers3\s3old160.exe -d C:\BlueByte\Settlers3
Task: {4EF3729C-12DB-47E8-B9DB-83ACDBB39C39} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ACHTUNG
Task: {678CA824-D9C4-4E03-AB88-4A67C70F5C78} - System32\Tasks\Google Updater and Installer => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {68798D6F-08E1-42F7-95E8-4108363C72E5} - System32\Tasks\{EAD4F953-BEA5-4034-B3E7-67B88854F51C} => C:\BlueByte\Settlers3\S3Editor.exe [2000-07-03] ()
Task: {6DF6D0A7-4971-434C-AE22-6B5AD7D679E3} - System32\Tasks\{F29A636C-5DE5-4583-960A-A32902440721} => pcalua.exe -a D:\0data\cbs.exe -d D:\
Task: {7DE92C95-0ABE-4F93-B881-40C5960710B7} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {BB986966-833A-4779-9305-0DB91EBF9262} - System32\Tasks\{600AC392-594D-4CD3-8727-491DF6312620} => pcalua.exe -a C:\Users\Po0gles\Downloads\Kingdoms_Grand_Campaign_v4.2.exe -d C:\Users\Po0gles\Downloads
Task: {C06797D0-001C-4F2C-8B79-2AA5180F4A80} - System32\Tasks\{383A742D-D0AE-4480-991B-7377D54F2E85} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\VideoPad\uninst.exe"
Task: {C1620C2F-48C5-49C5-A168-EC307468F3F4} - System32\Tasks\{CAB50BE5-9C4F-4517-A838-9674B417ACA9} => pcalua.exe -a "C:\Program Files (x86)\SEGA\Medieval II Total War\mods\Bellum_Crucis_63_Parte2_Uninstaller.exe" -d "C:\Program Files (x86)\SEGA\Medieval II Total War\mods"
Task: {C3F6AD9F-3F9E-40B7-B128-AFD40B7D16EB} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {C9DE0B60-BB94-4348-A173-A431216A268B} - System32\Tasks\{2B89B873-A3FA-4874-8F3D-743B31043835} => pcalua.exe -a C:\Users\Po0gles\Downloads\EE_1000-1040_ENDE.exe -d C:\Users\Po0gles\Downloads
Task: {CDBB6687-08D9-4CDF-8008-3D3B6B78FEB3} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {DA9B116F-C8DE-48F2-8624-CE3DD898E458} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {E5F333DF-0F98-45F7-B307-0387A2B66D29} - System32\Tasks\{2764F6CB-1549-4E31-9492-311D5C7174B4} => pcalua.exe -a C:\Users\Po0gles\Desktop\WinFlash_2.31.1\Setup.exe -d C:\Users\Po0gles\Desktop\WinFlash_2.31.1 -c /qn /norestart
Task: {F6776958-5F63-48E0-A857-DF06262C89D6} - System32\Tasks\{138C8E5C-1043-4CF5-8AF0-590571172DDF} => pcalua.exe -a "C:\Users\Po0gles\Downloads\Minecraft Alpha Custom Installer (2).exe" -d C:\Users\Po0gles\Downloads
Task: {FD57758F-4604-496E-8A88-50F1C864111F} - System32\Tasks\{00B07DFE-8450-4614-8FB6-2BBC71AEC751} => pcalua.exe -a "C:\Users\Po0gles\Desktop\Empire Earth.exe" -d C:\Users\Po0gles\Desktop
Task: {FDDDEF8E-213A-46A5-8AE2-89217525A602} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core.job => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA.job => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-09-07 19:29 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-04 22:04 - 2012-07-04 22:04 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-07-04 22:04 - 2012-07-04 22:04 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-06-13 10:36 - 2011-06-13 10:36 - 00922240 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2010-12-02 04:15 - 2010-12-02 04:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2014-10-23 16:28 - 2010-10-21 11:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2013-01-29 02:05 - 2015-05-24 12:44 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-10-23 16:28 - 2015-08-03 15:54 - 00032256 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2014-10-23 16:28 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2015-05-06 15:31 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-01 23:47 - 2015-07-25 10:46 - 01405768 _____ () C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-08-01 23:47 - 2015-07-25 10:46 - 00081224 _____ () C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\44.0.2403.125\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-930851909-2753564859-313499025-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Po0gles\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: HiPatchService => 2
MSCONFIG\startupfolder: C:^Users^Po0gles^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BitTorrent => "C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{09659166-E78E-4712-8EFB-397EFE139D16}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{5F3F9014-4D0A-4600-8452-B9B00C70C89E}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{1EBEAE3A-B468-4BC0-935F-E6FA74DB4C5F}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{FA8C7172-C82F-48C1-AEFF-EA0CD62D1ECE}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{8E4708C9-E302-4F0E-881F-5C925D0CD7FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{408FEF36-F54A-4266-8C0D-B9AD36186358}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9F8DDB5-B953-4F80-8117-DB20AA2D1555}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E8265E4E-05B5-41D2-A02C-C3C9FF0D6854}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DA4DBBE2-5CDA-4450-8E97-FF2E947DEF14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D62B8B79-5828-4E03-B101-704141537745}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EDDA7849-7AB7-47B9-AC49-A69D5EA5A263}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{0236C5A8-D5C4-40B8-9703-FACE28D0ED2E}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{435C51D7-16D3-4EC2-B499-198E72E8B98A}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{3FC625E5-3E96-4C0D-BBF0-19B6B0D53615}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{759EA014-74EC-46D7-A2F4-5C7284BD5BBD}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{CF9385F9-48C5-4337-AD2E-5264AC4C2644}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{9F8556D6-7BDF-4FE8-A3BF-3BEF1A15C765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{67CF3A47-F294-4EA3-B661-34B12A97D88D}C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [UDP Query User{3A889703-5EE2-4902-8507-CE6B5C1A2438}C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [{04B2CE9A-6B0A-4C79-90DE-7CCE3B0AE163}] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [{B40F2917-7BBE-4831-85CC-09C82D48E8C9}] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [{DAE10449-CD68-474D-BE30-D3EB4D4DB1B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{00E61F2D-FA47-4875-ADC4-BBDF115A7C8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{5719FD3C-B429-4E24-9A7B-2D192275F0F9}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [{2FDAC4E8-1218-465B-95DB-C4A05E588F56}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [{C06E6E17-C650-4165-B24C-065E5A4C746F}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{1C2D97B4-381A-4C14-9EE2-B3D2907C03AE}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [TCP Query User{7D8162B1-9691-418E-998D-93B3BBC421E1}C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat] => (Allow) C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat
FirewallRules: [UDP Query User{E3B87E49-0CAB-4E15-9A4F-FD46BD824955}C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat] => (Allow) C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat
FirewallRules: [{45B804F5-CC3C-4EEC-9FB0-7F915817CD98}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{08780311-398A-4D37-84FB-21919C12FAA4}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{B60C2830-8E39-44A9-A484-139B769EAC94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{355FF499-A075-4008-9989-89DD4D18AE89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{7D4695C8-F5C7-46F4-A4B9-13AEF078DBE1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{A8B8F3CE-DA1D-41B5-B7C4-DF30EE32C97A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{81150DEE-A87C-4E21-82CC-70AC1F6D5F50}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{5C300720-0359-43E1-A579-98DD701F66B2}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [TCP Query User{53913C83-B023-45EA-BEC1-6F963B6F4F17}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{4C4AF124-DC91-45B7-AE51-586A74CA5526}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{DE258844-59B4-43BE-9E8F-51FBAA07F303}] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{580D1CA8-FC92-42F9-905F-A32749CBDD17}] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{30A6067C-5036-4623-AB03-59549411454E}] => (Allow) C:\Program Files (x86)\Garena Plus\Room\garena_room.exe
FirewallRules: [TCP Query User{CDF16D67-69FD-45A5-A1B4-71E142A416EB}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Block) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [UDP Query User{F70492AB-3D36-48B5-A2FF-C9180F1A7BE1}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Block) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [TCP Query User{9BD695B5-38F4-4D8B-9ABF-E8BD175100A0}C:\program files (x86)\sega\medieval ii total war\medieval2.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [UDP Query User{74FFA622-654D-4F27-A3CD-B5DAFB8A2D73}C:\program files (x86)\sega\medieval ii total war\medieval2.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [{FC07BF47-F3F5-4930-A93A-F3995A11AE15}] => (Block) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [{0FFE15FD-997E-4FE3-BAE7-86718E380C92}] => (Block) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [TCP Query User{DCE12AB8-B306-46E9-9E67-A0E5FA0FF72E}C:\users\po0gles\documents\the warz\infestation.exe] => (Allow) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [UDP Query User{5DBBA82A-7DD3-4F31-9056-98185725C632}C:\users\po0gles\documents\the warz\infestation.exe] => (Allow) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [{8F2D6673-B515-41D8-8A77-BF75446E53BD}] => (Block) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [{FD0B5488-BD84-4359-8DE1-AE4340209D4E}] => (Block) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [TCP Query User{B582E288-1E82-4165-9B36-CF20F9CB5310}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{BF4E30D9-B08D-4A0F-B77A-FC6293740E48}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{578D1D81-4AEB-4F6D-B1C3-EBB11289A327}C:\program files (x86)\sega\medieval ii total war\kingdoms.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [UDP Query User{7D0E7711-60C9-4653-AF69-2E23F4B0A10F}C:\program files (x86)\sega\medieval ii total war\kingdoms.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [{9BEFB73D-6622-41FE-B2E5-4DE12E6CFCAE}] => (Block) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [{A5EC792E-8768-4619-B7D2-E89BBC6DD904}] => (Block) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [TCP Query User{B64EC44E-51B4-4986-866E-03F50A24A0BA}C:\sierra\empire earth\empire earth.backup.exe] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [UDP Query User{3D4E6FA2-7706-4AA6-A0D8-20F0317A71B9}C:\sierra\empire earth\empire earth.backup.exe] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [{25E8F564-6578-4BA1-8821-73216DDF1A86}] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [{23E64E1D-5C43-4397-A42F-2CB346E08BE4}] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [TCP Query User{D05E53FF-0D6C-445B-9789-9FCA7F79E0EC}C:\sierra\ee-zde\ee-aoc.exe] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [UDP Query User{70B5BB2C-00FE-4779-95A9-5814E31B9043}C:\sierra\ee-zde\ee-aoc.exe] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [{DC991222-FC62-475D-93F1-3DB95A8FCA7A}] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [{24153C70-0B1D-4487-A98E-6E678C479D03}] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [TCP Query User{5C5E36FE-C604-4ED0-AB7F-5E48A673C57C}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{45511264-ADB0-4BAE-BC69-F4EC59D7B827}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{F53CF9F3-3E24-4A60-9221-CD64D56D0EAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{630C8711-7806-4F73-AFCF-027C558BF883}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5B93A4F4-4DFB-48B0-9FEB-18292BB259CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{998FDA30-BB60-4E34-87E1-72BB51CC8EF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E812317D-DA20-4EC2-A2AA-6AD08A386AAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{3333EEC4-A758-484F-ACF8-5995626E0C7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{6B59F988-E04B-4690-B987-07B33C85CA48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\CreationKit.exe
FirewallRules: [{C6F40407-BC98-4DEE-8CF8-F97EA51FBE67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\CreationKit.exe
FirewallRules: [TCP Query User{588EDF6B-2679-4CF1-9349-D030010E9C8E}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{86673A2D-F83C-42B6-A129-2CC1608301CF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{BE374EE2-919F-43FF-8B70-9766F4C599F2}] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [{001F5314-68D0-49A6-960D-1468DEB4AD4E}] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{EBD587F0-75BD-4B06-8890-B9EE85C3473D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D2BFDE38-B50A-4469-9942-1BF02654AC54}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E5231F9F-D587-4A68-9ABF-0772F9986CF1}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [UDP Query User{FF54FA06-B71E-40AD-AD33-CAACEDD6A1BC}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [TCP Query User{1551D2BB-9EDB-4363-9002-515B095EFF1C}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{D3C28643-21F9-4C8E-A153-E446C8FC0358}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{9F0B3803-BE77-4039-8B1F-402D371EFE77}] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{F304B339-523F-4DCF-8F1A-11E98B0F0750}] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{BB9FD833-8A29-4C0A-8CBA-7E187C79435C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3B175549-576F-464A-89D4-9EDB48FBD875}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CAC09894-3010-45E2-AE7C-4D60B5441014}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4BB795B8-F09C-4329-A353-74861A381B5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B37A2D5-6618-4639-925F-7A9CB40134FD}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3FD57333-DB7E-4C4A-860D-B072DBA9DF82}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3215A418-E659-44D3-9BAF-32FDE7DB5327}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{80C7D7EE-7737-43E4-AC3F-F0FDE7D9A340}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C25B8783-ED5D-4E3A-8B5F-DC36C6E170C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B128D88-550F-402C-8ECE-64CC80F3DE3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{7C245DFC-4520-4E62-890C-23A037BD14FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B70A02CB-B414-4071-9084-D47CCA4930A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{664233F0-0891-40BC-B9A5-0B310D0998DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{40E3BA92-A3C6-408C-951C-6B11DE61CC42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{0B5091F6-D2D9-48F3-BD0D-3E666AF4A366}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{3767B97C-A0AE-41B6-904D-6F19D997EEA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{12391F95-B829-4B6F-89F7-DE284619D1C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{F3D59FDB-68FC-427B-93B8-3646802B8F2E}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{3F2083C8-16D6-4DFE-840A-27305DEF7FAA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{8CFA8FC2-0CA2-48DC-8363-5101318E39ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4AE04F12-48D0-4D53-89B2-F03CADF1D480}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5DCBFA4D-57CB-4A7C-9D50-3B20F8E2A18D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D296C840-6A2D-451E-A8BB-5C9CA8FF9364}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{38C46737-5C8F-4A38-926B-5D80A8CCF059}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{EB86EC8A-0C1A-4C26-888B-C65E0EA40510}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{255F56D3-24FD-456D-BF57-D388D3EB779A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{00D9F994-8E0C-44C4-92FB-E3384B782B69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7706470D-F3BD-4E99-9C64-9B5897024A85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{99A83029-809A-4483-B3DD-FCD948C7103A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BBA6CEDF-A11D-4259-8AED-DED45034C52D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{9269A289-4AD5-44B1-A551-F26287688D69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B0ECE9F4-93C0-4A42-8692-FE10AE3B7FA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9E0DE38B-FCDA-4FC2-9164-284C67369EC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DB95E0F2-1481-4FC1-A76E-685B4F4908C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B9B2FD0C-84BD-4730-BDF5-5D15B59DEA44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{38F787A8-6A52-4B8B-B7F5-79E6D4771F39}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F21AF757-6732-41C0-B3AD-427E207C81BC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{79799E83-9170-4A41-8FFA-B21A9B8FE7F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9ADEFF5A-1462-454E-8D3D-C4EB6290A8E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F3BD7286-53F9-47C9-AEDD-73AA592602E0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{ADD96A5C-8036-4302-9F4E-8323E067025D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A2F7A9B1-BC20-4B9D-B551-6BC711A66D6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7DCB2F56-5024-48B6-91B3-FF947A11D52C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8DE003E1-7708-4083-AC41-CC7319589A3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{8F13248F-BC7C-474C-B9A7-9E6F00BABAFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{17903EA3-328F-44F9-8F03-5079E2344E40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{03497433-641E-4FDD-8F0B-8C5E549A039A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0EC0B6FC-28B1-4431-850D-366A6E81BF07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{D651CA79-2004-4566-8920-D659F995C8CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F8A8316C-58A4-4272-B8E5-B6A82F5A7BE6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{E02A9719-040A-494B-91E3-23EC710BBA5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{76226352-6EF4-49A2-BDCA-2B8A6097513C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{43446A12-0A3F-4816-A4D0-07EF2B6B70A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{C865885B-C76F-48D6-8108-78E09936ACE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DBA3F375-4528-4786-A55C-7841718805F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{46600C2E-CF40-4A5B-9612-274DD95DF047}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C362542C-DC65-4AB2-8436-5530BFDBA009}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D8382640-699A-4CC3-B79D-1092E9C63489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{90CA2043-108B-474A-A0AB-1B3CCBDB58F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C613959B-EADA-45FC-82F0-4282DFAD090F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [{FBE4BC43-7632-4B6A-8D25-1D793A006FA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [{CA74FD7E-EE85-47D6-978F-8C7048E5EBFE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E59A06D2-FF4B-4E82-BEB1-69F6ADA73B0B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E874B13E-1F40-4BD1-AA52-9702E50C3966}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{54669148-EF0C-49F5-B58F-6A13A5D01D8E}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{C051D6F7-97A0-4178-9C06-936934A7F902}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{8BB92BCA-573F-4287-AB50-1557F3D089B6}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{1A688049-D72D-4536-8277-AAB18968F104}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [{AF6CB5A4-8122-4A4C-8FD3-14B821632ED6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [TCP Query User{00060EA9-9A9D-4A46-B2EB-191D639DD0BA}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{EA9EBA9C-F03E-4286-B815-2135750AE011}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{3655AA9B-3B63-4B20-A09E-8666F4A0CE5F}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{B266870F-0F71-46C5-A108-ADF8D1EBFB14}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{3DD5B4CE-F914-4F14-AE7B-F4B5F426F759}] => (Allow) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
FirewallRules: [{A3C9E570-7EB6-4778-9B58-BF8B2BCBD9A6}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{23F8A940-AA9F-47A7-9857-BE851F569186}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{8D89E576-4513-4ECA-B6BC-9DA5606921B7}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{2CC94D1E-EC09-472C-838D-585F6907E59B}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{9F7F9F80-1B53-4943-88AF-F5B0FE6C2CF7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{3EF30DA2-AB17-4582-B532-73B77FD87995}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{D8EB383E-2BCD-4031-8D20-101590139531}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{9B8D9C4B-B393-4E14-9748-12B12A570641}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{55F814BA-19FE-4ECA-81CC-DF0197D1CEE1}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{5855EF2A-F018-4DB2-B9F9-914E8FCFA4BB}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{D56ED53A-7101-4B87-B49A-B57E69F1A115}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{0144BA9C-0BEE-4373-85C5-567CF53A581F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{5AC124C0-1DC1-4E16-AAEE-00BC7B896F1D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{58DD91AC-98C7-41FA-A848-A572E2694DD0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{64727803-A639-495C-AC9B-EB279CC25850}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{69B90118-3F7D-4253-9F92-79FD059DFDB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{100C2006-F36C-4E11-A75E-CBABB5CC0C04}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{1A257707-1840-42DB-AA5B-F8AB524DB6B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{276FE320-14D3-40F1-BB09-A55D51802B46}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{C8F79C44-F2C2-4AB3-8072-671D445B837F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{FDA07ECE-6BDE-42A6-881F-F5A7CD8AB0EA}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{168E564A-F468-4136-ACDE-C35A4BC673EC}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{697A7D2B-7DB0-4767-A0E6-70B16920E95F}C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [UDP Query User{25461CE8-23A2-4A36-B81C-BB2BD83C6F36}C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [TCP Query User{5588CE3D-C879-442B-89F9-49421B9D222A}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{98F2D887-142E-4DCD-8088-57736708EEB0}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{4AD060B0-404C-400C-8D69-82866D882BF7}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{F5098EA9-3C70-4DB6-BE26-965BDD444F0B}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{9B8DAC58-3C3B-4222-A322-465F82686018}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{89349378-E644-493F-9FF4-075ECE9BE50A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{3C760E99-B90C-49CE-B135-353D297944B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{82CD8633-5D24-4C6F-A9A8-A9BDEC82BB11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C68CB0E6-18FE-4EED-B8A5-228DFB7B6D64}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDF659B6-77C1-4C92-8B54-5989B7C73F6C}] => (Allow) LPort=2869
FirewallRules: [{EF9E0390-6FA5-46F4-9D47-E2775990885A}] => (Allow) LPort=1900
FirewallRules: [{9127A163-17DB-45D1-8575-C895CD3635D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{6CB8FF39-41D1-4F3C-9E5B-23336CEC8F12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{8BF2BBB1-2040-414B-868D-DCD9DFAF8CA3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{A7C71DF7-D4AF-4747-A099-DFC8FA4F6DF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{13D01A7D-7CE2-4B11-8E48-45239A11C364}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{804AC24C-C513-4A43-9937-3CC270DFD7B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{7A79C847-30B3-4D8E-97C3-A712DAF20F4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{B23FE913-626B-44EC-B6F7-B364A2A9F9AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [TCP Query User{242B0DF8-B51D-4B0B-9120-055A45B82124}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{9680519D-B9F0-4FCF-9A81-46ABE2EAC601}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [TCP Query User{7388EA12-A663-4A0F-9B1F-D4DDF45D08B7}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{64D2F909-D03A-47A9-924E-EE3766A23913}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{D8220A93-F305-4EFA-8684-620A674A5475}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E1A742A8-7E43-4F08-8A0D-331D3125A6B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{A3506F4D-7638-4759-96F5-69ACB3D31E23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{6DCB8B99-4978-4595-A21A-92DEA8AC5B64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{A4927937-071B-4E30-A705-589AD344FE1E}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{EA394093-0C2E-45C7-80B1-6590F04D736A}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [{F31E2FA1-7AAA-4239-A4FF-DCCD61C58CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{453605AA-9959-4D58-8118-47B66A1E0D2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{9D30BD7F-6407-424D-9A50-B4A2DF626CBF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5CF51841-C2CC-40E2-98B4-F5C54C6CFA1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{20A5AE14-424B-4C71-83AD-F3181467BF6B}] => (Allow) C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C3AD2846-D331-4C00-AAB2-C968BBF8F0A1}] => (Allow) C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{B06F97ED-D519-4514-A31A-0FC48151DBB3}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [UDP Query User{690A3B6D-DBE4-4A0D-8766-C322B6D7378D}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [TCP Query User{FDBCD20D-CCB7-465B-871C-C7DAAD57792E}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [UDP Query User{989BF3D3-9EE1-4FE8-982D-FCE8473D49F4}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [{6EB1ABB1-126E-49D3-A4E9-02D7E65A633B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{2B6E303F-FFCA-4200-AEB5-99363D4CD19F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{718C337D-2E64-41CA-A0F7-244B31AA6CD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{09C66128-8088-4BA7-A947-86F0F188E39A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B109102E-7DFA-4782-B812-B67ED8165FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C8F3E627-5831-4477-A35F-A402F6024BDD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{875FE039-FB80-4522-B1A1-3F3CA7D52822}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{5B00A3EC-6D07-49E5-88F9-518CCDC32230}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{BBDAC0C0-95AD-4961-8F2B-46986A5CEC8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{67A00C1B-8401-4E2C-9E91-248D39AFB66B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{3F774A3F-746A-4B53-ACFB-AFE1FA9C6245}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2cfg.exe
FirewallRules: [{59540169-8030-4CB1-9F87-3717A3B10B7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2cfg.exe
FirewallRules: [{91FE019F-9727-4F64-A180-3125451E305F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{834A4019-CEB3-4D8F-963A-3D500662B8AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [TCP Query User{09930B68-4539-4506-8734-EBFA2109D4C2}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [UDP Query User{BB0D2075-C111-4D3E-B858-E63FFAC060B6}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [{198F36B9-B1B8-4665-A6DA-61E703F90ED5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{9F1423E2-10F7-4421-ABFA-E7BC253F49AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{B8F76673-B504-4D63-B02A-19D938C7DFB9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{FCBF5FD9-1459-4939-9C36-A48AF366645A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{6B0AF022-0AEC-4A3C-9EF5-8DA058CB63E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{DF4381CE-23B6-4A81-ACB4-A5F6A7F7795D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{5CC0C758-1754-4886-8CF2-1CF5E4D065E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{BE9DCE20-5655-4034-AEBF-066F5E8DE08D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{7D2E2389-93A4-41F1-8FB4-BF55939FC54A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{934873B1-3BF7-4FD7-954E-8C1B519D1735}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{CA43679D-70EC-4E86-9C00-ED7BF0503D96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{DBBB847A-36CD-4C3A-8439-F6C3A7B52A3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [TCP Query User{6D938E60-7ED2-45AE-AC83-6A2F73004AF2}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [UDP Query User{9692A475-DFB6-4DD8-9E0B-DCE1DB7BC06A}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [TCP Query User{57480D91-8844-4E5C-A9CD-5BABE6CD54C4}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [UDP Query User{03D59975-8DAB-47FD-A669-8E52C416D3EF}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [TCP Query User{CC852DF1-0771-40C0-B1F0-07C44EEC94EE}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{CA815513-A38E-4C5A-8B77-8E31CE412692}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{EAAFE444-FDC5-486E-BB5C-17D5D09A6EBC}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{77B3D6A3-3BC4-4950-B626-2946EB993F10}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [{A80C4A8E-CC90-47C4-97E4-5F5E8C6F343C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{FEDF4704-F0E6-4EDF-8538-8D5FE45DFD21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{DC7F7AEA-85F6-4FC4-9E09-6265B1579BB4}C:\programdata\battle.net\agent\agent.3526\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3526\agent.exe
FirewallRules: [UDP Query User{CC7D1A77-FEAB-4FF7-8028-F045E35B9121}C:\programdata\battle.net\agent\agent.3526\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3526\agent.exe
FirewallRules: [{1E080F29-E294-40AF-91E8-9DD8D89AA938}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{AED9BCA8-3D7A-4A0D-AD08-8BE713FD5D8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{F79C60A9-FA96-4AD8-A572-9D436C24486B}C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe
FirewallRules: [UDP Query User{4C180491-3928-4F2D-BA02-533F730725CA}C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe
FirewallRules: [TCP Query User{6BE64B3D-2451-4879-973D-DCC9D0FC7CCD}C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5E3C9295-7123-4342-9FEF-114503F6ED86}C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{93CC89E4-F8B0-41B6-B137-6C415734CD26}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{6037B23A-ACF7-4C43-9CF6-992C9A72C139}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{AD9DB2D2-3189-4CEF-B05E-E79FC67749E2}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{956D9F83-D6D1-411D-AC5F-7E4415C85C15}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{7B72D76D-0451-4432-A1E4-37ED45CD58F9}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B1879650-8862-4AF4-AB99-0DCE2F23B406}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7603DB9F-A2B5-4144-943B-BB9EFFADF2F8}C:\users\po0gles\desktop\ygopro devpro\devpro.dll] => (Allow) C:\users\po0gles\desktop\ygopro devpro\devpro.dll
FirewallRules: [UDP Query User{94759FBE-F90D-48B4-A904-C98A05C1E918}C:\users\po0gles\desktop\ygopro devpro\devpro.dll] => (Allow) C:\users\po0gles\desktop\ygopro devpro\devpro.dll
FirewallRules: [{25DAACAC-B92D-493B-8BA7-A22689AF9D4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{5856DCD6-1F3D-4C7F-A986-16FDDE9D7B4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{DB9BAD0D-8181-4660-BB5E-C3AC2AF1D040}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{78EAD350-E4EE-4329-BD54-57E87E146F6F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3D61F93C-BAAB-4596-8C0F-8410F9F78B0D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9715385F-A0BA-48FE-AC99-E87DDF0F54AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{66C8E8F2-18B6-4CAF-AB02-1D1366BF80F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{F2B2E7B5-9340-49EE-B0B0-15213A9A0489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{05F0DB0B-6BA8-4AF2-9E9D-772416768679}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{82FC2220-8487-4FF5-9A09-FD00E49D72AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{BE420DC5-98CB-4AA6-A6C1-22C71FBF3737}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{CD14F31B-782A-4578-A93A-C4A4B9CF198B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{6ECE52ED-F744-4EB4-8220-907806DDC9BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{C0D6B0E0-E5AC-43FD-B536-097BA034FF45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{0C3CF743-D1F6-439F-8AFA-C2ED8E211A64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{4B0E6D51-E7C5-44F6-87A7-92C0CBD8904F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{9B2468AB-E30C-483D-889E-04FDAA287DAF}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{DFF03144-DCD7-4F3B-ACD0-C75AE0145716}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E4AD85BE-41E2-4885-B4CB-3EE866E3FE73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{159317B0-213C-4485-8FD2-5E3718A12F5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{7DB36D6A-8E10-49A3-9F03-BB81865BE22A}C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe
FirewallRules: [UDP Query User{78C8BFA0-9EF0-4CE6-B153-336ECA23FB68}C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe
FirewallRules: [TCP Query User{E4129B15-0E66-412C-91D6-47EC6AB59666}C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe
FirewallRules: [UDP Query User{FA9E65F3-3B8A-417C-8F2B-900F5BF89E95}C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe
FirewallRules: [{D801C96D-027F-4620-9666-816D82AF9428}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F21308C0-9CD7-41C5-82F5-7DEFB9178243}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8DAD7DE2-2666-4C27-8D9C-92AA751B223A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7FA0531F-5036-4CDD-80DA-D10DD5FABF83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{06ECB473-74CD-4891-8F16-F6E2DC1DFBDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: TAP-Win32 Adapter V9 (Tunngle) #2
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/03/2015 03:56:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 03:38:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 02:51:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 01:32:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 01:25:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 01:15:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4ff4f602
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x554
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (08/03/2015 12:20:58 PM) (Source: MsiInstaller) (EventID: 10005) (User: Po0gles-PC)
Description: Produkt: Java(TM) 6 Update 26 -- Interner Fehler 2753. regutils.dll

