Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Meldungen von adwCleaner z.b. quickstores.toolbar.guid

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 17.08.2015, 16:19   #1
Arsat
 
Meldungen von adwCleaner z.b. quickstores.toolbar.guid - Standard

Meldungen von adwCleaner z.b. quickstores.toolbar.guid



Hallo.

Ich scanne regelmässig alles was ich mache. Hab Avast als Virenscanner und lasse Malwarebytes Anti-Malware regelmässig laufen.

Jetzt habe ich wegen Mausproblemen (waren aber hardwareprobleme wie es scheint) mal adwCleaner laufen lassen.

Der hatte einiges gefunden :AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 13/08/2015 um 09:19:26
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-12.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : 
# Gestarted von : 
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\users\user\AppData\Roaming\pdfforge

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 307880

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17937


-\\ Mozilla Firefox v40.0 (x86 de)

[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.cbid", "F4");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.crumb", "2011.05.03+01.09.35-toolbar007iad-DE-TnVyZW1iZXJnLEdlcm1hbnk%3D");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://de.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.dtid", "YYYYYYYYDE");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.first-launch-url", "file:///C:/Users/Hammel/AppData/Local/Temp/Message.htm");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.fresh-install", false);
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.l", "dis");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.last-config-req", "1304410178196");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.locale", "de_DE");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.o", "101699");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.qsrc", "2871");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.r", "4");
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[hk6a5oya.default] - Zeile Gefunden : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[hk6a5oya.default] - Zeile Gefunden : user_pref("quickstores.toolbar.affid", "2017");
[hk6a5oya.default] - Zeile Gefunden : user_pref("quickstores.toolbar.guid", "{1BB459C9-B4DD-72DC-B3CC-5CD75F4B9DD1}");

-\\ Google Chrome v44.0.2403.155


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [2883 Bytes] - [13/08/2015 09:19:26]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2942 Bytes] ##########
         
--- --- ---
nach dem Löschen und einem Restart findet er imemr wieder das hier :AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 13/08/2015 um 09:37:12
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-12.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : 
# Gestarted von : 
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17937


-\\ Mozilla Firefox v40.0 (x86 de)

[hk6a5oya.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
[hk6a5oya.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[hk6a5oya.default\prefs.js] - Zeile Gelöscht : user_pref("quickstores.toolbar.guid", "{1BB459C9-B4DD-72DC-B3CC-5CD75F4B9DD1}");

-\\ Google Chrome v44.0.2403.155


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [3021 Bytes] - [13/08/2015 09:19:26]
AdwCleaner[R1].txt - [1333 Bytes] - [13/08/2015 09:28:09]
AdwCleaner[S0].txt - [3242 Bytes] - [13/08/2015 09:26:41]
AdwCleaner[S1].txt - [1280 Bytes] - [13/08/2015 09:37:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1339  Bytes] ##########
         
--- --- ---
Das krieg ich nie weg. Nach einem Restart hat er das sofort wieder drin.

Was mich nur wundert ich habe keine extensions im Ordner die so heisst und Firefox selbst erkennt auch nur diese 3 :

Adblock Plus 2.6.10 true {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Free Download Manager extension 2.0.14 true fdm_ffext@freedownloadmanager.org
Avast Online Security 10.2.0.187 false wrc@avast.com

Malwarebytes Anti-Malware hab ich mehrfach durchlaufen lassen auch einmal Komplett ohne Funde und die prefs.js hab ich auch mal bei Virus total durchlaufen lassen.

Ausser AdwCleaner findet keiner was.

Hab ich den nun ein Problem oder nicht ?