Error: (08/03/2015 11:45:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 11:42:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4ff4f602
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x710
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (08/03/2015 11:42:06 AM) (Source: MsiInstaller) (EventID: 11923) (User: Po0gles-PC)
Description: Produkt: iTunes -- Fehler 1923. Dienst "iPod-Dienst" (iPod Service) konnte nicht installiert werden. Überprüfen Sie, ob Sie ausreichende Berechtigungen zum Installieren von Systemdiensten besitzen.


Systemfehler:
=============
Error: (08/03/2015 03:53:34 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst AMD FUEL Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (08/03/2015 02:50:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎08.‎2015 um 14:36:39 unerwartet heruntergefahren.

Error: (08/03/2015 01:15:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/03/2015 11:49:55 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/03/2015 11:49:55 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/03/2015 11:49:54 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/03/2015 11:49:53 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/03/2015 11:44:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (08/03/2015 11:42:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/03/2015 01:43:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2014-10-23 15:47:31.317
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-23 15:47:31.224
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Processor: AMD FX(tm)-4100 Quad-Core Processor 
Percentage of memory in use: 50%
Total physical RAM: 4042.44 MB
Available physical RAM: 2017.18 MB
Total Virtual: 4240.65 MB
Available Virtual: 1695.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:49.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 686E7D52)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Ende von log ============================

schrauber · 04.08.2015, 06:57

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

WorldofTanks
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Po0gles · 04.08.2015, 11:06

Hey, danke für die Antwort. Die Deinstallation von dem WorldofTanks scheiß schien erfolgreich gewesen zu sein obwohl ich zwischendrin eine Warnung hatte (?), konnte jedenfalls auch dessen Registry Einträge etc. löschen.

Hier einmal der ComboFix log:

Edit: Habe vergessen den Windows Defender auszuschalten

Antivir habe ich aber noch nicht wieder drauf hoffe das ist nicht allzu schlimm.

Code:

ATTFilter

ComboFix 15-08-03.01 - Po0gles 04.08.2015  11:41:07.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4042.2274 [GMT 2:00]
ausgeführt von:: c:\users\Po0gles\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\SearchProtect
c:\users\Po0gles\AppData\Local\assembly\tmp
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-07-04 bis 2015-08-04  ))))))))))))))))))))))))))))))
.
.
2015-08-04 09:52 . 2015-08-04 09:52	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-08-04 09:33 . 2015-08-04 09:33	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CAE4685-4689-4AC7-B483-AEF1285F2995}\offreg.3108.dll
2015-08-04 09:27 . 2015-07-15 01:12	12222168	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CAE4685-4689-4AC7-B483-AEF1285F2995}\mpengine.dll
2015-08-04 09:26 . 2015-08-04 09:26	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-08-03 14:01 . 2015-08-03 14:03	--------	d-----w-	C:\FRST
2015-08-03 09:47 . 2015-08-03 21:22	--------	d-----w-	c:\program files\iPod
2015-08-03 09:47 . 2015-08-03 21:22	--------	d-----w-	c:\program files (x86)\iTunes
2015-08-03 09:47 . 2015-08-03 21:22	--------	d-----w-	c:\program files\iTunes
2015-08-01 20:32 . 2015-07-25 18:04	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-08-01 20:32 . 2015-07-25 18:04	765440	----a-w-	c:\windows\system32\invagent.dll
2015-08-01 20:32 . 2015-07-25 18:03	433664	----a-w-	c:\windows\system32\devinv.dll
2015-08-01 20:32 . 2015-07-25 18:03	1085440	----a-w-	c:\windows\system32\appraiser.dll
2015-08-01 20:32 . 2015-07-25 18:03	67584	----a-w-	c:\windows\system32\acmigration.dll
2015-08-01 20:32 . 2015-07-25 17:55	1145856	----a-w-	c:\windows\system32\aeinv.dll
2015-08-01 20:32 . 2015-07-25 18:07	17856	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-08-01 20:32 . 2015-07-25 18:03	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-08-01 20:32 . 2015-07-03 04:28	47976	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2015-08-01 20:32 . 2015-07-03 04:28	65896	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-07-21 10:12 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 10:12 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 10:12 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-21 10:12 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 10:12 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 10:12 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-21 10:12 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-21 10:12 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-21 10:12 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-21 10:12 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-17 13:45 . 2015-07-17 13:45	--------	d-----w-	c:\users\Po0gles\AppData\Local\GWX
2015-07-15 17:05 . 2015-07-15 17:05	--------	d-----w-	c:\program files\AutoHotkey
2015-07-15 10:28 . 2015-07-01 20:56	95680	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-07-15 10:27 . 2015-06-15 21:45	3242496	----a-w-	c:\windows\system32\msi.dll
2015-07-12 15:33 . 2015-07-12 15:41	--------	d-----w-	c:\users\Po0gles\AppData\Roaming\PoESkillTree - The Awakening
2015-07-12 15:33 . 2015-07-12 15:33	--------	d-----w-	c:\program files (x86)\PoESkillTree - The Awakening
2015-07-12 15:33 . 2015-07-12 15:33	--------	d-----w-	c:\users\Po0gles\AppData\Roaming\{B5012C21-ECA4-41AF-ABD1-F549D019B7A9}
2015-07-05 17:20 . 2015-07-05 17:20	--------	d-----w-	c:\users\Po0gles\AppData\Local\CEF
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-04 09:23 . 2014-05-16 12:39	16152	----a-w-	c:\windows\system32\drivers\SWDUMon.sys
2015-07-24 04:21 . 2014-06-02 14:22	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-07-24 04:21 . 2013-10-28 16:59	1423304	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-07-24 04:21 . 2014-06-02 14:22	1756608	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-07-24 04:21 . 2013-10-28 16:59	1710568	----a-w-	c:\windows\system32\nvspcap64.dll
2015-07-15 14:25 . 2012-10-16 18:05	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-15 14:25 . 2012-10-16 18:05	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 06:43 . 2012-09-26 15:10	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-07-03 04:28 . 2013-09-09 16:10	69992	----a-w-	c:\windows\system32\nvaudcap64v.dll
2015-06-23 11:30 . 2010-11-21 03:27	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-06-17 17:56 . 2013-04-19 16:03	21840	----atw-	c:\windows\SysWow64\SIntfNT.dll
2015-06-17 17:56 . 2013-04-19 16:03	17212	----atw-	c:\windows\SysWow64\SIntf32.dll
2015-06-17 17:56 . 2013-04-19 16:03	12067	----atw-	c:\windows\SysWow64\SIntf16.dll
2015-06-16 23:01 . 2015-06-16 23:01	1202856	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-06-10 21:08 . 2015-06-10 21:08	6112072	----a-w-	c:\windows\system32\usbaaplrc.dll
2015-06-10 21:08 . 2015-06-10 21:08	54784	----a-w-	c:\windows\system32\drivers\usbaapl64.sys
2015-05-25 18:24 . 2015-06-10 13:00	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 13:00	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 13:00	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 13:00	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 13:00	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 13:00	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 13:00	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 13:00	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 13:00	503808	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 13:00	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 13:00	50176	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 13:00	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 13:00	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 13:00	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 13:00	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 13:00	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 13:00	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 13:00	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 13:00	112640	----a-w-	c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 13:00	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 13:00	43008	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 13:00	104448	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 13:00	19456	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 13:00	338432	----a-w-	c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-10 13:00	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	6656	----a-w-	c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 13:00	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-10 13:00	3989440	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 13:00	3934144	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 13:00	1310744	----a-w-	c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 13:00	635392	----a-w-	c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 13:00	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-10 13:00	92160	----a-w-	c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 13:00	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-10 13:00	641536	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-10 13:00	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-10 13:00	40448	----a-w-	c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 13:00	364544	----a-w-	c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 13:00	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-10 13:00	37888	----a-w-	c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 13:00	82944	----a-w-	c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 13:00	17408	----a-w-	c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-10 13:00	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-10 13:00	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-10 13:00	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 13:00	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 cpuz134;cpuz134;c:\users\Po0gles\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Po0gles\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-16 14:25]
.
2015-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core.job
- c:\users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10 15:51]
.
2015-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA.job
- c:\users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10 15:51]
.
2015-08-04 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24 10:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-07-24 2634896]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-07-24 1710568]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2000-01-01 7660760]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-"The last Kingdom" - 0:\program files (x86)\SEGA\Medieval II Total War\UninstallLastKingdom
AddRemove-Nehrim - Am Rande des Schicksals_is1 - c:\program files (x86)\SureAI\Nehrim\unins000.exe
AddRemove-{B931FB80-537A-4600-00AD-AC5DEDB6C25B} - c:\program files (x86)\Electronic Arts\The Lord of the Rings
AddRemove-MOS v1.3 Full Install - c:\program files (x86)\SEGA\Medieval II Total War\mods\Third_Age_3\Uninstal.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-930851909-2753564859-313499025-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-930851909-2753564859-313499025-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-930851909-2753564859-313499025-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-08-04  12:02:21
ComboFix-quarantined-files.txt  2015-08-04 10:02
.
Vor Suchlauf: 26 Verzeichnis(se), 65.079.656.448 Bytes frei
Nach Suchlauf: 31 Verzeichnis(se), 65.469.579.264 Bytes frei
.
- - End Of File - - 7104061E9F819B8C87ACB0B79CAF0B26
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 04.08.2015, 15:32

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Po0gles · 04.08.2015, 17:50

Hier einmal die MBAM Logdatei, war mir nicht sicher ob im Code Format oder nicht deshalb mach ichs einfach im Code

.

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 04.08.2015
Suchlaufzeit: 17:47
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.04.04
Rootkit-Datenbank: v2015.08.04.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Po0gles

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 382700
Abgelaufene Zeit: 25 Min., 58 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 15
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT2625848, In Quarantäne, [9b399b69503b0c2ae5787c260cf80bf5], 
PUP.Optional.StartGamePage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\WOT W1, Löschen bei Neustart, [0bc95ea682098da9fe19888906fd17e9], 
PUP.Optional.StartGamePage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\WOT W2, Löschen bei Neustart, [597b40c4e0ab1a1cfa1d65ac20e3a45c], 
PUP.Optional.StartGamePage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\WOT WFRI1, Löschen bei Neustart, [b81ca361addec96d9783769bfd06e21e], 
PUP.Optional.StartGamePage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\WOT WMON1, Löschen bei Neustart, [07cd2cd85a3173c323f74bc67093966a], 
PUP.Optional.StartGamePage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\WOT WTHUR1, Löschen bei Neustart, [efe5d1332d5e82b4100b9b76fe05f20e], 
PUP.Optional.StartGamePage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\WOT WTUE1, Löschen bei Neustart, [1db7b054bdce8fa743d7e42da45f12ee], 
PUP.Optional.StartGamePage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\WOT WW1, Löschen bei Neustart, [84509d677417f93d19ff39d8b74cf50b], 
PUP.Optional.StartGamePage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\WOT WW2, Löschen bei Neustart, [6e668282117ac07644d4a56c7c873ec2], 
PUP.Optional.StartGamePage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\WOT WWED1, Löschen bei Neustart, [478dfd07d9b20d2963b7f31e778ca65a], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT2625848, In Quarantäne, [8e460cf8e1aae6504518f9a9d430b050], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ELOMMHOJBLMKNINGHAIAJEIJOINKIHMK, In Quarantäne, [fdd71de7dcaf82b40d359483b64d59a7], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-930851909-2753564859-313499025-1000\SOFTWARE\CONDUIT\DistributionEngine, In Quarantäne, [4c88d232a4e74ee87206386a679da25e], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-930851909-2753564859-313499025-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ELOMMHOJBLMKNINGHAIAJEIJOINKIHMK, In Quarantäne, [7460679dc7c483b302412fe85da609f7], 
PUP.Optional.Conduit.A, HKU\S-1-5-21-930851909-2753564859-313499025-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{536AD39F-D48C-4CC2-AAF2-8BFAB983B5E2}, In Quarantäne, [8c4835cf92f9ce68cc2336e3e71cef11], 

Registrierungswerte: 5
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\elommhojblmkninghaiajeijoinkihmk|path, C:\Users\Po0gles\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx, In Quarantäne, [fdd71de7dcaf82b40d359483b64d59a7]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-930851909-2753564859-313499025-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\elommhojblmkninghaiajeijoinkihmk|path, C:\Users\Po0gles\AppData\Local\CRE\elommhojblmkninghaiajeijoinkihmk.crx, In Quarantäne, [7460679dc7c483b302412fe85da609f7]
PUP.Optional.Conduit.A, HKU\S-1-5-21-930851909-2753564859-313499025-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{536AD39F-D48C-4CC2-AAF2-8BFAB983B5E2}|URL, hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848, In Quarantäne, [8c4835cf92f9ce68cc2336e3e71cef11]
PUP.Optional.Conduit.A, HKU\S-1-5-21-930851909-2753564859-313499025-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{536AD39F-D48C-4CC2-AAF2-8BFAB983B5E2}|FaviconURL, hxxp://search.conduit.com/favicon.ico, In Quarantäne, [e2f2669ed8b334027d72b168c63d0bf5]
PUP.Optional.Conduit.A, HKU\S-1-5-21-930851909-2753564859-313499025-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{536AD39F-D48C-4CC2-AAF2-8BFAB983B5E2}|SuggestionsURL_JSON, hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantäne, [0fc5b64e7c0fb1856f80bb5e847f2bd5]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [2fa5d430711ae254d76910fdd92a6d93], 

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Und hier die AdwCleaner Logdatei:

Code:

ATTFilter

# AdwCleaner v4.208 - Bericht erstellt 04/08/2015 um 18:27:50
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-01.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Po0gles - PO0GLES-PC
# Gestarted von : C:\Users\Po0gles\Desktop\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : swdumon

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\SecTaskMan
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Po0gles\AppData\Local\apn
Ordner Gelöscht : C:\Users\Po0gles\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Po0gles\AppData\Local\SecTaskMan
Ordner Gelöscht : C:\Users\Po0gles\AppData\Local\slimware utilities inc
Ordner Gelöscht : C:\Users\Po0gles\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Po0gles\AppData\Roaming\Solvusoft
Ordner Gelöscht : C:\Users\Po0gles\AppData\Roaming\Systweak
Datei Gelöscht : C:\Windows\Reimage.ini
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\System32\drivers\swdumon.sys
Datei Gelöscht : C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Datei Gelöscht : C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ Geplante Tasks ] *****

Task Gelöscht : LaunchSignup
Task Gelöscht : RunAsStdUser Task for VeohWebPlayer
Task Gelöscht : WOT N
Task Gelöscht : WOT T

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\pc-mechanic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8DE67E58-F4FE-4830-A8EC-7B24084E3AA7}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Reimage
Schlüssel Gelöscht : HKCU\Software\SlimWare Utilities Inc
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\SlimWare Utilities Inc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [4841 Bytes] - [04/08/2015 18:24:00]
AdwCleaner[R1].txt - [4898 Bytes] - [04/08/2015 18:27:00]
AdwCleaner[S0].txt - [4418 Bytes] - [04/08/2015 18:27:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4477  Bytes] ##########

Hier der JRT log:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by Po0gles on 04.08.2015 at 18:34:13,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] swdumon [Reboot required]



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\SlimDrivers Startup
Successfully deleted: [Task] C:\Windows\Tasks\SlimDrivers Startup.job



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files

Successfully deleted: [File] C:\Windows\system32\drivers\swdumon.sys



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repair
Successfully deleted: [Folder] C:\Users\Po0gles\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Po0gles\Appdata\Local\slimware utilities inc
Successfully deleted: [Folder] C:\Users\Po0gles\Appdata\Local\worldoftanks
Successfully deleted: [Folder] C:\Users\Po0gles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\free window registry repair
Successfully deleted: [Folder] C:\Users\Po0gles\AppData\Roaming\worldoftanks
Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Po0gles\Appdata\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped

[C:\Users\Po0gles\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Po0gles\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
ajopnjidmegmdimjlfnijceegpefgped

[C:\Users\Po0gles\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Po0gles\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  ajopnjidmegmdimjlfnijceegpefgped,
  booedmolknjekdopkepjjeckmjkdpfgl,
  flpcjncodpafbgdpnkljologafpionhb
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.08.2015 at 18:42:15,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hier der FRST Log:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von Po0gles (Administrator) auf PO0GLES-PC (04-08-2015 18:47:38)
Gestartet von C:\Users\Po0gles\Desktop
Geladene Profile: Po0gles (Verfügbare Profile: Po0gles)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Windows\DAODx.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Users\Po0gles\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-930851909-2753564859-313499025-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2C3B9D2F-5689-4C51-906D-8FB764CCD55E}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{4CA14983-5EDC-48BD-B497-C3F4E8B5C0F2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A8FFBF08-A4D4-41BA-9829-7351ACB37403}: [DhcpNameServer] 7.254.254.254

FireFox:
========
FF ProfilePath: C:\Users\Po0gles\AppData\Roaming\Mozilla\Firefox\Profiles\LNacfPOX.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @gametap.com/npdd,version=1.0 -> C:\Program Files (x86)\Downloader\npdd.dll [2012-07-20] (Metaboli)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2012-10-30] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2014-07-07] ( Garena)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-930851909-2753564859-313499025-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-930851909-2753564859-313499025-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Po0gles\AppData\Roaming\Mozilla\Firefox\Profiles\LNacfPOX.default\Extensions\abs@avira.com [2015-03-09]

Chrome: 
=======
CHR Profile: C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-03]
CHR Extension: (Google Docs) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-10]
CHR Extension: (Google Drive) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-10]
CHR Extension: (YouTube) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-10]
CHR Extension: (Adblock Plus) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-01]
CHR Extension: (Google Search) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-10]
CHR Extension: (ReChat for Twitch™) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2015-03-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Global Twitch Emotes) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2015-07-20]
CHR Extension: (Gmail) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.NDMC55ARS26445QLTPSDZGSHRY - C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-07-22] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-24] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-06] (Disc Soft Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-04] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-29] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U3 am1tw7fh; C:\Windows\System32\Drivers\am1tw7fh.sys [0 ] (Advanced Micro Devices) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Po0gles\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FreshIO; \??\C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 18:47 - 2015-08-04 18:48 - 00017362 _____ C:\Users\Po0gles\Desktop\FRST.txt
2015-08-04 18:42 - 2015-08-04 18:42 - 00002448 _____ C:\Users\Po0gles\Desktop\JRT.txt
2015-08-04 18:33 - 2015-08-04 18:33 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Po0gles\Desktop\JRT.exe
2015-08-04 18:23 - 2015-08-04 18:28 - 00000000 ____D C:\AdwCleaner
2015-08-04 18:23 - 2015-08-04 18:23 - 02248704 _____ C:\Users\Po0gles\Desktop\AdwCleaner_4.208.exe
2015-08-04 18:19 - 2015-08-04 18:19 - 00005177 _____ C:\Users\Po0gles\Desktop\mbam.txt
2015-08-04 17:53 - 2015-08-04 17:53 - 00000000 _____ C:\Windows\system32\REN9C07.tmp
2015-08-04 17:49 - 2015-08-04 17:49 - 00563296 _____ (Oracle Corporation) C:\Users\Po0gles\Downloads\chromeinstall-8u51 (1).exe
2015-08-04 17:48 - 2015-08-04 17:48 - 00563296 _____ (Oracle Corporation) C:\Users\Po0gles\Downloads\chromeinstall-8u51.exe
2015-08-04 17:46 - 2015-08-04 17:46 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-04 12:02 - 2015-08-04 12:02 - 00029270 _____ C:\ComboFix.txt
2015-08-04 11:38 - 2015-08-04 12:02 - 00000000 ____D C:\ComboFix
2015-08-04 11:38 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-04 11:38 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-04 11:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-04 11:36 - 2015-08-04 12:02 - 00000000 ____D C:\Qoobox
2015-08-04 11:36 - 2015-08-04 11:59 - 00000000 ____D C:\Windows\erdnt
2015-08-04 11:35 - 2015-08-04 11:35 - 05634591 ____R (Swearware) C:\Users\Po0gles\Desktop\ComboFix.exe
2015-08-04 11:26 - 2015-08-04 11:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Po0gles\Downloads\revosetup95.exe
2015-08-04 11:26 - 2015-08-04 11:26 - 00001264 _____ C:\Users\Po0gles\Desktop\Revo Uninstaller.lnk
2015-08-04 11:26 - 2015-08-04 11:26 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-03 18:02 - 2015-08-03 18:02 - 00902027 _____ C:\Users\Po0gles\Downloads\ICBINE 3-63839-3-0 (2).rar
2015-08-03 17:24 - 2015-08-03 17:24 - 00902027 _____ C:\Users\Po0gles\Downloads\ICBINE 3-63839-3-0 (1).rar
2015-08-03 16:02 - 2015-08-03 16:03 - 00089042 _____ C:\Users\Po0gles\Downloads\Addition.txt
2015-08-03 16:01 - 2015-08-04 18:47 - 00000000 ____D C:\FRST
2015-08-03 16:01 - 2015-08-03 16:03 - 00052584 _____ C:\Users\Po0gles\Downloads\FRST.txt
2015-08-03 16:00 - 2015-08-03 16:01 - 02169856 _____ (Farbar) C:\Users\Po0gles\Desktop\FRST64.exe
2015-08-03 15:58 - 2015-08-03 15:59 - 205012312 _____ C:\Users\Po0gles\Downloads\avira_antivirus_de-de_15.0.12.408 (1).exe
2015-08-03 14:57 - 2015-08-03 14:57 - 03908184 _____ (Crystal Dew World ) C:\Users\Po0gles\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-08-03 14:57 - 2015-08-03 14:57 - 03908184 _____ (Crystal Dew World ) C:\Users\Po0gles\Downloads\CrystalDiskInfo6_5_2-en (1).exe
2015-08-03 14:50 - 2015-08-03 14:50 - 00003408 ____N C:\bootsqm.dat
2015-08-03 13:33 - 2015-08-03 13:34 - 205012312 _____ C:\Users\Po0gles\Downloads\avira_antivirus_de-de_15.0.12.408.exe
2015-08-03 13:02 - 2015-08-03 13:02 - 00684588 _____ C:\Users\Po0gles\Downloads\ntdll.zip
2015-08-03 12:38 - 2015-08-03 12:38 - 00000000 _____ C:\Users\Po0gles\Desktop\sched.dmp
2015-08-03 11:56 - 2015-08-03 11:56 - 00079705 _____ C:\Users\Po0gles\Downloads\convert2mp3_chrome_addon-2.4.zip
2015-08-03 11:47 - 2015-08-03 23:22 - 00000000 ____D C:\Program Files\iTunes
2015-08-03 11:47 - 2015-08-03 23:22 - 00000000 ____D C:\Program Files\iPod
2015-08-03 11:47 - 2015-08-03 23:22 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-03 11:34 - 2015-08-03 11:35 - 155875632 _____ (Apple Inc.) C:\Users\Po0gles\Downloads\iTunes6464Setup.exe
2015-08-03 11:27 - 2015-08-03 11:27 - 00001713 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-03 11:01 - 2015-08-03 11:01 - 41866030 _____ C:\Users\Po0gles\Downloads\music.7z.tmp
2015-08-03 11:00 - 2015-08-03 11:02 - 41873060 _____ C:\Users\Po0gles\Downloads\music.7z
2015-08-03 10:18 - 2015-08-03 10:18 - 00102286 _____ C:\Users\Po0gles\Downloads\Youtube Mp3 Converter - Browser addon.zip
2015-08-01 22:32 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-01 22:32 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-01 22:32 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-01 22:32 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-01 22:32 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-08-01 22:32 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-21 12:12 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 12:12 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 12:12 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 12:12 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 12:12 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 12:12 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 12:12 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 12:12 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 12:12 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 12:12 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-18 12:46 - 2015-07-18 12:47 - 00586195 _____ C:\Users\Po0gles\Downloads\wopt021.zip
2015-07-17 15:45 - 2015-07-17 15:45 - 00000000 ____D C:\Users\Po0gles\AppData\Local\GWX
2015-07-15 19:06 - 2015-07-15 19:06 - 00000000 ____D C:\Users\Po0gles\Documents\AutoHotKey
2015-07-15 19:05 - 2015-07-15 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-07-15 19:05 - 2015-07-15 19:05 - 00000000 ____D C:\Program Files\AutoHotkey
2015-07-15 19:04 - 2015-07-15 19:05 - 02869078 _____ C:\Users\Po0gles\Downloads\AutoHotkey112203_Install.exe
2015-07-15 19:04 - 2015-07-15 19:04 - 01198368 _____ C:\Users\Po0gles\Downloads\AutoHotkey - CHIP-Installer.exe
2015-07-15 18:57 - 2015-07-15 18:57 - 00034633 _____ C:\Users\Po0gles\Downloads\macro.ahk
2015-07-15 12:29 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 12:29 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 12:29 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 12:29 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 12:29 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 12:29 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 12:29 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 12:29 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 12:29 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 12:29 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 12:29 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 12:29 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 12:29 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 12:29 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 12:29 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 12:29 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 12:29 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 12:29 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 12:29 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 12:29 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 12:29 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 12:29 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 12:29 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 12:29 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 12:29 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 12:29 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 12:29 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 12:29 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 12:29 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 12:29 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 12:29 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 12:29 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 12:29 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 12:29 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 12:29 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 12:29 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 12:29 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 12:29 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 12:29 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 12:29 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 12:29 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 12:29 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 12:29 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 12:29 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 12:29 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 12:29 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 12:29 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 12:29 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 12:29 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 12:29 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 12:29 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 12:29 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 12:29 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 12:29 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 12:29 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 12:29 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 12:29 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 12:29 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 12:29 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 12:29 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 12:28 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 12:28 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 12:28 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:28 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 12:28 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 12:28 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 12:28 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 12:28 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 12:28 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 12:28 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 12:28 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 12:28 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 12:28 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 12:28 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 12:28 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 12:28 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 12:28 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 12:28 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 12:28 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 12:28 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 12:28 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 12:28 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 12:28 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 12:28 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 12:28 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 12:28 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 12:28 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 12:28 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 12:28 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 12:28 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 12:27 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 12:27 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 12:27 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:27 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 12:27 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 12:27 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 12:27 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 12:27 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 12:27 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 12:27 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 12:27 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 12:27 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 12:27 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:27 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 12:27 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 12:20 - 2015-07-15 12:20 - 00302011 _____ C:\Users\Po0gles\Downloads\WindowsUpdateDiagnostic (1).diagcab
2015-07-15 11:46 - 2015-07-15 11:47 - 00000000 ____D C:\Windows\SoftwareDistributionOld
2015-07-15 11:40 - 2015-07-15 11:41 - 00302011 _____ C:\Users\Po0gles\Downloads\WindowsUpdateDiagnostic.diagcab
2015-07-15 11:31 - 2015-07-15 11:32 - 00985600 _____ C:\Users\Po0gles\Downloads\MicrosoftFixit50123.msi
2015-07-15 11:17 - 2015-07-15 11:20 - 188618008 _____ (Microsoft Corporation) C:\Users\Po0gles\Downloads\msert.exe
2015-07-15 11:17 - 2015-07-15 11:20 - 188618008 _____ (Microsoft Corporation) C:\Users\Po0gles\Downloads\msert (1).exe
2015-07-12 17:33 - 2015-07-12 17:41 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\PoESkillTree - The Awakening
2015-07-12 17:33 - 2015-07-12 17:33 - 00001167 _____ C:\Users\Public\Desktop\PoESkillTree - The Awakening.lnk
2015-07-12 17:33 - 2015-07-12 17:33 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\{B5012C21-ECA4-41AF-ABD1-F549D019B7A9}
2015-07-12 17:33 - 2015-07-12 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PoESkillTree - The Awakening
2015-07-12 17:33 - 2015-07-12 17:33 - 00000000 ____D C:\Program Files (x86)\PoESkillTree - The Awakening
2015-07-12 17:30 - 2015-07-12 17:31 - 05925620 _____ (PoESkillTree Team ) C:\Users\Po0gles\Downloads\PoESkillTree-TheAwakening-2.2.0.exe
2015-07-10 20:29 - 2015-07-10 21:05 - 03584430 _____ C:\Users\Po0gles\Downloads\PoESkillTree_Beta (2).zip
2015-07-10 20:26 - 2015-07-10 20:27 - 00206037 _____ C:\Users\Po0gles\Downloads\POESkillTree1.5.zip
2015-07-07 16:54 - 2015-07-07 16:54 - 00301224 _____ C:\Users\Po0gles\Downloads\Fuz Ro Doh 60-14884-6-0.zip
2015-07-05 19:20 - 2015-07-05 19:20 - 00000000 ____D C:\Users\Po0gles\AppData\Local\CEF

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 18:47 - 2012-09-07 19:16 - 01426487 _____ C:\Windows\WindowsUpdate.log
2015-08-04 18:44 - 2014-10-20 16:09 - 00060464 _____ C:\Windows\setupact.log
2015-08-04 18:44 - 2012-09-07 19:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-04 18:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 18:42 - 2009-07-14 06:45 - 00033152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 18:42 - 2009-07-14 06:45 - 00033152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-04 18:34 - 2013-06-10 17:51 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA.job
2015-08-04 18:29 - 2014-10-23 16:33 - 00372274 _____ C:\Windows\PFRO.log
2015-08-04 18:25 - 2015-02-11 00:02 - 02263582 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak
2015-08-04 18:25 - 2015-02-11 00:02 - 02263582 _____ C:\Users\Po0gles\Desktop\InstallLog.xml
2015-08-04 18:25 - 2012-10-16 20:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-04 18:24 - 2015-02-11 00:01 - 00000000 ____D C:\Users\Po0gles\Desktop\overwrites
2015-08-04 18:18 - 2014-05-16 21:27 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-04 18:15 - 2012-09-08 22:29 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-04 17:53 - 2014-10-21 18:15 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-04 17:53 - 2014-02-02 23:34 - 00000000 ____D C:\Program Files\Java
2015-08-04 17:50 - 2014-10-21 18:15 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-04 17:46 - 2014-05-16 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-04 17:46 - 2014-05-16 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-04 14:34 - 2013-06-10 17:51 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core.job
2015-08-04 12:02 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-04 11:52 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-03 23:22 - 2014-02-02 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-08-03 23:22 - 2013-10-18 13:14 - 00000000 ____D C:\ProgramData\Oracle
2015-08-03 23:22 - 2013-10-18 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-03 23:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-08-03 21:27 - 2013-12-18 23:07 - 00000000 ____D C:\Users\Po0gles\AppData\Local\Battle.net
2015-08-03 20:17 - 2013-12-18 23:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-03 17:51 - 2015-06-26 19:39 - 00000000 ____D C:\Users\Po0gles\Desktop\Scripted
2015-08-03 17:51 - 2015-02-11 00:24 - 02255483 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak1
2015-08-03 15:52 - 2015-05-11 22:33 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-08-03 15:52 - 2012-09-08 10:04 - 00000000 ____D C:\ProgramData\Avira
2015-08-03 13:29 - 2014-08-31 13:23 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-03 13:24 - 2012-09-07 19:16 - 00000000 ____D C:\Users\Po0gles
2015-08-03 11:47 - 2012-09-16 13:46 - 00000000 ____D C:\ProgramData\Apple Computer
2015-08-03 11:33 - 2012-09-16 13:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-03 11:29 - 2012-09-16 13:47 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\Apple Computer
2015-08-03 11:27 - 2014-02-27 19:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-08-03 10:12 - 2012-09-08 05:08 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-08-03 10:12 - 2012-09-08 05:08 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-08-03 10:12 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-02 11:52 - 2015-02-11 00:32 - 02186753 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak2
2015-08-02 00:40 - 2014-05-06 22:15 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-02 00:07 - 2012-09-11 18:43 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\Skype
2015-08-01 23:48 - 2013-06-10 17:52 - 00002368 _____ C:\Users\Po0gles\Desktop\Google Chrome.lnk
2015-08-01 22:34 - 2012-09-07 19:29 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-01 22:19 - 2014-01-18 22:05 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-01 22:14 - 2015-04-05 02:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-24 12:06 - 2015-02-11 15:54 - 02186355 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak3
2015-07-24 11:54 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-24 06:21 - 2014-06-02 16:22 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2014-06-02 16:22 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-24 06:21 - 2013-10-28 18:59 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-24 06:21 - 2013-10-28 18:59 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-23 21:08 - 2012-09-12 17:27 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\TS3Client
2015-07-23 12:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-22 11:53 - 2012-09-08 20:36 - 00000000 ____D C:\Users\Po0gles\Desktop\Stuff
2015-07-22 10:38 - 2009-07-14 06:45 - 00358664 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 11:15 - 2012-10-08 15:24 - 00000000 ____D C:\Users\Po0gles\Documents\ManiaPlanet
2015-07-21 11:14 - 2012-10-08 15:17 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-07-21 11:14 - 2012-10-08 15:17 - 00000000 ____D C:\Program Files (x86)\ManiaPlanet
2015-07-16 23:24 - 2015-04-05 02:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 14:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 14:29 - 2013-06-10 17:51 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA
2015-07-16 14:29 - 2013-06-10 17:51 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core
2015-07-15 19:05 - 2010-11-21 09:16 - 00000000 ____D C:\Windows\ShellNew
2015-07-15 16:25 - 2012-10-16 20:05 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 16:25 - 2012-10-16 20:05 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 16:25 - 2012-10-16 20:05 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 12:50 - 2014-12-11 17:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 12:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 12:47 - 2012-12-17 16:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 12:40 - 2013-07-22 02:58 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 12:03 - 2015-04-11 17:15 - 00000517 _____ C:\Users\Po0gles\Desktop\Neues Textdokument (3).txt
2015-07-15 09:08 - 2013-02-12 18:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 09:07 - 2015-05-16 16:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-10 16:42 - 2015-02-11 15:57 - 02169684 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak4
2015-07-08 14:32 - 2015-02-11 16:41 - 02127577 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak5
2015-07-06 16:48 - 2015-06-26 21:22 - 00000850 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-07-06 16:48 - 2015-06-26 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-07-06 16:48 - 2014-07-24 20:35 - 00000000 ____D C:\Program Files\Nexus Mod Manager