Danke schonmal für die Hilfe

Arsat

Alt 17.08.2015, 17:12   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Meldungen von adwCleaner z.b. quickstores.toolbar.guid - Standard

Meldungen von adwCleaner z.b. quickstores.toolbar.guid



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 17.08.2015, 17:50   #3
Arsat
 
Meldungen von adwCleaner z.b. quickstores.toolbar.guid - Standard

Meldungen von adwCleaner z.b. quickstores.toolbar.guid



FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-08-2015
durchgeführt von user (Administrator) auf USER-PC (17-08-2015 18:42:27)
Gestartet von C:\Users\user\Desktop
Geladene Profile: user (Verfügbare Profile: user)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Valve Corporation) H:\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) H:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) H:\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe\KeePass.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-15] (Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-11] (AVAST Software)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-2576313555-507638820-2627635458-1000\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [7012352 2014-11-14] (FreeDownloadManager.ORG)
HKU\S-1-5-21-2576313555-507638820-2627635458-1000\...\Run: [GalaxyClient] => [X]
IFEO\CNC3.exe: [Debugger] 
IFEO\CNC3EP1.exe: [Debugger] 
IFEO\generals.exe: [Debugger] 
IFEO\RA3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-11] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-2576313555-507638820-2627635458-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2014-11-13] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-23] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{198CB434-24ED-46EC-9068-DCCF34307431}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hk6a5oya.default
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: hxxp://www.google.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2576313555-507638820-2627635458-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hk6a5oya.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-11]
FF HKLM-x32\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2014-12-20]
FF HKU\S-1-5-21-2576313555-507638820-2627635458-1000\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.14
FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.14 [2015-08-08]

Chrome: 
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-12]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-12]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-12]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-12]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-12]
CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-12]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-11] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2015-01-20] ()
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-25] (EasyAntiCheat Ltd)
S3 GalaxyClientService; H:\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-21] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6871608 2015-07-21] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [995568 2015-08-09] (Overwolf LTD)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-11] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-11] (AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-11] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-17 18:42 - 2015-08-17 18:42 - 00019012 _____ C:\Users\user\Desktop\FRST.txt
2015-08-17 18:16 - 2015-08-17 18:42 - 00000000 ____D C:\FRST
2015-08-17 18:14 - 2015-08-17 18:14 - 02173440 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2015-08-17 16:45 - 2015-08-17 16:46 - 00001250 _____ C:\AdwCleaner[S4].txt
2015-08-17 12:25 - 2015-08-17 18:40 - 00000022 ____H C:\Users\user\Documents\Database.kdb.lock
2015-08-16 13:35 - 2015-08-16 13:35 - 12413133 _____ C:\Users\user\Documents\reg backup.rar
2015-08-15 16:25 - 2015-08-15 16:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-15 16:25 - 2015-08-15 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-15 04:48 - 2015-08-15 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-08-14 05:15 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-14 05:14 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-14 05:14 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-08-14 05:14 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-08-13 09:39 - 2015-08-13 09:39 - 00001419 _____ C:\Users\user\Desktop\AdwCleaner[S1].txt
2015-08-13 09:19 - 2015-08-13 09:39 - 00000000 ____D C:\AdwCleaner
2015-08-13 03:04 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 03:04 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:14 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 11:14 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 11:14 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 11:14 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 11:14 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 11:14 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 11:14 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:14 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:14 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 11:14 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 11:14 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 11:14 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 11:14 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:14 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 11:14 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:14 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:14 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 11:14 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 11:14 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 11:14 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 11:14 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 11:14 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 11:14 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 11:14 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 11:14 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 11:14 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 11:14 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 11:14 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 11:14 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 11:14 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 11:14 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 11:14 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 11:14 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 11:14 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 11:14 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 11:14 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 11:14 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 11:14 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 11:14 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 11:14 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:14 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 11:14 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:14 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 11:14 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:14 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 11:14 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 11:14 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 11:14 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 11:14 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 11:14 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 11:14 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 11:14 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:14 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 11:14 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 11:14 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 11:14 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 11:14 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 11:14 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 11:14 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 11:14 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 11:14 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 11:14 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:14 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 11:14 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 11:14 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 11:14 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 11:14 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 11:14 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 11:14 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 11:14 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 11:14 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 11:14 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 11:14 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 11:14 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 11:14 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 11:14 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 11:14 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 11:14 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 11:14 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 11:14 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 11:14 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 11:14 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 11:14 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 11:14 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 11:14 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 11:14 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 11:14 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 11:14 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 11:14 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 11:14 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 11:14 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 11:14 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 11:14 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 11:14 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 11:14 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 11:14 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 11:14 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 11:14 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 11:14 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 11:14 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 11:14 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 11:14 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 11:14 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 11:14 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 11:14 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 11:14 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 11:14 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 11:14 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 11:14 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 11:14 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 11:14 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 11:14 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 11:14 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 11:13 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 11:13 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 11:13 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 11:13 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 11:13 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 11:13 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 11:13 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 11:13 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 11:13 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 11:13 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 11:13 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 11:13 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 11:13 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 11:13 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 11:13 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 11:13 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 11:13 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 11:13 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 11:13 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 11:13 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 11:13 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 11:13 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 11:13 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 11:13 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 11:13 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 11:13 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 11:13 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 11:13 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 11:13 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 11:13 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 11:13 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 11:13 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 11:13 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 11:13 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 11:13 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 11:13 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 11:13 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 11:13 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 11:13 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 11:13 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 11:13 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 11:13 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 11:13 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 11:13 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 11:13 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 11:13 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 11:13 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 11:13 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 11:13 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 11:13 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 17:36 - 2015-08-15 16:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-11 17:23 - 2015-08-11 17:23 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-11 17:23 - 2015-08-11 17:23 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-11 17:22 - 2015-08-11 17:22 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-08-10 10:56 - 2015-08-15 03:51 - 00000000 ____D C:\Users\user\AppData\Roaming\StarMade
2015-08-05 01:17 - 2015-08-05 01:17 - 00001256 _____ C:\Users\Public\Desktop\FINAL FANTASY XIV - A Realm Reborn.lnk
2015-08-05 01:17 - 2015-08-05 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2015-08-03 03:45 - 2015-08-03 03:45 - 00000000 ____D C:\Users\user\Documents\Wizards of the Coast
2015-08-02 19:00 - 2015-08-02 23:35 - 00000000 ____D C:\Users\user\Documents\Endless Space
2015-07-30 06:53 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-30 06:53 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-29 22:11 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-29 22:11 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-29 14:34 - 2015-07-29 14:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-07-29 02:06 - 2015-07-29 02:06 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2015-07-22 10:37 - 2015-07-22 10:37 - 00000000 ____D C:\Users\user\AppData\Local\CEF
2015-07-22 02:51 - 2015-07-22 13:02 - 00000000 ____D C:\Users\user\Documents\Overlord
2015-07-21 23:55 - 2015-07-21 23:57 - 00000000 ____D C:\Users\user\AppData\Local\Two Worlds II
2015-07-21 23:39 - 2015-07-21 23:39 - 00000000 ____D C:\Users\user\AppData\Local\Chromium
2015-07-21 01:22 - 2015-07-21 01:23 - 00000000 ____D C:\Users\user\AppData\Roaming\Trove
2015-07-19 22:52 - 2015-07-19 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2015-07-19 22:52 - 2015-07-19 22:52 - 00000000 ____D C:\Program Files (x86)\LAV Filters