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-09-30 22:42 - 2014-05-24 19:06 - 0045270 _____ () C:\Users\Po0gles\AppData\Roaming\room_v3.dat
2013-12-16 14:26 - 2013-12-17 16:46 - 1065984 _____ () C:\Users\Po0gles\AppData\Local\file__0.localstorage
2012-10-01 18:21 - 2015-05-06 16:59 - 0007588 _____ () C:\Users\Po0gles\AppData\Local\Resmon.ResmonCfg
2012-09-28 22:01 - 2012-09-28 22:01 - 1341859 ____N () C:\Users\Po0gles\AppData\Local\Tempmusic.ogg
2014-10-23 23:01 - 2014-10-23 23:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Po0gles\AppData\Local\Temp\Quarantine.exe
C:\Users\Po0gles\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-03 16:52

==================== Ende von log ============================

Po0gles · 04.08.2015, 17:51

Und Zuletzt die Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Po0gles (2015-08-04 18:48:48)
Gestartet von C:\Users\Po0gles\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-930851909-2753564859-313499025-500 - Administrator - Disabled)
Gast (S-1-5-21-930851909-2753564859-313499025-501 - Limited - Disabled)
Po0gles (S-1-5-21-930851909-2753564859-313499025-1000 - Administrator - Enabled) => C:\Users\Po0gles

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

"The last Kingdom" (HKLM-x32\...\"The last Kingdom") (Version:  - )
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{047D5657-1DAC-2B16-E110-F4A9C0E7EF2C}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.1.22.03 (HKLM\...\AutoHotkey) (Version: 1.1.22.03 - Lexikos)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bellum Crucis 6.3 - Bugfixer (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Bellum Crucis 6.3 - Bugfixer) (Version:  - )
Bellum Crucis 6.3 - parte 1 (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Bellum Crucis 6.3 - parte 1) (Version:  - )
Bellum Crucis 6.3 - parte 2 (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Bellum Crucis 6.3 - parte 2) (Version:  - )
BitTorrent (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\BitTorrent) (Version: 7.9.2.32692 - BitTorrent Inc.)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.0 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dota 2 Workshop Tools Alpha (HKLM-x32\...\Steam App 316570) (Version:  - )
Downloader (HKLM-x32\...\Downloader) (Version:  - )
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
DynaGeo 3.5e (HKLM-x32\...\DynaGeo_is1) (Version:  - Roland Mechling)
EE Multiplayer Map Tool v.1.0.1 (evaluation) (HKLM-x32\...\ST6UNST #1) (Version:  - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.0.7.1 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.0.7.1 Alpha - ETS2MP Team)
Forge (HKLM-x32\...\Steam App 223390) (Version:  - Dark Vale Games)
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version:  - )
Google Chrome (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Earth (HKLM-x32\...\{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}) (Version: 7.0.1.8244 - Google)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IB2 Conqvestvs Britanniae III (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\IB2 Conqvestvs Britanniae III) (Version:  - )
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KGCM Patch 4.2 (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\KGCM Patch 4.2) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.2.5.2 (HKLM-x32\...\{8D8F47B2-0E03-4C50-9803-A01120878F96}) (Version: 4.2.5.2 - The Document Foundation)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version:  - Nadeo)
Medieval II - Kingdoms Grand Campaign Mod version 3.0 (HKLM-x32\...\0005kingdoms grand campaign mod_is1) (Version:  - )
Medieval II - Retrofit Mod version 1.0 (HKLM-x32\...\0000RetrofitMod_is1) (Version:  - )
Medieval II - Rule Britannia 1.5 version 1.5 (HKLM-x32\...\0005Rule_Britannia_is1) (Version:  - )
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version:  - )
NehrimUninstaller (HKLM-x32\...\Nehrim - Am Rande des Schicksals_is1) (Version: 1.0.0 - SureAI)
NeoEE Patch (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\NeoEE Patch) (Version: 2.0.0.2 - NeoEE)
NeoEE Patch (x32 Version: 1.0.0 - NeoEE) Hidden
NeoEE Patch (x32 Version: 2.0.0.2 - NeoEE Devlopment) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.7.24334 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PoESkillTree - The Awakening (HKLM-x32\...\{B5012C21-ECA4-41AF-ABD1-F549D019B7A9}_is1) (Version: 2.2.0 - PoESkillTree Team)
Procurement version 1.9.0 (HKLM-x32\...\{E91043A6-7DC5-4C8A-A6E4-9D618A0B80D4}_is1) (Version: 1.9.0 - Stickymaddness)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Reconquista (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Reconquista) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - )
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Sid Meier's Railroads! (HKLM-x32\...\{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}) (Version: 1.00 - Firaxis Games)
Sid Meier's Railroads! (x32 Version: 1.00 - Firaxis Games) Hidden
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1740.1 - Hi-Rez Studios)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
The Settlers III Gold Edition (HKLM-x32\...\S3 Gold) (Version:  - )
The War Z version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - Arktos Entertainment Group LLC)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Unofficial Oblivion Patch v3.4.4 (HKLM-x32\...\Unofficial Oblivion Patch_is1) (Version: 3.4.4 - Quarn, Kivan, and Arthmoor)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XMedia Recode Version 3.1.2.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.2.8 - XMedia Recode)
Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll Keine Datei