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-17 18:42 - 2014-12-11 23:08 - 00000000 ____D C:\Users\user\AppData\Roaming\NetSpeedMonitor
2015-08-17 18:32 - 2014-12-11 19:57 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2015-08-17 18:25 - 2015-01-16 14:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-17 18:21 - 2014-12-20 19:31 - 00000000 ____D C:\Users\user\AppData\Roaming\Free Download Manager
2015-08-17 18:12 - 2014-12-12 18:41 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-17 17:38 - 2014-12-17 04:28 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-17 16:16 - 2014-11-22 18:13 - 01810872 _____ C:\Windows\WindowsUpdate.log
2015-08-17 14:10 - 2010-11-21 08:50 - 00700130 _____ C:\Windows\system32\perfh007.dat
2015-08-17 14:10 - 2010-11-21 08:50 - 00149768 _____ C:\Windows\system32\perfc007.dat
2015-08-17 14:10 - 2009-07-14 07:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-17 13:52 - 2014-12-11 19:43 - 00000000 ____D C:\Users\user\AppData\Roaming\TV-Browser
2015-08-17 12:49 - 2014-12-12 18:20 - 00101996 _____ C:\Users\user\Documents\Database.kdb
2015-08-17 12:14 - 2009-07-14 06:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-17 12:14 - 2009-07-14 06:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-17 12:08 - 2014-11-25 12:40 - 00006462 _____ C:\Windows\SysWOW64\Gms.log
2015-08-17 12:06 - 2014-12-12 18:41 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-17 12:06 - 2014-12-05 15:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-17 12:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-17 12:06 - 2009-07-14 06:51 - 00129167 _____ C:\Windows\setupact.log
2015-08-16 18:05 - 2014-11-25 12:21 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2015-08-15 16:25 - 2014-12-11 19:57 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-15 16:25 - 2014-12-11 19:57 - 00000000 ____D C:\ProgramData\Skype
2015-08-15 16:13 - 2014-11-25 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-14 15:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-14 05:15 - 2014-12-05 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-14 05:15 - 2014-12-05 15:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-13 20:54 - 2014-12-11 19:31 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-13 18:26 - 2015-05-16 00:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-08-13 09:37 - 2014-12-11 19:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-13 09:02 - 2014-12-11 20:29 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-08-13 09:02 - 2014-11-25 11:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 09:02 - 2014-11-25 11:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 09:02 - 2009-07-14 06:45 - 00268536 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 04:05 - 2014-11-25 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 04:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-13 03:02 - 2014-11-25 16:16 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 03:00 - 2014-11-25 16:16 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-13 01:03 - 2015-07-05 09:35 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2015-08-12 21:22 - 2015-01-15 15:05 - 00000000 ____D C:\Users\user\AppData\Roaming\OBS
2015-08-12 20:44 - 2015-01-15 15:05 - 00000000 ____D C:\Program Files (x86)\OBS
2015-08-12 19:00 - 2014-12-11 20:29 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-08-12 19:00 - 2014-12-11 20:29 - 00001169 _____ C:\Windows\LkmdfCoInst.log
2015-08-12 19:00 - 2014-12-11 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-08-12 17:25 - 2015-01-16 14:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 17:25 - 2014-12-11 20:12 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 17:25 - 2014-12-11 20:12 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 16:13 - 2014-12-12 18:42 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-11 22:32 - 2010-11-21 05:47 - 00410070 _____ C:\Windows\PFRO.log
2015-08-11 17:34 - 2014-11-25 11:18 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-08-11 17:23 - 2014-12-11 19:37 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-08-11 17:23 - 2014-12-11 19:31 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-11 17:23 - 2014-12-11 19:31 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-11 17:23 - 2014-12-11 19:31 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-11 17:23 - 2014-12-11 19:31 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-11 17:23 - 2014-12-11 19:31 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-11 17:23 - 2014-12-11 19:31 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-11 17:23 - 2014-12-11 19:31 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-10 08:45 - 2015-02-20 02:32 - 00000000 ____D C:\Users\user\AppData\Roaming\SpaceEngineers
2015-08-10 07:38 - 2015-05-15 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-08-08 13:16 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-07 13:06 - 2014-12-05 15:03 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-07 13:06 - 2014-12-05 15:03 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-07 13:06 - 2014-12-05 15:03 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-07 13:06 - 2014-12-05 15:03 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-07 06:34 - 2014-12-05 15:04 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-07 06:34 - 2014-12-05 15:04 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-07 06:34 - 2014-12-05 15:04 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-07 06:34 - 2014-12-05 15:04 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-07 06:34 - 2014-12-05 15:04 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-07 06:34 - 2014-12-05 15:04 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-05 01:50 - 2014-12-12 18:52 - 00000000 ____D C:\Users\user\Documents\my games
2015-08-05 01:17 - 2014-11-25 10:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-03 12:12 - 2014-12-05 15:04 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-08-03 05:35 - 2014-12-12 18:55 - 00000000 ____D C:\Users\user\Documents\of orcs and men
2015-08-03 04:53 - 2014-12-06 13:48 - 00551542 _____ C:\Windows\DirectX.log
2015-08-02 04:04 - 2015-01-05 14:09 - 00000000 ____D C:\Users\user\Documents\Horizon Game
2015-07-25 23:32 - 2015-02-19 00:00 - 00000000 ____D C:\Windows\system32\oodag
2015-07-24 06:21 - 2014-12-05 15:06 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2014-12-05 15:06 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-24 06:21 - 2014-12-05 15:06 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-24 06:21 - 2014-12-05 15:06 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-23 23:30 - 2015-03-22 05:39 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-23 23:30 - 2014-11-25 11:16 - 00000000 ____D C:\Program Files\Java
2015-07-23 23:29 - 2014-11-25 11:13 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-23 23:29 - 2014-11-25 11:13 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-20 23:15 - 2014-12-15 18:51 - 00000000 ____D C:\Users\user\AppData\Roaming\TS3Client

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-12 03:55 - 2014-12-12 03:57 - 0007604 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg
2014-11-22 18:23 - 2014-11-22 18:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-05 00:30 - 2015-03-05 00:30 - 0000040 _____ () C:\ProgramData\ra3.ini

Einige Dateien in TEMP:
====================
C:\Users\user\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\user\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\user\AppData\Local\Temp\nvStInst.exe
C:\Users\user\AppData\Local\Temp\Quarantine.exe
C:\Users\user\AppData\Local\Temp\sfamcc00001.dll
C:\Users\user\AppData\Local\Temp\sfextra.dll
C:\Users\user\AppData\Local\Temp\SkypeSetup.exe
C:\Users\user\AppData\Local\Temp\tmpDD28.tmp.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-12 15:30

==================== Ende von Ergebnis ============================
         
__________________

Alt 17.08.2015, 17:51   #4
Arsat
 
Meldungen von adwCleaner z.b. quickstores.toolbar.guid - Standard

Meldungen von adwCleaner z.b. quickstores.toolbar.guid



Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-08-2015
durchgeführt von user (2015-08-17 18:42:39)
Gestartet von C:\Users\user\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2576313555-507638820-2627635458-500 - Administrator - Disabled)
Gast (S-1-5-21-2576313555-507638820-2627635458-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2576313555-507638820-2627635458-1002 - Limited - Enabled)
user (S-1-5-21-2576313555-507638820-2627635458-1000 - Administrator - Enabled) => C:\Users\user