==================== Wiederherstellungspunkte =========================

04-08-2015 11:31:26 Revo Uninstaller's restore point - WorldofTanks
04-08-2015 11:34:18 Revo Uninstaller's restore point - CrystalDiskInfo 6.5.2
04-08-2015 18:34:17 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-08-04 11:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06DDBB41-25A3-4B68-9E86-A513222AB41D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {0BB7154E-1B00-4F89-B5B5-3318ED277F5C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {17BE4FDF-B0D4-4CA1-AB02-FD1077CF0A46} - System32\Tasks\{0A389BFB-48BB-4800-8F0C-39B0716D1D20} => pcalua.exe -a C:\Users\Po0gles\Desktop\patch\setup.exe -d C:\Users\Po0gles\Desktop\patch
Task: {1DF6A922-94C7-4149-8855-1DEEE40AF355} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {203C4532-0523-4CF1-BF44-3941FE580B63} - System32\Tasks\{5B421F82-D600-4561-947F-8F28F12CD40C} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\SteamService.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Sanctum\runasadmin.vdf" 91600
Task: {29524348-7B86-422F-9249-8C3497E3CE6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {2CFE3436-ABA9-4D1F-B615-8E3FA7DADF1E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {31F2D5CA-D49B-48E7-BCE2-A329CD543ABC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {36DDC29D-D47A-435D-86B0-D32D3C445EE3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {420B732B-3CE6-4ACC-B515-E60F9FAB32F7} - System32\Tasks\{3BCF84E9-1B6A-4B2C-95F3-05E68648A1CC} => pcalua.exe -a C:\BlueByte\Settlers3\s3old160.exe -d C:\BlueByte\Settlers3
Task: {678CA824-D9C4-4E03-AB88-4A67C70F5C78} - System32\Tasks\Google Updater and Installer => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {68798D6F-08E1-42F7-95E8-4108363C72E5} - System32\Tasks\{EAD4F953-BEA5-4034-B3E7-67B88854F51C} => C:\BlueByte\Settlers3\S3Editor.exe [2000-07-03] ()
Task: {6DF6D0A7-4971-434C-AE22-6B5AD7D679E3} - System32\Tasks\{F29A636C-5DE5-4583-960A-A32902440721} => pcalua.exe -a D:\0data\cbs.exe -d D:\
Task: {BB986966-833A-4779-9305-0DB91EBF9262} - System32\Tasks\{600AC392-594D-4CD3-8727-491DF6312620} => pcalua.exe -a C:\Users\Po0gles\Downloads\Kingdoms_Grand_Campaign_v4.2.exe -d C:\Users\Po0gles\Downloads
Task: {C06797D0-001C-4F2C-8B79-2AA5180F4A80} - System32\Tasks\{383A742D-D0AE-4480-991B-7377D54F2E85} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\VideoPad\uninst.exe"
Task: {C1620C2F-48C5-49C5-A168-EC307468F3F4} - System32\Tasks\{CAB50BE5-9C4F-4517-A838-9674B417ACA9} => pcalua.exe -a "C:\Program Files (x86)\SEGA\Medieval II Total War\mods\Bellum_Crucis_63_Parte2_Uninstaller.exe" -d "C:\Program Files (x86)\SEGA\Medieval II Total War\mods"
Task: {C9DE0B60-BB94-4348-A173-A431216A268B} - System32\Tasks\{2B89B873-A3FA-4874-8F3D-743B31043835} => pcalua.exe -a C:\Users\Po0gles\Downloads\EE_1000-1040_ENDE.exe -d C:\Users\Po0gles\Downloads
Task: {CDBB6687-08D9-4CDF-8008-3D3B6B78FEB3} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {DA9B116F-C8DE-48F2-8624-CE3DD898E458} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {E5F333DF-0F98-45F7-B307-0387A2B66D29} - System32\Tasks\{2764F6CB-1549-4E31-9492-311D5C7174B4} => pcalua.exe -a C:\Users\Po0gles\Desktop\WinFlash_2.31.1\Setup.exe -d C:\Users\Po0gles\Desktop\WinFlash_2.31.1 -c /qn /norestart
Task: {F6776958-5F63-48E0-A857-DF06262C89D6} - System32\Tasks\{138C8E5C-1043-4CF5-8AF0-590571172DDF} => pcalua.exe -a "C:\Users\Po0gles\Downloads\Minecraft Alpha Custom Installer (2).exe" -d C:\Users\Po0gles\Downloads
Task: {FD57758F-4604-496E-8A88-50F1C864111F} - System32\Tasks\{00B07DFE-8450-4614-8FB6-2BBC71AEC751} => pcalua.exe -a "C:\Users\Po0gles\Desktop\Empire Earth.exe" -d C:\Users\Po0gles\Desktop
Task: {FDDDEF8E-213A-46A5-8AE2-89217525A602} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core.job => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA.job => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-09-07 19:29 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-04 22:04 - 2012-07-04 22:04 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-07-04 22:04 - 2012-07-04 22:04 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-06-13 10:36 - 2011-06-13 10:36 - 00922240 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2010-12-02 04:15 - 2010-12-02 04:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2014-10-23 16:28 - 2010-10-21 11:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2013-01-29 02:05 - 2015-05-24 12:44 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2014-10-23 16:28 - 2015-08-04 18:44 - 00032256 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2014-10-23 16:28 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2015-05-06 15:31 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-01 23:47 - 2015-07-25 10:46 - 01405768 _____ () C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-08-01 23:47 - 2015-07-25 10:46 - 00081224 _____ () C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\44.0.2403.125\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-930851909-2753564859-313499025-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Po0gles\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: HiPatchService => 2
MSCONFIG\startupfolder: C:^Users^Po0gles^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BitTorrent => "C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{09659166-E78E-4712-8EFB-397EFE139D16}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{5F3F9014-4D0A-4600-8452-B9B00C70C89E}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{1EBEAE3A-B468-4BC0-935F-E6FA74DB4C5F}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{FA8C7172-C82F-48C1-AEFF-EA0CD62D1ECE}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{8E4708C9-E302-4F0E-881F-5C925D0CD7FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{408FEF36-F54A-4266-8C0D-B9AD36186358}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9F8DDB5-B953-4F80-8117-DB20AA2D1555}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E8265E4E-05B5-41D2-A02C-C3C9FF0D6854}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DA4DBBE2-5CDA-4450-8E97-FF2E947DEF14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D62B8B79-5828-4E03-B101-704141537745}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EDDA7849-7AB7-47B9-AC49-A69D5EA5A263}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{0236C5A8-D5C4-40B8-9703-FACE28D0ED2E}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{435C51D7-16D3-4EC2-B499-198E72E8B98A}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{3FC625E5-3E96-4C0D-BBF0-19B6B0D53615}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{759EA014-74EC-46D7-A2F4-5C7284BD5BBD}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{CF9385F9-48C5-4337-AD2E-5264AC4C2644}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{9F8556D6-7BDF-4FE8-A3BF-3BEF1A15C765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{67CF3A47-F294-4EA3-B661-34B12A97D88D}C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [UDP Query User{3A889703-5EE2-4902-8507-CE6B5C1A2438}C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [{04B2CE9A-6B0A-4C79-90DE-7CCE3B0AE163}] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [{B40F2917-7BBE-4831-85CC-09C82D48E8C9}] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [{DAE10449-CD68-474D-BE30-D3EB4D4DB1B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{00E61F2D-FA47-4875-ADC4-BBDF115A7C8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{5719FD3C-B429-4E24-9A7B-2D192275F0F9}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [{2FDAC4E8-1218-465B-95DB-C4A05E588F56}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [{C06E6E17-C650-4165-B24C-065E5A4C746F}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{1C2D97B4-381A-4C14-9EE2-B3D2907C03AE}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [TCP Query User{7D8162B1-9691-418E-998D-93B3BBC421E1}C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat] => (Allow) C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat
FirewallRules: [UDP Query User{E3B87E49-0CAB-4E15-9A4F-FD46BD824955}C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat] => (Allow) C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat
FirewallRules: [{45B804F5-CC3C-4EEC-9FB0-7F915817CD98}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{08780311-398A-4D37-84FB-21919C12FAA4}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{B60C2830-8E39-44A9-A484-139B769EAC94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{355FF499-A075-4008-9989-89DD4D18AE89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{7D4695C8-F5C7-46F4-A4B9-13AEF078DBE1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{A8B8F3CE-DA1D-41B5-B7C4-DF30EE32C97A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{81150DEE-A87C-4E21-82CC-70AC1F6D5F50}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{5C300720-0359-43E1-A579-98DD701F66B2}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [TCP Query User{53913C83-B023-45EA-BEC1-6F963B6F4F17}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{4C4AF124-DC91-45B7-AE51-586A74CA5526}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{DE258844-59B4-43BE-9E8F-51FBAA07F303}] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{580D1CA8-FC92-42F9-905F-A32749CBDD17}] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{30A6067C-5036-4623-AB03-59549411454E}] => (Allow) C:\Program Files (x86)\Garena Plus\Room\garena_room.exe
FirewallRules: [TCP Query User{CDF16D67-69FD-45A5-A1B4-71E142A416EB}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Block) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [UDP Query User{F70492AB-3D36-48B5-A2FF-C9180F1A7BE1}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Block) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [TCP Query User{9BD695B5-38F4-4D8B-9ABF-E8BD175100A0}C:\program files (x86)\sega\medieval ii total war\medieval2.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [UDP Query User{74FFA622-654D-4F27-A3CD-B5DAFB8A2D73}C:\program files (x86)\sega\medieval ii total war\medieval2.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [{FC07BF47-F3F5-4930-A93A-F3995A11AE15}] => (Block) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [{0FFE15FD-997E-4FE3-BAE7-86718E380C92}] => (Block) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [TCP Query User{DCE12AB8-B306-46E9-9E67-A0E5FA0FF72E}C:\users\po0gles\documents\the warz\infestation.exe] => (Allow) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [UDP Query User{5DBBA82A-7DD3-4F31-9056-98185725C632}C:\users\po0gles\documents\the warz\infestation.exe] => (Allow) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [{8F2D6673-B515-41D8-8A77-BF75446E53BD}] => (Block) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [{FD0B5488-BD84-4359-8DE1-AE4340209D4E}] => (Block) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [TCP Query User{B582E288-1E82-4165-9B36-CF20F9CB5310}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{BF4E30D9-B08D-4A0F-B77A-FC6293740E48}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{578D1D81-4AEB-4F6D-B1C3-EBB11289A327}C:\program files (x86)\sega\medieval ii total war\kingdoms.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [UDP Query User{7D0E7711-60C9-4653-AF69-2E23F4B0A10F}C:\program files (x86)\sega\medieval ii total war\kingdoms.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [{9BEFB73D-6622-41FE-B2E5-4DE12E6CFCAE}] => (Block) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [{A5EC792E-8768-4619-B7D2-E89BBC6DD904}] => (Block) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [TCP Query User{B64EC44E-51B4-4986-866E-03F50A24A0BA}C:\sierra\empire earth\empire earth.backup.exe] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [UDP Query User{3D4E6FA2-7706-4AA6-A0D8-20F0317A71B9}C:\sierra\empire earth\empire earth.backup.exe] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [{25E8F564-6578-4BA1-8821-73216DDF1A86}] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [{23E64E1D-5C43-4397-A42F-2CB346E08BE4}] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [TCP Query User{D05E53FF-0D6C-445B-9789-9FCA7F79E0EC}C:\sierra\ee-zde\ee-aoc.exe] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [UDP Query User{70B5BB2C-00FE-4779-95A9-5814E31B9043}C:\sierra\ee-zde\ee-aoc.exe] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [{DC991222-FC62-475D-93F1-3DB95A8FCA7A}] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [{24153C70-0B1D-4487-A98E-6E678C479D03}] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [TCP Query User{5C5E36FE-C604-4ED0-AB7F-5E48A673C57C}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{45511264-ADB0-4BAE-BC69-F4EC59D7B827}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{F53CF9F3-3E24-4A60-9221-CD64D56D0EAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{630C8711-7806-4F73-AFCF-027C558BF883}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5B93A4F4-4DFB-48B0-9FEB-18292BB259CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{998FDA30-BB60-4E34-87E1-72BB51CC8EF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E812317D-DA20-4EC2-A2AA-6AD08A386AAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{3333EEC4-A758-484F-ACF8-5995626E0C7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{6B59F988-E04B-4690-B987-07B33C85CA48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\CreationKit.exe
FirewallRules: [{C6F40407-BC98-4DEE-8CF8-F97EA51FBE67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\CreationKit.exe
FirewallRules: [TCP Query User{588EDF6B-2679-4CF1-9349-D030010E9C8E}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{86673A2D-F83C-42B6-A129-2CC1608301CF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{BE374EE2-919F-43FF-8B70-9766F4C599F2}] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [{001F5314-68D0-49A6-960D-1468DEB4AD4E}] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{EBD587F0-75BD-4B06-8890-B9EE85C3473D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D2BFDE38-B50A-4469-9942-1BF02654AC54}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E5231F9F-D587-4A68-9ABF-0772F9986CF1}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [UDP Query User{FF54FA06-B71E-40AD-AD33-CAACEDD6A1BC}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [TCP Query User{1551D2BB-9EDB-4363-9002-515B095EFF1C}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{D3C28643-21F9-4C8E-A153-E446C8FC0358}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{9F0B3803-BE77-4039-8B1F-402D371EFE77}] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{F304B339-523F-4DCF-8F1A-11E98B0F0750}] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{BB9FD833-8A29-4C0A-8CBA-7E187C79435C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3B175549-576F-464A-89D4-9EDB48FBD875}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CAC09894-3010-45E2-AE7C-4D60B5441014}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4BB795B8-F09C-4329-A353-74861A381B5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B37A2D5-6618-4639-925F-7A9CB40134FD}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3FD57333-DB7E-4C4A-860D-B072DBA9DF82}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3215A418-E659-44D3-9BAF-32FDE7DB5327}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{80C7D7EE-7737-43E4-AC3F-F0FDE7D9A340}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C25B8783-ED5D-4E3A-8B5F-DC36C6E170C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B128D88-550F-402C-8ECE-64CC80F3DE3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{7C245DFC-4520-4E62-890C-23A037BD14FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B70A02CB-B414-4071-9084-D47CCA4930A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{664233F0-0891-40BC-B9A5-0B310D0998DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{40E3BA92-A3C6-408C-951C-6B11DE61CC42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{0B5091F6-D2D9-48F3-BD0D-3E666AF4A366}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{3767B97C-A0AE-41B6-904D-6F19D997EEA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{12391F95-B829-4B6F-89F7-DE284619D1C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{F3D59FDB-68FC-427B-93B8-3646802B8F2E}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{3F2083C8-16D6-4DFE-840A-27305DEF7FAA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{8CFA8FC2-0CA2-48DC-8363-5101318E39ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4AE04F12-48D0-4D53-89B2-F03CADF1D480}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5DCBFA4D-57CB-4A7C-9D50-3B20F8E2A18D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D296C840-6A2D-451E-A8BB-5C9CA8FF9364}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{38C46737-5C8F-4A38-926B-5D80A8CCF059}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{EB86EC8A-0C1A-4C26-888B-C65E0EA40510}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{255F56D3-24FD-456D-BF57-D388D3EB779A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{00D9F994-8E0C-44C4-92FB-E3384B782B69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7706470D-F3BD-4E99-9C64-9B5897024A85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{99A83029-809A-4483-B3DD-FCD948C7103A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BBA6CEDF-A11D-4259-8AED-DED45034C52D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{9269A289-4AD5-44B1-A551-F26287688D69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B0ECE9F4-93C0-4A42-8692-FE10AE3B7FA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9E0DE38B-FCDA-4FC2-9164-284C67369EC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DB95E0F2-1481-4FC1-A76E-685B4F4908C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B9B2FD0C-84BD-4730-BDF5-5D15B59DEA44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{38F787A8-6A52-4B8B-B7F5-79E6D4771F39}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F21AF757-6732-41C0-B3AD-427E207C81BC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{79799E83-9170-4A41-8FFA-B21A9B8FE7F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9ADEFF5A-1462-454E-8D3D-C4EB6290A8E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F3BD7286-53F9-47C9-AEDD-73AA592602E0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{ADD96A5C-8036-4302-9F4E-8323E067025D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A2F7A9B1-BC20-4B9D-B551-6BC711A66D6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7DCB2F56-5024-48B6-91B3-FF947A11D52C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8DE003E1-7708-4083-AC41-CC7319589A3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{8F13248F-BC7C-474C-B9A7-9E6F00BABAFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{17903EA3-328F-44F9-8F03-5079E2344E40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{03497433-641E-4FDD-8F0B-8C5E549A039A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0EC0B6FC-28B1-4431-850D-366A6E81BF07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{D651CA79-2004-4566-8920-D659F995C8CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F8A8316C-58A4-4272-B8E5-B6A82F5A7BE6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{E02A9719-040A-494B-91E3-23EC710BBA5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{76226352-6EF4-49A2-BDCA-2B8A6097513C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{43446A12-0A3F-4816-A4D0-07EF2B6B70A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{C865885B-C76F-48D6-8108-78E09936ACE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DBA3F375-4528-4786-A55C-7841718805F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{46600C2E-CF40-4A5B-9612-274DD95DF047}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C362542C-DC65-4AB2-8436-5530BFDBA009}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D8382640-699A-4CC3-B79D-1092E9C63489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{90CA2043-108B-474A-A0AB-1B3CCBDB58F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C613959B-EADA-45FC-82F0-4282DFAD090F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [{FBE4BC43-7632-4B6A-8D25-1D793A006FA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [{CA74FD7E-EE85-47D6-978F-8C7048E5EBFE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E59A06D2-FF4B-4E82-BEB1-69F6ADA73B0B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E874B13E-1F40-4BD1-AA52-9702E50C3966}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{54669148-EF0C-49F5-B58F-6A13A5D01D8E}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{C051D6F7-97A0-4178-9C06-936934A7F902}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{8BB92BCA-573F-4287-AB50-1557F3D089B6}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{1A688049-D72D-4536-8277-AAB18968F104}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [{AF6CB5A4-8122-4A4C-8FD3-14B821632ED6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [TCP Query User{00060EA9-9A9D-4A46-B2EB-191D639DD0BA}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{EA9EBA9C-F03E-4286-B815-2135750AE011}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{3655AA9B-3B63-4B20-A09E-8666F4A0CE5F}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{B266870F-0F71-46C5-A108-ADF8D1EBFB14}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{3DD5B4CE-F914-4F14-AE7B-F4B5F426F759}] => (Allow) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
FirewallRules: [{A3C9E570-7EB6-4778-9B58-BF8B2BCBD9A6}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{23F8A940-AA9F-47A7-9857-BE851F569186}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{8D89E576-4513-4ECA-B6BC-9DA5606921B7}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{2CC94D1E-EC09-472C-838D-585F6907E59B}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{9F7F9F80-1B53-4943-88AF-F5B0FE6C2CF7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{3EF30DA2-AB17-4582-B532-73B77FD87995}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{D8EB383E-2BCD-4031-8D20-101590139531}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{9B8D9C4B-B393-4E14-9748-12B12A570641}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{55F814BA-19FE-4ECA-81CC-DF0197D1CEE1}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{5855EF2A-F018-4DB2-B9F9-914E8FCFA4BB}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{D56ED53A-7101-4B87-B49A-B57E69F1A115}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{0144BA9C-0BEE-4373-85C5-567CF53A581F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{5AC124C0-1DC1-4E16-AAEE-00BC7B896F1D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{58DD91AC-98C7-41FA-A848-A572E2694DD0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{64727803-A639-495C-AC9B-EB279CC25850}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{69B90118-3F7D-4253-9F92-79FD059DFDB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{100C2006-F36C-4E11-A75E-CBABB5CC0C04}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{1A257707-1840-42DB-AA5B-F8AB524DB6B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{276FE320-14D3-40F1-BB09-A55D51802B46}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{C8F79C44-F2C2-4AB3-8072-671D445B837F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{FDA07ECE-6BDE-42A6-881F-F5A7CD8AB0EA}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{168E564A-F468-4136-ACDE-C35A4BC673EC}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{697A7D2B-7DB0-4767-A0E6-70B16920E95F}C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [UDP Query User{25461CE8-23A2-4A36-B81C-BB2BD83C6F36}C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [TCP Query User{5588CE3D-C879-442B-89F9-49421B9D222A}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{98F2D887-142E-4DCD-8088-57736708EEB0}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{4AD060B0-404C-400C-8D69-82866D882BF7}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{F5098EA9-3C70-4DB6-BE26-965BDD444F0B}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{9B8DAC58-3C3B-4222-A322-465F82686018}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{89349378-E644-493F-9FF4-075ECE9BE50A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{3C760E99-B90C-49CE-B135-353D297944B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{82CD8633-5D24-4C6F-A9A8-A9BDEC82BB11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C68CB0E6-18FE-4EED-B8A5-228DFB7B6D64}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDF659B6-77C1-4C92-8B54-5989B7C73F6C}] => (Allow) LPort=2869
FirewallRules: [{EF9E0390-6FA5-46F4-9D47-E2775990885A}] => (Allow) LPort=1900
FirewallRules: [{9127A163-17DB-45D1-8575-C895CD3635D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{6CB8FF39-41D1-4F3C-9E5B-23336CEC8F12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{8BF2BBB1-2040-414B-868D-DCD9DFAF8CA3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{A7C71DF7-D4AF-4747-A099-DFC8FA4F6DF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{13D01A7D-7CE2-4B11-8E48-45239A11C364}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{804AC24C-C513-4A43-9937-3CC270DFD7B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{7A79C847-30B3-4D8E-97C3-A712DAF20F4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{B23FE913-626B-44EC-B6F7-B364A2A9F9AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [TCP Query User{242B0DF8-B51D-4B0B-9120-055A45B82124}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{9680519D-B9F0-4FCF-9A81-46ABE2EAC601}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [TCP Query User{7388EA12-A663-4A0F-9B1F-D4DDF45D08B7}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{64D2F909-D03A-47A9-924E-EE3766A23913}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{D8220A93-F305-4EFA-8684-620A674A5475}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E1A742A8-7E43-4F08-8A0D-331D3125A6B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{A3506F4D-7638-4759-96F5-69ACB3D31E23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{6DCB8B99-4978-4595-A21A-92DEA8AC5B64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{A4927937-071B-4E30-A705-589AD344FE1E}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{EA394093-0C2E-45C7-80B1-6590F04D736A}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [{F31E2FA1-7AAA-4239-A4FF-DCCD61C58CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{453605AA-9959-4D58-8118-47B66A1E0D2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{9D30BD7F-6407-424D-9A50-B4A2DF626CBF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5CF51841-C2CC-40E2-98B4-F5C54C6CFA1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{20A5AE14-424B-4C71-83AD-F3181467BF6B}] => (Allow) C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C3AD2846-D331-4C00-AAB2-C968BBF8F0A1}] => (Allow) C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{B06F97ED-D519-4514-A31A-0FC48151DBB3}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [UDP Query User{690A3B6D-DBE4-4A0D-8766-C322B6D7378D}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [TCP Query User{FDBCD20D-CCB7-465B-871C-C7DAAD57792E}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [UDP Query User{989BF3D3-9EE1-4FE8-982D-FCE8473D49F4}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [{6EB1ABB1-126E-49D3-A4E9-02D7E65A633B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{2B6E303F-FFCA-4200-AEB5-99363D4CD19F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{718C337D-2E64-41CA-A0F7-244B31AA6CD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{09C66128-8088-4BA7-A947-86F0F188E39A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B109102E-7DFA-4782-B812-B67ED8165FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C8F3E627-5831-4477-A35F-A402F6024BDD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{875FE039-FB80-4522-B1A1-3F3CA7D52822}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{5B00A3EC-6D07-49E5-88F9-518CCDC32230}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{BBDAC0C0-95AD-4961-8F2B-46986A5CEC8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{67A00C1B-8401-4E2C-9E91-248D39AFB66B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{3F774A3F-746A-4B53-ACFB-AFE1FA9C6245}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2cfg.exe
FirewallRules: [{59540169-8030-4CB1-9F87-3717A3B10B7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2cfg.exe
FirewallRules: [{91FE019F-9727-4F64-A180-3125451E305F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{834A4019-CEB3-4D8F-963A-3D500662B8AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [TCP Query User{09930B68-4539-4506-8734-EBFA2109D4C2}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [UDP Query User{BB0D2075-C111-4D3E-B858-E63FFAC060B6}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [{198F36B9-B1B8-4665-A6DA-61E703F90ED5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{9F1423E2-10F7-4421-ABFA-E7BC253F49AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{B8F76673-B504-4D63-B02A-19D938C7DFB9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{FCBF5FD9-1459-4939-9C36-A48AF366645A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{6B0AF022-0AEC-4A3C-9EF5-8DA058CB63E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{DF4381CE-23B6-4A81-ACB4-A5F6A7F7795D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{5CC0C758-1754-4886-8CF2-1CF5E4D065E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{BE9DCE20-5655-4034-AEBF-066F5E8DE08D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{7D2E2389-93A4-41F1-8FB4-BF55939FC54A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{934873B1-3BF7-4FD7-954E-8C1B519D1735}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{CA43679D-70EC-4E86-9C00-ED7BF0503D96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{DBBB847A-36CD-4C3A-8439-F6C3A7B52A3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [TCP Query User{6D938E60-7ED2-45AE-AC83-6A2F73004AF2}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [UDP Query User{9692A475-DFB6-4DD8-9E0B-DCE1DB7BC06A}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [TCP Query User{57480D91-8844-4E5C-A9CD-5BABE6CD54C4}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [UDP Query User{03D59975-8DAB-47FD-A669-8E52C416D3EF}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [TCP Query User{CC852DF1-0771-40C0-B1F0-07C44EEC94EE}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{CA815513-A38E-4C5A-8B77-8E31CE412692}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{EAAFE444-FDC5-486E-BB5C-17D5D09A6EBC}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{77B3D6A3-3BC4-4950-B626-2946EB993F10}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [{A80C4A8E-CC90-47C4-97E4-5F5E8C6F343C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{FEDF4704-F0E6-4EDF-8538-8D5FE45DFD21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{DC7F7AEA-85F6-4FC4-9E09-6265B1579BB4}C:\programdata\battle.net\agent\agent.3526\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3526\agent.exe
FirewallRules: [UDP Query User{CC7D1A77-FEAB-4FF7-8028-F045E35B9121}C:\programdata\battle.net\agent\agent.3526\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3526\agent.exe
FirewallRules: [{1E080F29-E294-40AF-91E8-9DD8D89AA938}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{AED9BCA8-3D7A-4A0D-AD08-8BE713FD5D8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{F79C60A9-FA96-4AD8-A572-9D436C24486B}C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe
FirewallRules: [UDP Query User{4C180491-3928-4F2D-BA02-533F730725CA}C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe
FirewallRules: [TCP Query User{6BE64B3D-2451-4879-973D-DCC9D0FC7CCD}C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5E3C9295-7123-4342-9FEF-114503F6ED86}C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{93CC89E4-F8B0-41B6-B137-6C415734CD26}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{6037B23A-ACF7-4C43-9CF6-992C9A72C139}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{AD9DB2D2-3189-4CEF-B05E-E79FC67749E2}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{956D9F83-D6D1-411D-AC5F-7E4415C85C15}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{7B72D76D-0451-4432-A1E4-37ED45CD58F9}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B1879650-8862-4AF4-AB99-0DCE2F23B406}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7603DB9F-A2B5-4144-943B-BB9EFFADF2F8}C:\users\po0gles\desktop\ygopro devpro\devpro.dll] => (Allow) C:\users\po0gles\desktop\ygopro devpro\devpro.dll
FirewallRules: [UDP Query User{94759FBE-F90D-48B4-A904-C98A05C1E918}C:\users\po0gles\desktop\ygopro devpro\devpro.dll] => (Allow) C:\users\po0gles\desktop\ygopro devpro\devpro.dll
FirewallRules: [{25DAACAC-B92D-493B-8BA7-A22689AF9D4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{5856DCD6-1F3D-4C7F-A986-16FDDE9D7B4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{DB9BAD0D-8181-4660-BB5E-C3AC2AF1D040}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{78EAD350-E4EE-4329-BD54-57E87E146F6F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3D61F93C-BAAB-4596-8C0F-8410F9F78B0D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9715385F-A0BA-48FE-AC99-E87DDF0F54AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{66C8E8F2-18B6-4CAF-AB02-1D1366BF80F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{F2B2E7B5-9340-49EE-B0B0-15213A9A0489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{05F0DB0B-6BA8-4AF2-9E9D-772416768679}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{82FC2220-8487-4FF5-9A09-FD00E49D72AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{BE420DC5-98CB-4AA6-A6C1-22C71FBF3737}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{CD14F31B-782A-4578-A93A-C4A4B9CF198B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{6ECE52ED-F744-4EB4-8220-907806DDC9BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{C0D6B0E0-E5AC-43FD-B536-097BA034FF45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{0C3CF743-D1F6-439F-8AFA-C2ED8E211A64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{4B0E6D51-E7C5-44F6-87A7-92C0CBD8904F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{9B2468AB-E30C-483D-889E-04FDAA287DAF}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{DFF03144-DCD7-4F3B-ACD0-C75AE0145716}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E4AD85BE-41E2-4885-B4CB-3EE866E3FE73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{159317B0-213C-4485-8FD2-5E3718A12F5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{7DB36D6A-8E10-49A3-9F03-BB81865BE22A}C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe
FirewallRules: [UDP Query User{78C8BFA0-9EF0-4CE6-B153-336ECA23FB68}C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe
FirewallRules: [TCP Query User{E4129B15-0E66-412C-91D6-47EC6AB59666}C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe
FirewallRules: [UDP Query User{FA9E65F3-3B8A-417C-8F2B-900F5BF89E95}C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe
FirewallRules: [{D801C96D-027F-4620-9666-816D82AF9428}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F21308C0-9CD7-41C5-82F5-7DEFB9178243}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8DAD7DE2-2666-4C27-8D9C-92AA751B223A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7FA0531F-5036-4CDD-80DA-D10DD5FABF83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{06ECB473-74CD-4891-8F16-F6E2DC1DFBDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: TAP-Win32 Adapter V9 (Tunngle) #2
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/04/2015 06:45:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 06:31:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 06:18:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 06:15:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4ff4f602
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x6d0
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (08/04/2015 05:52:42 PM) (Source: MsiInstaller) (EventID: 10005) (User: Po0gles-PC)
Description: Produkt: Java(TM) 6 Update 26 -- Interner Fehler 2753. regutils.dll

Error: (08/04/2015 11:22:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 01:53:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4ff4f602
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x708
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (08/03/2015 03:56:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 03:38:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 02:51:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/04/2015 06:35:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/04/2015 06:35:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/04/2015 06:35:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/04/2015 06:35:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/04/2015 06:35:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/04/2015 06:35:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/04/2015 06:35:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/04/2015 06:35:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/04/2015 06:35:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/04/2015 06:35:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-08-04 11:49:46.477
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-08-04 11:49:46.430
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-23 15:47:31.317
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-23 15:47:31.224
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Processor: AMD FX(tm)-4100 Quad-Core Processor 
Percentage of memory in use: 44%
Total physical RAM: 4042.44 MB
Available physical RAM: 2237.82 MB
Total Virtual: 4240.65 MB
Available Virtual: 2228.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:62.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 686E7D52)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Ende von log ============================

schrauber · 05.08.2015, 08:09

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Po0gles · 05.08.2015, 17:21

Puh, das hat gedauert. Hier der log von ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f81495729cf7a8449c61da16939de3ad
# end=init
# utc_time=2015-08-05 09:44:52
# local_time=2015-08-05 11:44:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25130
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f81495729cf7a8449c61da16939de3ad
# end=updated
# utc_time=2015-08-05 09:46:41
# local_time=2015-08-05 11:46:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f81495729cf7a8449c61da16939de3ad
# engine=25130
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-05 02:13:31
# local_time=2015-08-05 04:13:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 17778 190413861 0 0
# scanned=578144
# found=6
# cleaned=6
# scan_time=16009
sh=9CE5F659BDD89907624541CB98681224CA75D886 ft=1 fh=9b9a5086efdbb0a1 vn="Variante von Win64/Systweak.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=A9AF20BAB92EC036274CEF500920B1EBC229F283 ft=1 fh=9f3e55497974f842 vn="Variante von Generik.FQMNCYT Trojaner (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Maxis\SimCity 4 Deluxe\Apps\SimCity 4.exe"
sh=F4E4A6463FD1C441823741F87B375F08B814F408 ft=1 fh=c0aac7f44027dd98 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe"
sh=F4E4A6463FD1C441823741F87B375F08B814F408 ft=1 fh=c0aac7f44027dd98 vn="Variante von Win32/AdkDLLWrapper.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Po0gles\AppData\Roaming\BitTorrent\updates\7.9.2_32692.exe"
sh=5F1B511B86AEF179B860622EFF6D682BCD102B3E ft=1 fh=cb802253c71f7c42 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Po0gles\Downloads\AutoHotkey - CHIP-Installer.exe"
sh=315249333E8B573C1B8BC20A4E0B13D43608D9B1 ft=1 fh=31bd7608ab6d88f0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Po0gles\Downloads\Process Explorer - CHIP-Installer.exe"

...Hier der SecurityCheck log:

Code:

ATTFilter

 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 51  
 Adobe Flash Player 18.0.0.209  
 Adobe Reader XI  
 Google Chrome (44.0.2403.125) 
 Google Chrome (44.0.2403.89) 
 Google Chrome (proxtube.crx..) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST:

Edit: Aus irgendwelchen gründen wird mir die Addition.txt nicht dazugeliefert. Auch nach wiederholter Untersuchung bekomme ich immer nur den FRST log

.
Edit2: Wurde jetzt doch mitgeliefert. Keine ahnung was da los war

.

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von Po0gles (Administrator) auf PO0GLES-PC (05-08-2015 18:19:31)
Gestartet von C:\Users\Po0gles\Desktop
Geladene Profile: Po0gles (Verfügbare Profile: Po0gles)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Windows\DAODx.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Users\Po0gles\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-930851909-2753564859-313499025-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2C3B9D2F-5689-4C51-906D-8FB764CCD55E}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{4CA14983-5EDC-48BD-B497-C3F4E8B5C0F2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A8FFBF08-A4D4-41BA-9829-7351ACB37403}: [DhcpNameServer] 7.254.254.254

FireFox:
========
FF ProfilePath: C:\Users\Po0gles\AppData\Roaming\Mozilla\Firefox\Profiles\LNacfPOX.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @gametap.com/npdd,version=1.0 -> C:\Program Files (x86)\Downloader\npdd.dll [2012-07-20] (Metaboli)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2012-10-30] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2014-07-07] ( Garena)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-930851909-2753564859-313499025-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-930851909-2753564859-313499025-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Po0gles\AppData\Roaming\Mozilla\Firefox\Profiles\LNacfPOX.default\Extensions\abs@avira.com [2015-03-09]

Chrome: 
=======
CHR Profile: C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-03]
CHR Extension: (Google Docs) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-10]
CHR Extension: (Google Drive) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-10]
CHR Extension: (YouTube) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-10]
CHR Extension: (Adblock Plus) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-01]
CHR Extension: (Google Search) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-10]
CHR Extension: (ReChat for Twitch™) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2015-03-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Global Twitch Emotes) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2015-07-20]
CHR Extension: (Gmail) - C:\Users\Po0gles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.NDMC55ARS26445QLTPSDZGSHRY - C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-07-22] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2013-08-28] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-24] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-06] (Disc Soft Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-29] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U3 aqc0pjrc; C:\Windows\System32\Drivers\aqc0pjrc.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Po0gles\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FreshIO; \??\C:\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-05 18:12 - 2015-08-05 18:12 - 00852684 _____ C:\Users\Po0gles\Desktop\SecurityCheck.exe
2015-08-05 11:44 - 2015-08-05 11:44 - 02870984 _____ (ESET) C:\Users\Po0gles\Downloads\esetsmartinstaller_deu.exe
2015-08-05 11:44 - 2015-08-05 11:44 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-04 18:48 - 2015-08-04 18:49 - 00089441 _____ C:\Users\Po0gles\Desktop\Addition.txt
2015-08-04 18:47 - 2015-08-05 18:19 - 00017719 _____ C:\Users\Po0gles\Desktop\FRST.txt
2015-08-04 18:42 - 2015-08-04 18:42 - 00002448 _____ C:\Users\Po0gles\Desktop\JRT.txt
2015-08-04 18:33 - 2015-08-04 18:33 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Po0gles\Desktop\JRT.exe
2015-08-04 18:23 - 2015-08-04 18:28 - 00000000 ____D C:\AdwCleaner
2015-08-04 18:23 - 2015-08-04 18:23 - 02248704 _____ C:\Users\Po0gles\Desktop\AdwCleaner_4.208.exe
2015-08-04 18:19 - 2015-08-04 18:19 - 00005177 _____ C:\Users\Po0gles\Desktop\mbam.txt
2015-08-04 17:53 - 2015-08-04 17:53 - 00000000 _____ C:\Windows\system32\REN9C07.tmp
2015-08-04 17:49 - 2015-08-04 17:49 - 00563296 _____ (Oracle Corporation) C:\Users\Po0gles\Downloads\chromeinstall-8u51 (1).exe
2015-08-04 17:48 - 2015-08-04 17:48 - 00563296 _____ (Oracle Corporation) C:\Users\Po0gles\Downloads\chromeinstall-8u51.exe
2015-08-04 17:46 - 2015-08-04 17:46 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-04 12:02 - 2015-08-04 12:02 - 00029270 _____ C:\ComboFix.txt
2015-08-04 11:38 - 2015-08-04 12:02 - 00000000 ____D C:\ComboFix
2015-08-04 11:38 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-04 11:38 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-04 11:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-04 11:38 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-04 11:36 - 2015-08-04 12:02 - 00000000 ____D C:\Qoobox
2015-08-04 11:36 - 2015-08-04 11:59 - 00000000 ____D C:\Windows\erdnt
2015-08-04 11:35 - 2015-08-04 11:35 - 05634591 ____R (Swearware) C:\Users\Po0gles\Desktop\ComboFix.exe
2015-08-04 11:26 - 2015-08-04 11:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Po0gles\Downloads\revosetup95.exe
2015-08-04 11:26 - 2015-08-04 11:26 - 00001264 _____ C:\Users\Po0gles\Desktop\Revo Uninstaller.lnk
2015-08-04 11:26 - 2015-08-04 11:26 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-03 18:02 - 2015-08-03 18:02 - 00902027 _____ C:\Users\Po0gles\Downloads\ICBINE 3-63839-3-0 (2).rar
2015-08-03 17:24 - 2015-08-03 17:24 - 00902027 _____ C:\Users\Po0gles\Downloads\ICBINE 3-63839-3-0 (1).rar
2015-08-03 16:02 - 2015-08-03 16:03 - 00089042 _____ C:\Users\Po0gles\Downloads\Addition.txt
2015-08-03 16:01 - 2015-08-05 18:19 - 00000000 ____D C:\FRST
2015-08-03 16:01 - 2015-08-03 16:03 - 00052584 _____ C:\Users\Po0gles\Downloads\FRST.txt
2015-08-03 16:00 - 2015-08-03 16:01 - 02169856 _____ (Farbar) C:\Users\Po0gles\Desktop\FRST64.exe
2015-08-03 15:58 - 2015-08-03 15:59 - 205012312 _____ C:\Users\Po0gles\Downloads\avira_antivirus_de-de_15.0.12.408 (1).exe
2015-08-03 14:57 - 2015-08-03 14:57 - 03908184 _____ (Crystal Dew World ) C:\Users\Po0gles\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-08-03 14:57 - 2015-08-03 14:57 - 03908184 _____ (Crystal Dew World ) C:\Users\Po0gles\Downloads\CrystalDiskInfo6_5_2-en (1).exe
2015-08-03 14:50 - 2015-08-03 14:50 - 00003408 ____N C:\bootsqm.dat
2015-08-03 13:33 - 2015-08-03 13:34 - 205012312 _____ C:\Users\Po0gles\Downloads\avira_antivirus_de-de_15.0.12.408.exe
2015-08-03 13:02 - 2015-08-03 13:02 - 00684588 _____ C:\Users\Po0gles\Downloads\ntdll.zip
2015-08-03 12:38 - 2015-08-03 12:38 - 00000000 _____ C:\Users\Po0gles\Desktop\sched.dmp
2015-08-03 11:56 - 2015-08-03 11:56 - 00079705 _____ C:\Users\Po0gles\Downloads\convert2mp3_chrome_addon-2.4.zip
2015-08-03 11:47 - 2015-08-03 23:22 - 00000000 ____D C:\Program Files\iTunes
2015-08-03 11:47 - 2015-08-03 23:22 - 00000000 ____D C:\Program Files\iPod
2015-08-03 11:47 - 2015-08-03 23:22 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-03 11:34 - 2015-08-03 11:35 - 155875632 _____ (Apple Inc.) C:\Users\Po0gles\Downloads\iTunes6464Setup.exe
2015-08-03 11:27 - 2015-08-03 11:27 - 00001713 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-03 11:01 - 2015-08-03 11:01 - 41866030 _____ C:\Users\Po0gles\Downloads\music.7z.tmp
2015-08-03 11:00 - 2015-08-03 11:02 - 41873060 _____ C:\Users\Po0gles\Downloads\music.7z
2015-08-03 10:18 - 2015-08-03 10:18 - 00102286 _____ C:\Users\Po0gles\Downloads\Youtube Mp3 Converter - Browser addon.zip
2015-08-01 22:32 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-01 22:32 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-01 22:32 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-01 22:32 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-01 22:32 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-01 22:32 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-08-01 22:32 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-21 12:12 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 12:12 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 12:12 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 12:12 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 12:12 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 12:12 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 12:12 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 12:12 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 12:12 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 12:12 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-18 12:46 - 2015-07-18 12:47 - 00586195 _____ C:\Users\Po0gles\Downloads\wopt021.zip
2015-07-17 15:45 - 2015-07-17 15:45 - 00000000 ____D C:\Users\Po0gles\AppData\Local\GWX
2015-07-15 19:06 - 2015-07-15 19:06 - 00000000 ____D C:\Users\Po0gles\Documents\AutoHotKey
2015-07-15 19:05 - 2015-07-15 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-07-15 19:05 - 2015-07-15 19:05 - 00000000 ____D C:\Program Files\AutoHotkey
2015-07-15 19:04 - 2015-07-15 19:05 - 02869078 _____ C:\Users\Po0gles\Downloads\AutoHotkey112203_Install.exe
2015-07-15 18:57 - 2015-07-15 18:57 - 00034633 _____ C:\Users\Po0gles\Downloads\macro.ahk
2015-07-15 12:29 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 12:29 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 12:29 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 12:29 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 12:29 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 12:29 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 12:29 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 12:29 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 12:29 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 12:29 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 12:29 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 12:29 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 12:29 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 12:29 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 12:29 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 12:29 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 12:29 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 12:29 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 12:29 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 12:29 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 12:29 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 12:29 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 12:29 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 12:29 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 12:29 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 12:29 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 12:29 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 12:29 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 12:29 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 12:29 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 12:29 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 12:29 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 12:29 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 12:29 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 12:29 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 12:29 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 12:29 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 12:29 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 12:29 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 12:29 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 12:29 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 12:29 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 12:29 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 12:29 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 12:29 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 12:29 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 12:29 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 12:29 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 12:29 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 12:29 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 12:29 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 12:29 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 12:29 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 12:29 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 12:29 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 12:29 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 12:29 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 12:29 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 12:29 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 12:29 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 12:28 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 12:28 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 12:28 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 12:28 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 12:28 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:28 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 12:28 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 12:28 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 12:28 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 12:28 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 12:28 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 12:28 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 12:28 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 12:28 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 12:28 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 12:28 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 12:28 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 12:28 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 12:28 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 12:28 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 12:28 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 12:28 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 12:28 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 12:28 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 12:28 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 12:28 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 12:28 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 12:28 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 12:28 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 12:28 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 12:28 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 12:28 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 12:28 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 12:28 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 12:28 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 12:27 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 12:27 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 12:27 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:27 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 12:27 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 12:27 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 12:27 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 12:27 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 12:27 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 12:27 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 12:27 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 12:27 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 12:27 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:27 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 12:27 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 12:20 - 2015-07-15 12:20 - 00302011 _____ C:\Users\Po0gles\Downloads\WindowsUpdateDiagnostic (1).diagcab
2015-07-15 11:46 - 2015-07-15 11:47 - 00000000 ____D C:\Windows\SoftwareDistributionOld
2015-07-15 11:40 - 2015-07-15 11:41 - 00302011 _____ C:\Users\Po0gles\Downloads\WindowsUpdateDiagnostic.diagcab
2015-07-15 11:31 - 2015-07-15 11:32 - 00985600 _____ C:\Users\Po0gles\Downloads\MicrosoftFixit50123.msi
2015-07-15 11:17 - 2015-07-15 11:20 - 188618008 _____ (Microsoft Corporation) C:\Users\Po0gles\Downloads\msert.exe
2015-07-15 11:17 - 2015-07-15 11:20 - 188618008 _____ (Microsoft Corporation) C:\Users\Po0gles\Downloads\msert (1).exe
2015-07-12 17:33 - 2015-08-05 00:30 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\PoESkillTree - The Awakening
2015-07-12 17:33 - 2015-07-12 17:33 - 00001167 _____ C:\Users\Public\Desktop\PoESkillTree - The Awakening.lnk
2015-07-12 17:33 - 2015-07-12 17:33 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\{B5012C21-ECA4-41AF-ABD1-F549D019B7A9}
2015-07-12 17:33 - 2015-07-12 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PoESkillTree - The Awakening
2015-07-12 17:33 - 2015-07-12 17:33 - 00000000 ____D C:\Program Files (x86)\PoESkillTree - The Awakening
2015-07-12 17:30 - 2015-07-12 17:31 - 05925620 _____ (PoESkillTree Team ) C:\Users\Po0gles\Downloads\PoESkillTree-TheAwakening-2.2.0.exe
2015-07-10 20:29 - 2015-07-10 21:05 - 03584430 _____ C:\Users\Po0gles\Downloads\PoESkillTree_Beta (2).zip
2015-07-10 20:26 - 2015-07-10 20:27 - 00206037 _____ C:\Users\Po0gles\Downloads\POESkillTree1.5.zip
2015-07-07 16:54 - 2015-07-07 16:54 - 00301224 _____ C:\Users\Po0gles\Downloads\Fuz Ro Doh 60-14884-6-0.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-05 17:57 - 2012-09-07 19:16 - 01479370 _____ C:\Windows\WindowsUpdate.log
2015-08-05 17:34 - 2013-06-10 17:51 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA.job
2015-08-05 17:25 - 2012-10-16 20:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-05 16:12 - 2014-08-06 11:37 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\BitTorrent
2015-08-05 16:07 - 2012-09-08 22:29 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-05 15:57 - 2015-02-11 00:01 - 00000000 ____D C:\Users\Po0gles\Desktop\overwrites
2015-08-05 14:34 - 2013-06-10 17:51 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core.job
2015-08-05 13:10 - 2014-05-16 21:27 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-05 11:22 - 2009-07-14 06:45 - 00033152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-05 11:22 - 2009-07-14 06:45 - 00033152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-05 10:52 - 2014-10-20 16:09 - 00060632 _____ C:\Windows\setupact.log
2015-08-05 10:52 - 2012-09-07 19:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-05 10:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-05 00:22 - 2013-12-18 23:07 - 00000000 ____D C:\Users\Po0gles\AppData\Local\Battle.net
2015-08-04 23:52 - 2013-12-18 23:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-04 19:10 - 2015-02-11 00:02 - 02264990 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak
2015-08-04 19:10 - 2015-02-11 00:02 - 02264990 _____ C:\Users\Po0gles\Desktop\InstallLog.xml
2015-08-04 18:29 - 2014-10-23 16:33 - 00372274 _____ C:\Windows\PFRO.log
2015-08-04 18:25 - 2015-02-11 00:24 - 02263582 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak1
2015-08-04 17:53 - 2014-10-21 18:15 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-04 17:53 - 2014-02-02 23:34 - 00000000 ____D C:\Program Files\Java
2015-08-04 17:50 - 2014-10-21 18:15 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-04 17:46 - 2014-05-16 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-04 17:46 - 2014-05-16 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-04 12:02 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-04 11:52 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-03 23:22 - 2014-02-02 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-08-03 23:22 - 2013-10-18 13:14 - 00000000 ____D C:\ProgramData\Oracle
2015-08-03 23:22 - 2013-10-18 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-03 23:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-08-03 17:51 - 2015-06-26 19:39 - 00000000 ____D C:\Users\Po0gles\Desktop\Scripted
2015-08-03 17:51 - 2015-02-11 00:32 - 02255483 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak2
2015-08-03 15:52 - 2015-05-11 22:33 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-08-03 15:52 - 2012-09-08 10:04 - 00000000 ____D C:\ProgramData\Avira
2015-08-03 13:29 - 2014-08-31 13:23 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-03 13:24 - 2012-09-07 19:16 - 00000000 ____D C:\Users\Po0gles
2015-08-03 11:47 - 2012-09-16 13:46 - 00000000 ____D C:\ProgramData\Apple Computer
2015-08-03 11:33 - 2012-09-16 13:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-03 11:29 - 2012-09-16 13:47 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\Apple Computer
2015-08-03 11:27 - 2014-02-27 19:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-08-03 10:12 - 2012-09-08 05:08 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-08-03 10:12 - 2012-09-08 05:08 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-08-03 10:12 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-02 11:52 - 2015-02-11 15:54 - 02186753 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak3
2015-08-02 00:40 - 2014-05-06 22:15 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-02 00:07 - 2012-09-11 18:43 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\Skype
2015-08-01 23:48 - 2013-06-10 17:52 - 00002368 _____ C:\Users\Po0gles\Desktop\Google Chrome.lnk
2015-08-01 22:34 - 2012-09-07 19:29 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-01 22:19 - 2014-01-18 22:05 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-01 22:14 - 2015-04-05 02:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-24 12:06 - 2015-02-11 15:57 - 02186355 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak4
2015-07-24 11:54 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-24 06:21 - 2014-06-02 16:22 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2014-06-02 16:22 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-24 06:21 - 2013-10-28 18:59 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-24 06:21 - 2013-10-28 18:59 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-23 21:08 - 2012-09-12 17:27 - 00000000 ____D C:\Users\Po0gles\AppData\Roaming\TS3Client
2015-07-23 12:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-22 11:53 - 2012-09-08 20:36 - 00000000 ____D C:\Users\Po0gles\Desktop\Stuff
2015-07-22 10:38 - 2009-07-14 06:45 - 00358664 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 11:15 - 2012-10-08 15:24 - 00000000 ____D C:\Users\Po0gles\Documents\ManiaPlanet
2015-07-21 11:14 - 2012-10-08 15:17 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-07-21 11:14 - 2012-10-08 15:17 - 00000000 ____D C:\Program Files (x86)\ManiaPlanet
2015-07-16 23:24 - 2015-04-05 02:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 14:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 14:29 - 2013-06-10 17:51 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA
2015-07-16 14:29 - 2013-06-10 17:51 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core
2015-07-15 19:05 - 2010-11-21 09:16 - 00000000 ____D C:\Windows\ShellNew
2015-07-15 16:25 - 2012-10-16 20:05 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 16:25 - 2012-10-16 20:05 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 16:25 - 2012-10-16 20:05 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 12:50 - 2014-12-11 17:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 12:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 12:47 - 2012-12-17 16:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 12:40 - 2013-07-22 02:58 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 12:03 - 2015-04-11 17:15 - 00000517 _____ C:\Users\Po0gles\Desktop\Neues Textdokument (3).txt
2015-07-15 09:08 - 2013-02-12 18:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 09:07 - 2015-05-16 16:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-10 16:42 - 2015-02-11 16:41 - 02169684 _____ C:\Users\Po0gles\Desktop\InstallLog.xml.bak5
2015-07-06 16:48 - 2015-06-26 21:22 - 00000850 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-07-06 16:48 - 2015-06-26 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-07-06 16:48 - 2014-07-24 20:35 - 00000000 ____D C:\Program Files\Nexus Mod Manager

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-09-30 22:42 - 2014-05-24 19:06 - 0045270 _____ () C:\Users\Po0gles\AppData\Roaming\room_v3.dat
2013-12-16 14:26 - 2013-12-17 16:46 - 1065984 _____ () C:\Users\Po0gles\AppData\Local\file__0.localstorage
2012-10-01 18:21 - 2015-05-06 16:59 - 0007588 _____ () C:\Users\Po0gles\AppData\Local\Resmon.ResmonCfg
2012-09-28 22:01 - 2012-09-28 22:01 - 1341859 ____N () C:\Users\Po0gles\AppData\Local\Tempmusic.ogg
2014-10-23 23:01 - 2014-10-23 23:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Po0gles\AppData\Local\Temp\Quarantine.exe
C:\Users\Po0gles\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-03 16:52

==================== Ende von log ============================

Po0gles · 05.08.2015, 17:50

Hier doch noch die Addition.txt

:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Po0gles (2015-08-05 18:26:36)
Gestartet von C:\Users\Po0gles\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-930851909-2753564859-313499025-500 - Administrator - Disabled)
Gast (S-1-5-21-930851909-2753564859-313499025-501 - Limited - Disabled)
Po0gles (S-1-5-21-930851909-2753564859-313499025-1000 - Administrator - Enabled) => C:\Users\Po0gles

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

"The last Kingdom" (HKLM-x32\...\"The last Kingdom") (Version:  - )
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{047D5657-1DAC-2B16-E110-F4A9C0E7EF2C}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.1.22.03 (HKLM\...\AutoHotkey) (Version: 1.1.22.03 - Lexikos)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bellum Crucis 6.3 - Bugfixer (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Bellum Crucis 6.3 - Bugfixer) (Version:  - )
Bellum Crucis 6.3 - parte 1 (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Bellum Crucis 6.3 - parte 1) (Version:  - )
Bellum Crucis 6.3 - parte 2 (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Bellum Crucis 6.3 - parte 2) (Version:  - )
BitTorrent (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\BitTorrent) (Version: 7.9.2.32692 - BitTorrent Inc.)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.0 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dota 2 Workshop Tools Alpha (HKLM-x32\...\Steam App 316570) (Version:  - )
Downloader (HKLM-x32\...\Downloader) (Version:  - )
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
DynaGeo 3.5e (HKLM-x32\...\DynaGeo_is1) (Version:  - Roland Mechling)
EE Multiplayer Map Tool v.1.0.1 (evaluation) (HKLM-x32\...\ST6UNST #1) (Version:  - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.0.7.1 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.0.7.1 Alpha - ETS2MP Team)
Forge (HKLM-x32\...\Steam App 223390) (Version:  - Dark Vale Games)
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version:  - )
Google Chrome (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Earth (HKLM-x32\...\{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}) (Version: 7.0.1.8244 - Google)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IB2 Conqvestvs Britanniae III (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\IB2 Conqvestvs Britanniae III) (Version:  - )
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KGCM Patch 4.2 (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\KGCM Patch 4.2) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.2.5.2 (HKLM-x32\...\{8D8F47B2-0E03-4C50-9803-A01120878F96}) (Version: 4.2.5.2 - The Document Foundation)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version:  - Nadeo)
Medieval II - Kingdoms Grand Campaign Mod version 3.0 (HKLM-x32\...\0005kingdoms grand campaign mod_is1) (Version:  - )
Medieval II - Retrofit Mod version 1.0 (HKLM-x32\...\0000RetrofitMod_is1) (Version:  - )
Medieval II - Rule Britannia 1.5 version 1.5 (HKLM-x32\...\0005Rule_Britannia_is1) (Version:  - )
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.05.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version:  - )
NehrimUninstaller (HKLM-x32\...\Nehrim - Am Rande des Schicksals_is1) (Version: 1.0.0 - SureAI)
NeoEE Patch (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\NeoEE Patch) (Version: 2.0.0.2 - NeoEE)
NeoEE Patch (x32 Version: 1.0.0 - NeoEE) Hidden
NeoEE Patch (x32 Version: 2.0.0.2 - NeoEE Devlopment) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.7.24334 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PoESkillTree - The Awakening (HKLM-x32\...\{B5012C21-ECA4-41AF-ABD1-F549D019B7A9}_is1) (Version: 2.2.0 - PoESkillTree Team)
Procurement version 1.9.0 (HKLM-x32\...\{E91043A6-7DC5-4C8A-A6E4-9D618A0B80D4}_is1) (Version: 1.9.0 - Stickymaddness)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Reconquista (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Reconquista) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - )
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Sid Meier's Railroads! (HKLM-x32\...\{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}) (Version: 1.00 - Firaxis Games)
Sid Meier's Railroads! (x32 Version: 1.00 - Firaxis Games) Hidden
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1740.1 - Hi-Rez Studios)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
The Settlers III Gold Edition (HKLM-x32\...\S3 Gold) (Version:  - )
The War Z version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - Arktos Entertainment Group LLC)
Third Age - Total War 3.0 (Part 1of2) (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKU\S-1-5-21-930851909-2753564859-313499025-1000\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Unofficial Oblivion Patch v3.4.4 (HKLM-x32\...\Unofficial Oblivion Patch_is1) (Version: 3.4.4 - Quarn, Kivan, and Arthmoor)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XMedia Recode Version 3.1.2.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.2.8 - XMedia Recode)
Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-930851909-2753564859-313499025-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Po0gles\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll Keine Datei

==================== Wiederherstellungspunkte =========================

04-08-2015 11:31:26 Revo Uninstaller's restore point - WorldofTanks
04-08-2015 11:34:18 Revo Uninstaller's restore point - CrystalDiskInfo 6.5.2
04-08-2015 18:34:17 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-08-04 11:52 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06DDBB41-25A3-4B68-9E86-A513222AB41D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {0BB7154E-1B00-4F89-B5B5-3318ED277F5C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {17BE4FDF-B0D4-4CA1-AB02-FD1077CF0A46} - System32\Tasks\{0A389BFB-48BB-4800-8F0C-39B0716D1D20} => pcalua.exe -a C:\Users\Po0gles\Desktop\patch\setup.exe -d C:\Users\Po0gles\Desktop\patch
Task: {1DF6A922-94C7-4149-8855-1DEEE40AF355} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {203C4532-0523-4CF1-BF44-3941FE580B63} - System32\Tasks\{5B421F82-D600-4561-947F-8F28F12CD40C} => pcalua.exe -a "C:\Program Files (x86)\Steam\bin\SteamService.exe" -d "C:\Program Files (x86)\Steam" -c /installscript "C:\Program Files (x86)\Steam\steamapps\common\Sanctum\runasadmin.vdf" 91600
Task: {29524348-7B86-422F-9249-8C3497E3CE6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {2CFE3436-ABA9-4D1F-B615-8E3FA7DADF1E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {31F2D5CA-D49B-48E7-BCE2-A329CD543ABC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {36DDC29D-D47A-435D-86B0-D32D3C445EE3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {420B732B-3CE6-4ACC-B515-E60F9FAB32F7} - System32\Tasks\{3BCF84E9-1B6A-4B2C-95F3-05E68648A1CC} => pcalua.exe -a C:\BlueByte\Settlers3\s3old160.exe -d C:\BlueByte\Settlers3
Task: {678CA824-D9C4-4E03-AB88-4A67C70F5C78} - System32\Tasks\Google Updater and Installer => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {68798D6F-08E1-42F7-95E8-4108363C72E5} - System32\Tasks\{EAD4F953-BEA5-4034-B3E7-67B88854F51C} => C:\BlueByte\Settlers3\S3Editor.exe [2000-07-03] ()
Task: {6DF6D0A7-4971-434C-AE22-6B5AD7D679E3} - System32\Tasks\{F29A636C-5DE5-4583-960A-A32902440721} => pcalua.exe -a D:\0data\cbs.exe -d D:\
Task: {BB986966-833A-4779-9305-0DB91EBF9262} - System32\Tasks\{600AC392-594D-4CD3-8727-491DF6312620} => pcalua.exe -a C:\Users\Po0gles\Downloads\Kingdoms_Grand_Campaign_v4.2.exe -d C:\Users\Po0gles\Downloads
Task: {C06797D0-001C-4F2C-8B79-2AA5180F4A80} - System32\Tasks\{383A742D-D0AE-4480-991B-7377D54F2E85} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\VideoPad\uninst.exe"
Task: {C1620C2F-48C5-49C5-A168-EC307468F3F4} - System32\Tasks\{CAB50BE5-9C4F-4517-A838-9674B417ACA9} => pcalua.exe -a "C:\Program Files (x86)\SEGA\Medieval II Total War\mods\Bellum_Crucis_63_Parte2_Uninstaller.exe" -d "C:\Program Files (x86)\SEGA\Medieval II Total War\mods"
Task: {C9DE0B60-BB94-4348-A173-A431216A268B} - System32\Tasks\{2B89B873-A3FA-4874-8F3D-743B31043835} => pcalua.exe -a C:\Users\Po0gles\Downloads\EE_1000-1040_ENDE.exe -d C:\Users\Po0gles\Downloads
Task: {CDBB6687-08D9-4CDF-8008-3D3B6B78FEB3} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {DA9B116F-C8DE-48F2-8624-CE3DD898E458} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)
Task: {E5F333DF-0F98-45F7-B307-0387A2B66D29} - System32\Tasks\{2764F6CB-1549-4E31-9492-311D5C7174B4} => pcalua.exe -a C:\Users\Po0gles\Desktop\WinFlash_2.31.1\Setup.exe -d C:\Users\Po0gles\Desktop\WinFlash_2.31.1 -c /qn /norestart
Task: {F6776958-5F63-48E0-A857-DF06262C89D6} - System32\Tasks\{138C8E5C-1043-4CF5-8AF0-590571172DDF} => pcalua.exe -a "C:\Users\Po0gles\Downloads\Minecraft Alpha Custom Installer (2).exe" -d C:\Users\Po0gles\Downloads
Task: {FD57758F-4604-496E-8A88-50F1C864111F} - System32\Tasks\{00B07DFE-8450-4614-8FB6-2BBC71AEC751} => pcalua.exe -a "C:\Users\Po0gles\Desktop\Empire Earth.exe" -d C:\Users\Po0gles\Desktop
Task: {FDDDEF8E-213A-46A5-8AE2-89217525A602} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000Core.job => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-930851909-2753564859-313499025-1000UA.job => C:\Users\Po0gles\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-09-07 19:29 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-04 22:04 - 2012-07-04 22:04 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-07-04 22:04 - 2012-07-04 22:04 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-06-13 10:36 - 2011-06-13 10:36 - 00922240 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2010-12-02 04:15 - 2010-12-02 04:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2014-10-23 16:28 - 2010-10-21 11:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2013-01-29 02:05 - 2015-05-24 12:44 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2014-10-23 16:28 - 2015-08-05 10:52 - 00032256 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2014-10-23 16:28 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2015-05-06 15:31 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 18:10 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-03 19:50 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-03 19:50 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-03 19:50 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 17:37 - 2015-07-31 20:17 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 19:52 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 19:52 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 19:52 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 19:52 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 19:52 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-09-08 22:30 - 2015-07-31 20:17 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-07 18:26 - 2015-07-27 03:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-09-08 22:30 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-01 23:47 - 2015-07-25 10:46 - 01405768 _____ () C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-08-01 23:47 - 2015-07-25 10:46 - 00081224 _____ () C:\Users\Po0gles\AppData\Local\Google\Chrome\Application\44.0.2403.125\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-930851909-2753564859-313499025-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Po0gles\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: HiPatchService => 2
MSCONFIG\startupfolder: C:^Users^Po0gles^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BitTorrent => "C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GarenaPlus => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{09659166-E78E-4712-8EFB-397EFE139D16}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{5F3F9014-4D0A-4600-8452-B9B00C70C89E}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{1EBEAE3A-B468-4BC0-935F-E6FA74DB4C5F}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{FA8C7172-C82F-48C1-AEFF-EA0CD62D1ECE}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{8E4708C9-E302-4F0E-881F-5C925D0CD7FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{408FEF36-F54A-4266-8C0D-B9AD36186358}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9F8DDB5-B953-4F80-8117-DB20AA2D1555}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E8265E4E-05B5-41D2-A02C-C3C9FF0D6854}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DA4DBBE2-5CDA-4450-8E97-FF2E947DEF14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D62B8B79-5828-4E03-B101-704141537745}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EDDA7849-7AB7-47B9-AC49-A69D5EA5A263}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{0236C5A8-D5C4-40B8-9703-FACE28D0ED2E}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{435C51D7-16D3-4EC2-B499-198E72E8B98A}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{3FC625E5-3E96-4C0D-BBF0-19B6B0D53615}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{759EA014-74EC-46D7-A2F4-5C7284BD5BBD}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{CF9385F9-48C5-4337-AD2E-5264AC4C2644}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{9F8556D6-7BDF-4FE8-A3BF-3BEF1A15C765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{67CF3A47-F294-4EA3-B661-34B12A97D88D}C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [UDP Query User{3A889703-5EE2-4902-8507-CE6B5C1A2438}C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [{04B2CE9A-6B0A-4C79-90DE-7CCE3B0AE163}] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [{B40F2917-7BBE-4831-85CC-09C82D48E8C9}] => (Allow) C:\users\po0gles\desktop\games\firefly studios\stronghold crusader.exe
FirewallRules: [{DAE10449-CD68-474D-BE30-D3EB4D4DB1B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{00E61F2D-FA47-4875-ADC4-BBDF115A7C8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{5719FD3C-B429-4E24-9A7B-2D192275F0F9}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [{2FDAC4E8-1218-465B-95DB-C4A05E588F56}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [{C06E6E17-C650-4165-B24C-065E5A4C746F}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{1C2D97B4-381A-4C14-9EE2-B3D2907C03AE}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [TCP Query User{7D8162B1-9691-418E-998D-93B3BBC421E1}C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat] => (Allow) C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat
FirewallRules: [UDP Query User{E3B87E49-0CAB-4E15-9A4F-FD46BD824955}C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat] => (Allow) C:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\patchget.dat
FirewallRules: [{45B804F5-CC3C-4EEC-9FB0-7F915817CD98}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{08780311-398A-4D37-84FB-21919C12FAA4}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat
FirewallRules: [{B60C2830-8E39-44A9-A484-139B769EAC94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{355FF499-A075-4008-9989-89DD4D18AE89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{7D4695C8-F5C7-46F4-A4B9-13AEF078DBE1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{A8B8F3CE-DA1D-41B5-B7C4-DF30EE32C97A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{81150DEE-A87C-4E21-82CC-70AC1F6D5F50}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{5C300720-0359-43E1-A579-98DD701F66B2}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [TCP Query User{53913C83-B023-45EA-BEC1-6F963B6F4F17}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{4C4AF124-DC91-45B7-AE51-586A74CA5526}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{DE258844-59B4-43BE-9E8F-51FBAA07F303}] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{580D1CA8-FC92-42F9-905F-A32749CBDD17}] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [{30A6067C-5036-4623-AB03-59549411454E}] => (Allow) C:\Program Files (x86)\Garena Plus\Room\garena_room.exe
FirewallRules: [TCP Query User{CDF16D67-69FD-45A5-A1B4-71E142A416EB}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Block) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [UDP Query User{F70492AB-3D36-48B5-A2FF-C9180F1A7BE1}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Block) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe
FirewallRules: [TCP Query User{9BD695B5-38F4-4D8B-9ABF-E8BD175100A0}C:\program files (x86)\sega\medieval ii total war\medieval2.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [UDP Query User{74FFA622-654D-4F27-A3CD-B5DAFB8A2D73}C:\program files (x86)\sega\medieval ii total war\medieval2.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [{FC07BF47-F3F5-4930-A93A-F3995A11AE15}] => (Block) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [{0FFE15FD-997E-4FE3-BAE7-86718E380C92}] => (Block) C:\program files (x86)\sega\medieval ii total war\medieval2.exe
FirewallRules: [TCP Query User{DCE12AB8-B306-46E9-9E67-A0E5FA0FF72E}C:\users\po0gles\documents\the warz\infestation.exe] => (Allow) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [UDP Query User{5DBBA82A-7DD3-4F31-9056-98185725C632}C:\users\po0gles\documents\the warz\infestation.exe] => (Allow) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [{8F2D6673-B515-41D8-8A77-BF75446E53BD}] => (Block) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [{FD0B5488-BD84-4359-8DE1-AE4340209D4E}] => (Block) C:\users\po0gles\documents\the warz\infestation.exe
FirewallRules: [TCP Query User{B582E288-1E82-4165-9B36-CF20F9CB5310}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{BF4E30D9-B08D-4A0F-B77A-FC6293740E48}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{578D1D81-4AEB-4F6D-B1C3-EBB11289A327}C:\program files (x86)\sega\medieval ii total war\kingdoms.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [UDP Query User{7D0E7711-60C9-4653-AF69-2E23F4B0A10F}C:\program files (x86)\sega\medieval ii total war\kingdoms.exe] => (Allow) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [{9BEFB73D-6622-41FE-B2E5-4DE12E6CFCAE}] => (Block) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [{A5EC792E-8768-4619-B7D2-E89BBC6DD904}] => (Block) C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
FirewallRules: [TCP Query User{B64EC44E-51B4-4986-866E-03F50A24A0BA}C:\sierra\empire earth\empire earth.backup.exe] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [UDP Query User{3D4E6FA2-7706-4AA6-A0D8-20F0317A71B9}C:\sierra\empire earth\empire earth.backup.exe] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [{25E8F564-6578-4BA1-8821-73216DDF1A86}] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [{23E64E1D-5C43-4397-A42F-2CB346E08BE4}] => (Allow) C:\sierra\empire earth\empire earth.backup.exe
FirewallRules: [TCP Query User{D05E53FF-0D6C-445B-9789-9FCA7F79E0EC}C:\sierra\ee-zde\ee-aoc.exe] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [UDP Query User{70B5BB2C-00FE-4779-95A9-5814E31B9043}C:\sierra\ee-zde\ee-aoc.exe] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [{DC991222-FC62-475D-93F1-3DB95A8FCA7A}] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [{24153C70-0B1D-4487-A98E-6E678C479D03}] => (Allow) C:\sierra\ee-zde\ee-aoc.exe
FirewallRules: [TCP Query User{5C5E36FE-C604-4ED0-AB7F-5E48A673C57C}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{45511264-ADB0-4BAE-BC69-F4EC59D7B827}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{F53CF9F3-3E24-4A60-9221-CD64D56D0EAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{630C8711-7806-4F73-AFCF-027C558BF883}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5B93A4F4-4DFB-48B0-9FEB-18292BB259CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{998FDA30-BB60-4E34-87E1-72BB51CC8EF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E812317D-DA20-4EC2-A2AA-6AD08A386AAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{3333EEC4-A758-484F-ACF8-5995626E0C7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{6B59F988-E04B-4690-B987-07B33C85CA48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\CreationKit.exe
FirewallRules: [{C6F40407-BC98-4DEE-8CF8-F97EA51FBE67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\CreationKit.exe
FirewallRules: [TCP Query User{588EDF6B-2679-4CF1-9349-D030010E9C8E}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{86673A2D-F83C-42B6-A129-2CC1608301CF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{BE374EE2-919F-43FF-8B70-9766F4C599F2}] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [{001F5314-68D0-49A6-960D-1468DEB4AD4E}] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{EBD587F0-75BD-4B06-8890-B9EE85C3473D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D2BFDE38-B50A-4469-9942-1BF02654AC54}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E5231F9F-D587-4A68-9ABF-0772F9986CF1}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [UDP Query User{FF54FA06-B71E-40AD-AD33-CAACEDD6A1BC}C:\program files (x86)\garena plus\room\garena_room.exe] => (Allow) C:\program files (x86)\garena plus\room\garena_room.exe
FirewallRules: [TCP Query User{1551D2BB-9EDB-4363-9002-515B095EFF1C}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{D3C28643-21F9-4C8E-A153-E446C8FC0358}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{9F0B3803-BE77-4039-8B1F-402D371EFE77}] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{F304B339-523F-4DCF-8F1A-11E98B0F0750}] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{BB9FD833-8A29-4C0A-8CBA-7E187C79435C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3B175549-576F-464A-89D4-9EDB48FBD875}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CAC09894-3010-45E2-AE7C-4D60B5441014}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4BB795B8-F09C-4329-A353-74861A381B5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B37A2D5-6618-4639-925F-7A9CB40134FD}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3FD57333-DB7E-4C4A-860D-B072DBA9DF82}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3215A418-E659-44D3-9BAF-32FDE7DB5327}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{80C7D7EE-7737-43E4-AC3F-F0FDE7D9A340}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C25B8783-ED5D-4E3A-8B5F-DC36C6E170C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B128D88-550F-402C-8ECE-64CC80F3DE3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{7C245DFC-4520-4E62-890C-23A037BD14FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B70A02CB-B414-4071-9084-D47CCA4930A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{664233F0-0891-40BC-B9A5-0B310D0998DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{40E3BA92-A3C6-408C-951C-6B11DE61CC42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{0B5091F6-D2D9-48F3-BD0D-3E666AF4A366}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{3767B97C-A0AE-41B6-904D-6F19D997EEA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{12391F95-B829-4B6F-89F7-DE284619D1C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{F3D59FDB-68FC-427B-93B8-3646802B8F2E}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{3F2083C8-16D6-4DFE-840A-27305DEF7FAA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{8CFA8FC2-0CA2-48DC-8363-5101318E39ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4AE04F12-48D0-4D53-89B2-F03CADF1D480}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5DCBFA4D-57CB-4A7C-9D50-3B20F8E2A18D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D296C840-6A2D-451E-A8BB-5C9CA8FF9364}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{38C46737-5C8F-4A38-926B-5D80A8CCF059}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{EB86EC8A-0C1A-4C26-888B-C65E0EA40510}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{255F56D3-24FD-456D-BF57-D388D3EB779A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{00D9F994-8E0C-44C4-92FB-E3384B782B69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7706470D-F3BD-4E99-9C64-9B5897024A85}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{99A83029-809A-4483-B3DD-FCD948C7103A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BBA6CEDF-A11D-4259-8AED-DED45034C52D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{9269A289-4AD5-44B1-A551-F26287688D69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{B0ECE9F4-93C0-4A42-8692-FE10AE3B7FA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9E0DE38B-FCDA-4FC2-9164-284C67369EC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DB95E0F2-1481-4FC1-A76E-685B4F4908C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B9B2FD0C-84BD-4730-BDF5-5D15B59DEA44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{38F787A8-6A52-4B8B-B7F5-79E6D4771F39}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F21AF757-6732-41C0-B3AD-427E207C81BC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{79799E83-9170-4A41-8FFA-B21A9B8FE7F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9ADEFF5A-1462-454E-8D3D-C4EB6290A8E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F3BD7286-53F9-47C9-AEDD-73AA592602E0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{ADD96A5C-8036-4302-9F4E-8323E067025D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A2F7A9B1-BC20-4B9D-B551-6BC711A66D6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7DCB2F56-5024-48B6-91B3-FF947A11D52C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8DE003E1-7708-4083-AC41-CC7319589A3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{8F13248F-BC7C-474C-B9A7-9E6F00BABAFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{17903EA3-328F-44F9-8F03-5079E2344E40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{03497433-641E-4FDD-8F0B-8C5E549A039A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0EC0B6FC-28B1-4431-850D-366A6E81BF07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{D651CA79-2004-4566-8920-D659F995C8CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F8A8316C-58A4-4272-B8E5-B6A82F5A7BE6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{E02A9719-040A-494B-91E3-23EC710BBA5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{76226352-6EF4-49A2-BDCA-2B8A6097513C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{43446A12-0A3F-4816-A4D0-07EF2B6B70A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{C865885B-C76F-48D6-8108-78E09936ACE4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DBA3F375-4528-4786-A55C-7841718805F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{46600C2E-CF40-4A5B-9612-274DD95DF047}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C362542C-DC65-4AB2-8436-5530BFDBA009}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D8382640-699A-4CC3-B79D-1092E9C63489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{90CA2043-108B-474A-A0AB-1B3CCBDB58F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C613959B-EADA-45FC-82F0-4282DFAD090F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [{FBE4BC43-7632-4B6A-8D25-1D793A006FA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [{CA74FD7E-EE85-47D6-978F-8C7048E5EBFE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E59A06D2-FF4B-4E82-BEB1-69F6ADA73B0B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E874B13E-1F40-4BD1-AA52-9702E50C3966}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{54669148-EF0C-49F5-B58F-6A13A5D01D8E}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{C051D6F7-97A0-4178-9C06-936934A7F902}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{8BB92BCA-573F-4287-AB50-1557F3D089B6}] => (Allow) C:\Program Files (x86)\PFConfig\PFConfigLauncher.exe
FirewallRules: [{1A688049-D72D-4536-8277-AAB18968F104}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [{AF6CB5A4-8122-4A4C-8FD3-14B821632ED6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Forge\Binaries\Win32\ForgeGame.exe
FirewallRules: [TCP Query User{00060EA9-9A9D-4A46-B2EB-191D639DD0BA}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{EA9EBA9C-F03E-4286-B815-2135750AE011}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{3655AA9B-3B63-4B20-A09E-8666F4A0CE5F}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{B266870F-0F71-46C5-A108-ADF8D1EBFB14}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{3DD5B4CE-F914-4F14-AE7B-F4B5F426F759}] => (Allow) C:\Program Files (x86)\Garena Plus\ggdllhost.exe
FirewallRules: [{A3C9E570-7EB6-4778-9B58-BF8B2BCBD9A6}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{23F8A940-AA9F-47A7-9857-BE851F569186}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{8D89E576-4513-4ECA-B6BC-9DA5606921B7}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{2CC94D1E-EC09-472C-838D-585F6907E59B}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{9F7F9F80-1B53-4943-88AF-F5B0FE6C2CF7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{3EF30DA2-AB17-4582-B532-73B77FD87995}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{D8EB383E-2BCD-4031-8D20-101590139531}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{9B8D9C4B-B393-4E14-9748-12B12A570641}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{55F814BA-19FE-4ECA-81CC-DF0197D1CEE1}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{5855EF2A-F018-4DB2-B9F9-914E8FCFA4BB}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{D56ED53A-7101-4B87-B49A-B57E69F1A115}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{0144BA9C-0BEE-4373-85C5-567CF53A581F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{5AC124C0-1DC1-4E16-AAEE-00BC7B896F1D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{58DD91AC-98C7-41FA-A848-A572E2694DD0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{64727803-A639-495C-AC9B-EB279CC25850}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{69B90118-3F7D-4253-9F92-79FD059DFDB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{100C2006-F36C-4E11-A75E-CBABB5CC0C04}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{1A257707-1840-42DB-AA5B-F8AB524DB6B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{276FE320-14D3-40F1-BB09-A55D51802B46}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{C8F79C44-F2C2-4AB3-8072-671D445B837F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{FDA07ECE-6BDE-42A6-881F-F5A7CD8AB0EA}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{168E564A-F468-4136-ACDE-C35A4BC673EC}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{697A7D2B-7DB0-4767-A0E6-70B16920E95F}C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [UDP Query User{25461CE8-23A2-4A36-B81C-BB2BD83C6F36}C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [TCP Query User{5588CE3D-C879-442B-89F9-49421B9D222A}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{98F2D887-142E-4DCD-8088-57736708EEB0}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{4AD060B0-404C-400C-8D69-82866D882BF7}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{F5098EA9-3C70-4DB6-BE26-965BDD444F0B}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{9B8DAC58-3C3B-4222-A322-465F82686018}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{89349378-E644-493F-9FF4-075ECE9BE50A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{3C760E99-B90C-49CE-B135-353D297944B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{82CD8633-5D24-4C6F-A9A8-A9BDEC82BB11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C68CB0E6-18FE-4EED-B8A5-228DFB7B6D64}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDF659B6-77C1-4C92-8B54-5989B7C73F6C}] => (Allow) LPort=2869
FirewallRules: [{EF9E0390-6FA5-46F4-9D47-E2775990885A}] => (Allow) LPort=1900
FirewallRules: [{9127A163-17DB-45D1-8575-C895CD3635D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{6CB8FF39-41D1-4F3C-9E5B-23336CEC8F12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{8BF2BBB1-2040-414B-868D-DCD9DFAF8CA3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{A7C71DF7-D4AF-4747-A099-DFC8FA4F6DF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{13D01A7D-7CE2-4B11-8E48-45239A11C364}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{804AC24C-C513-4A43-9937-3CC270DFD7B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{7A79C847-30B3-4D8E-97C3-A712DAF20F4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{B23FE913-626B-44EC-B6F7-B364A2A9F9AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [TCP Query User{242B0DF8-B51D-4B0B-9120-055A45B82124}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{9680519D-B9F0-4FCF-9A81-46ABE2EAC601}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [TCP Query User{7388EA12-A663-4A0F-9B1F-D4DDF45D08B7}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{64D2F909-D03A-47A9-924E-EE3766A23913}C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{D8220A93-F305-4EFA-8684-620A674A5475}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E1A742A8-7E43-4F08-8A0D-331D3125A6B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{A3506F4D-7638-4759-96F5-69ACB3D31E23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{6DCB8B99-4978-4595-A21A-92DEA8AC5B64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{A4927937-071B-4E30-A705-589AD344FE1E}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{EA394093-0C2E-45C7-80B1-6590F04D736A}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [{F31E2FA1-7AAA-4239-A4FF-DCCD61C58CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{453605AA-9959-4D58-8118-47B66A1E0D2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{9D30BD7F-6407-424D-9A50-B4A2DF626CBF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5CF51841-C2CC-40E2-98B4-F5C54C6CFA1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{20A5AE14-424B-4C71-83AD-F3181467BF6B}] => (Allow) C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C3AD2846-D331-4C00-AAB2-C968BBF8F0A1}] => (Allow) C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{B06F97ED-D519-4514-A31A-0FC48151DBB3}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [UDP Query User{690A3B6D-DBE4-4A0D-8766-C322B6D7378D}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [TCP Query User{FDBCD20D-CCB7-465B-871C-C7DAAD57792E}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [UDP Query User{989BF3D3-9EE1-4FE8-982D-FCE8473D49F4}C:\bluebyte\settlers3\s3.exe] => (Allow) C:\bluebyte\settlers3\s3.exe
FirewallRules: [{6EB1ABB1-126E-49D3-A4E9-02D7E65A633B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{2B6E303F-FFCA-4200-AEB5-99363D4CD19F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{718C337D-2E64-41CA-A0F7-244B31AA6CD9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{09C66128-8088-4BA7-A947-86F0F188E39A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B109102E-7DFA-4782-B812-B67ED8165FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C8F3E627-5831-4477-A35F-A402F6024BDD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{875FE039-FB80-4522-B1A1-3F3CA7D52822}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{5B00A3EC-6D07-49E5-88F9-518CCDC32230}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{BBDAC0C0-95AD-4961-8F2B-46986A5CEC8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{67A00C1B-8401-4E2C-9E91-248D39AFB66B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{3F774A3F-746A-4B53-ACFB-AFE1FA9C6245}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2cfg.exe
FirewallRules: [{59540169-8030-4CB1-9F87-3717A3B10B7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2cfg.exe
FirewallRules: [{91FE019F-9727-4F64-A180-3125451E305F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{834A4019-CEB3-4D8F-963A-3D500662B8AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [TCP Query User{09930B68-4539-4506-8734-EBFA2109D4C2}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [UDP Query User{BB0D2075-C111-4D3E-B858-E63FFAC060B6}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [{198F36B9-B1B8-4665-A6DA-61E703F90ED5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{9F1423E2-10F7-4421-ABFA-E7BC253F49AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{B8F76673-B504-4D63-B02A-19D938C7DFB9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{FCBF5FD9-1459-4939-9C36-A48AF366645A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{6B0AF022-0AEC-4A3C-9EF5-8DA058CB63E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{DF4381CE-23B6-4A81-ACB4-A5F6A7F7795D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{5CC0C758-1754-4886-8CF2-1CF5E4D065E2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{BE9DCE20-5655-4034-AEBF-066F5E8DE08D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{7D2E2389-93A4-41F1-8FB4-BF55939FC54A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{934873B1-3BF7-4FD7-954E-8C1B519D1735}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{CA43679D-70EC-4E86-9C00-ED7BF0503D96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{DBBB847A-36CD-4C3A-8439-F6C3A7B52A3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [TCP Query User{6D938E60-7ED2-45AE-AC83-6A2F73004AF2}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [UDP Query User{9692A475-DFB6-4DD8-9E0B-DCE1DB7BC06A}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [TCP Query User{57480D91-8844-4E5C-A9CD-5BABE6CD54C4}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [UDP Query User{03D59975-8DAB-47FD-A669-8E52C416D3EF}C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe] => (Allow) C:\program files (x86)\2k games\firaxis games\sid meier's railroads!\railroads.exe
FirewallRules: [TCP Query User{CC852DF1-0771-40C0-B1F0-07C44EEC94EE}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{CA815513-A38E-4C5A-8B77-8E31CE412692}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{EAAFE444-FDC5-486E-BB5C-17D5D09A6EBC}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{77B3D6A3-3BC4-4950-B626-2946EB993F10}C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\dota_ugc\game\bin\win64\dota2.exe
FirewallRules: [{A80C4A8E-CC90-47C4-97E4-5F5E8C6F343C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{FEDF4704-F0E6-4EDF-8538-8D5FE45DFD21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{DC7F7AEA-85F6-4FC4-9E09-6265B1579BB4}C:\programdata\battle.net\agent\agent.3526\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3526\agent.exe
FirewallRules: [UDP Query User{CC7D1A77-FEAB-4FF7-8028-F045E35B9121}C:\programdata\battle.net\agent\agent.3526\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3526\agent.exe
FirewallRules: [{1E080F29-E294-40AF-91E8-9DD8D89AA938}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{AED9BCA8-3D7A-4A0D-AD08-8BE713FD5D8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{F79C60A9-FA96-4AD8-A572-9D436C24486B}C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe
FirewallRules: [UDP Query User{4C180491-3928-4F2D-BA02-533F730725CA}C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe
FirewallRules: [TCP Query User{6BE64B3D-2451-4879-973D-DCC9D0FC7CCD}C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5E3C9295-7123-4342-9FEF-114503F6ED86}C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\po0gles\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{93CC89E4-F8B0-41B6-B137-6C415734CD26}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{6037B23A-ACF7-4C43-9CF6-992C9A72C139}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{AD9DB2D2-3189-4CEF-B05E-E79FC67749E2}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{956D9F83-D6D1-411D-AC5F-7E4415C85C15}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{7B72D76D-0451-4432-A1E4-37ED45CD58F9}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B1879650-8862-4AF4-AB99-0DCE2F23B406}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7603DB9F-A2B5-4144-943B-BB9EFFADF2F8}C:\users\po0gles\desktop\ygopro devpro\devpro.dll] => (Allow) C:\users\po0gles\desktop\ygopro devpro\devpro.dll
FirewallRules: [UDP Query User{94759FBE-F90D-48B4-A904-C98A05C1E918}C:\users\po0gles\desktop\ygopro devpro\devpro.dll] => (Allow) C:\users\po0gles\desktop\ygopro devpro\devpro.dll
FirewallRules: [{25DAACAC-B92D-493B-8BA7-A22689AF9D4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{5856DCD6-1F3D-4C7F-A986-16FDDE9D7B4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{DB9BAD0D-8181-4660-BB5E-C3AC2AF1D040}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{78EAD350-E4EE-4329-BD54-57E87E146F6F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3D61F93C-BAAB-4596-8C0F-8410F9F78B0D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9715385F-A0BA-48FE-AC99-E87DDF0F54AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{66C8E8F2-18B6-4CAF-AB02-1D1366BF80F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{F2B2E7B5-9340-49EE-B0B0-15213A9A0489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{05F0DB0B-6BA8-4AF2-9E9D-772416768679}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{82FC2220-8487-4FF5-9A09-FD00E49D72AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{BE420DC5-98CB-4AA6-A6C1-22C71FBF3737}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{CD14F31B-782A-4578-A93A-C4A4B9CF198B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{6ECE52ED-F744-4EB4-8220-907806DDC9BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{C0D6B0E0-E5AC-43FD-B536-097BA034FF45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{0C3CF743-D1F6-439F-8AFA-C2ED8E211A64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{4B0E6D51-E7C5-44F6-87A7-92C0CBD8904F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [TCP Query User{9B2468AB-E30C-483D-889E-04FDAA287DAF}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [UDP Query User{DFF03144-DCD7-4F3B-ACD0-C75AE0145716}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E4AD85BE-41E2-4885-B4CB-3EE866E3FE73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{159317B0-213C-4485-8FD2-5E3718A12F5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{7DB36D6A-8E10-49A3-9F03-BB81865BE22A}C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe
FirewallRules: [UDP Query User{78C8BFA0-9EF0-4CE6-B153-336ECA23FB68}C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.045\tamrielonline_live_server.exe
FirewallRules: [TCP Query User{E4129B15-0E66-412C-91D6-47EC6AB59666}C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe
FirewallRules: [UDP Query User{FA9E65F3-3B8A-417C-8F2B-900F5BF89E95}C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe] => (Allow) C:\users\po0gles\appdata\local\temp\rar$exa0.544\tamrielonline_live_server.exe
FirewallRules: [{D801C96D-027F-4620-9666-816D82AF9428}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F21308C0-9CD7-41C5-82F5-7DEFB9178243}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8DAD7DE2-2666-4C27-8D9C-92AA751B223A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7FA0531F-5036-4CDD-80DA-D10DD5FABF83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{06ECB473-74CD-4891-8F16-F6E2DC1DFBDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: TAP-Win32 Adapter V9 (Tunngle) #2
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/05/2015 06:19:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (08/05/2015 03:12:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm PathOfExileSteam.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 748

Startzeit: 01d0cf778c25bb16

Endzeit: 1849

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe

Berichts-ID: a58043b5-3b72-11e5-bd8b-bc05430dee55

Error: (08/05/2015 12:12:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (08/05/2015 11:44:48 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (08/05/2015 10:53:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2015 02:12:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4ff4f602
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x61c
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3

Error: (08/04/2015 06:45:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 06:31:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 06:18:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 06:15:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0, Zeitstempel: 0x4ff4f602
Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0, Zeitstempel: 0x4f55e10b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000033c1
ID des fehlerhaften Prozesses: 0x6d0
Startzeit der fehlerhaften Anwendung: 0xFuel.Service.exe0
Pfad der fehlerhaften Anwendung: Fuel.Service.exe1
Pfad des fehlerhaften Moduls: Fuel.Service.exe2
Berichtskennung: Fuel.Service.exe3


Systemfehler:
=============
Error: (08/05/2015 04:13:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (08/05/2015 04:13:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Po0gles\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/05/2015 04:13:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (08/05/2015 04:13:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Po0gles\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/05/2015 04:13:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (08/05/2015 04:13:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Po0gles\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/05/2015 04:13:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (08/05/2015 04:13:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Po0gles\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/05/2015 04:13:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (08/05/2015 04:13:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Po0gles\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-08-04 11:49:46.477
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-08-04 11:49:46.430
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-23 15:47:31.317
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-23 15:47:31.224
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Processor: AMD FX(tm)-4100 Quad-Core Processor 
Percentage of memory in use: 55%
Total physical RAM: 4042.44 MB
Available physical RAM: 1795 MB
Total Virtual: 5396.44 MB
Available Virtual: 2441.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:56.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 686E7D52)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Ende von log ============================

Zitat:

Zitat von schrauber

Noch Probleme?

Mal sehen

werde jetzt endlich wieder Antivir installieren und meine Firewall wieder anmachen. Dann neustarten und mich wieder melden. Auf jeden fall erstmal ein Dankeschön für deine Unterstützung.

Scheint alles gut zu sein, aber der Avira scheduler verbraucht immer noch abnormal viel Arbeitsspeicher. Ich verstehe einfach nicht wie ein scheduler so viel verbrauch haben kann, ergibt doch keinen Sinn. Mit dem scheduler verbraucht antivir konstant ~400mb Arbeitsspeicher. Da ich (wie du vielleicht an den Logs gesehen hast) viel spiele, will ich sowas eigentlich nicht tolerieren. Kannst du mir ein anderen free antivirus empfehlen? Habe bis jetzt immer antivir benutzt

.

Edit: Was ich interessant finde ist das der scheduler erst nach Neustart so viel verbraucht. Wenn ich Avira frisch installiere ist der Arbeitsspeicherverbrauch bei nur 5 mb. Ich werde mal versuchen den aus dem Autostart zu entfernen und dann nochmal neu zu starten. .
Edit2: Kriege den scheduler nicht aus msconfig entfernt. Sobald ich "übernehmen" drücke springt das Häkchen automatisch wieder an. Den Prozess beenden funktioniert auch nicht.

schrauber · 06.08.2015, 06:00

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Program Files (x86)\Maxis\SimCity 4 Deluxe\Apps\SimCity 4.exe

C:\Users\Po0gles\AppData\Roaming\BitTorrent\BitTorrent.exe

C:\Users\Po0gles\AppData\Roaming\BitTorrent\updates\7.9.2_32692.exe

C:\Users\Po0gles\Downloads\AutoHotkey - CHIP-Installer.exe
Tcpip\..\Interfaces\{2C3B9D2F-5689-4C51-906D-8FB764CCD55E}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{4CA14983-5EDC-48BD-B497-C3F4E8B5C0F2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A8FFBF08-A4D4-41BA-9829-7351ACB37403}: [DhcpNameServer] 7.254.254.254

C:\Users\Po0gles\Downloads\Process Explorer - CHIP-Installer.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Frisches FRST log bitte.

Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen

Freeware geht eigentlich nur Bitdefender Free oder MSE.

ntdll.dll virus

Plagegeister aller Art und deren Bekämpfung: ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

ntdll.dll virus

Ähnliche Themen: ntdll.dll virus

03.08.2015, 14:34	#2
schrauber /// the machine /// TB-Ausbilder	ntdll.dll virus Hi, ntdll ist eine legitime Datei, der eine Fund bei VT ein Fehlalarm. __________________ __________________

03.08.2015, 14:50	#3
Po0gles	ntdll.dll virus Danke für die schnelle antwort, obwohl das beruhigend ist frage ich mich immernoch was es mit dem Systemabsturz und sched.exe auf sich hat. Weißt du etwas damit anzufangen? Sollte ich antivir deinstallieren und mir ein anderes Virenschutzprogramm anschaffen? Ich werd es erstmal nochmal mit Neuinstallation versuchen. __________________