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.1.0 - Futuremark)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Agapan (HKLM-x32\...\Steam App 344260) (Version:  - )
Angels of Fasaria RPG (HKLM-x32\...\Steam App 335900) (Version:  - New Source Entertainment)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Ballpoint Universe: Infinite (HKLM-x32\...\Steam App 259390) (Version:  - Arachnid Games)
Betrayer (HKLM-x32\...\Steam App 243120) (Version:  - Blackpowder Games)
Better Late Than DEAD (HKLM-x32\...\Steam App 352950) (Version:  - Odin Game Studio)
Butsbal (HKLM-x32\...\Steam App 375330) (Version:  - Xtase Studios)
C&C:Online (HKLM-x32\...\{1298F091-2180-4779-BDA0-1176247252D0}) (Version: 2.0.7 - Revora)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order)
Command and Conquer: Red Alert 3 (HKLM-x32\...\Steam App 17480) (Version:  - EA Los Angeles)
Cosmonautica (HKLM-x32\...\Steam App 320340) (Version:  - Chasing Carrots)
Dungeon Crawlers HD (HKLM-x32\...\Steam App 355100) (Version:  - Drowning Monkeys Games)
Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version:  - Frontier Developments)
Empyrion - Galactic Survival (HKLM-x32\...\Steam App 383120) (Version:  - Eleon Game Studios)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Eron (HKLM-x32\...\Steam App 356880) (Version:  - Red Splat Games)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version:  - Ubisoft)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fishing Planet (HKLM-x32\...\Steam App 380600) (Version:  - Fishing Planet LLC)
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Galactic Civilizations® III (HKLM-x32\...\Steam App 226860) (Version:  - Stardock Entertainment)
GameRanger (HKU\S-1-5-21-2576313555-507638820-2627635458-1000\...\GameRanger) (Version:  - GameRanger Technologies)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Daybreak Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Hardland (HKLM-x32\...\Steam App 321980) (Version:  - Mountain Sheep)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\1207661193_is1) (Version: 2.1.0.24 - GOG.com)
Heroes of Might and Magic V with Hammers of Fate (HKLM-x32\...\1207661143_is1) (Version: 2.1.0.22 - GOG.com)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.14 - Intel(R) Corporation) Hidden
Intergalactic Bubbles (HKLM-x32\...\Steam App 351490) (Version:  - Hellscape Games)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
KeePass Password Safe 1.28 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.28 - Dominik Reichl)
LAV Filters 0.63.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.63.0 - Hendrik Leppkes)
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Lords of Xulima (HKLM-x32\...\Steam App 296570) (Version:  - Numantian Games)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Man Alive Game (HKLM-x32\...\Steam App 339560) (Version:  - )
Medieval Engineers (HKLM-x32\...\Steam App 333950) (Version:  - Keen Software House)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
Mordheim: City of the Damned (HKLM-x32\...\Steam App 276810) (Version:  - Rogue Factor)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.0.5697 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
Musclecar Online (HKLM-x32\...\Steam App 346440) (Version:  - Psychic Software)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O&O Defrag Free Edition (HKLM\...\{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}) (Version: 14.1.431 - O&O Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Overlord (HKLM-x32\...\Steam App 11450) (Version:  - Triumph Studios)
Overlord: Raising Hell (HKLM-x32\...\Steam App 12710) (Version:  - Triumph Studios)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.88.41.0 - Overwolf Ltd.)
Patrician IV: Rise of a Dynasty (HKLM-x32\...\Steam App 57730) (Version:  - Gaming Minds Studios)
Patrician IV: Steam Special Edition (HKLM-x32\...\Steam App 57620) (Version:  - Gaming Minds Studios)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version:  - Obsidian Entertainment)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Realm of Perpetual Guilds (HKLM-x32\...\Steam App 372670) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7233 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Shroud of the Avatar: Forsaken Virtues (HKLM-x32\...\Steam App 326160) (Version:  - Portalarium)
Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version:  - Firaxis Games)
Sid Meier's Railroads! (HKLM-x32\...\Steam App 7600) (Version:  - Firaxis Games)
Sid Meier's Starships (HKLM-x32\...\Steam App 282210) (Version:  - Firaxis Games)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Spandex Force: Champion Rising (HKLM-x32\...\Steam App 380560) (Version:  - KarjaSoft)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version:  - Raven Software)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
StarDrive 2 (HKLM-x32\...\Steam App 252450) (Version:  - Zero Sum Games)
Starpoint Gemini 2 (HKLM-x32\...\Steam App 236150) (Version:  - Little Green Men Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version:  - FireFly Studios)
Subnautica (HKLM-x32\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Talisman: Digital Edition (HKLM-x32\...\Steam App 247000) (Version:  - Nomad Games Limited)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Bluecoats: North vs South (HKLM-x32\...\Steam App 347030) (Version:  - Microids)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Repopulation (HKLM-x32\...\Steam App 322300) (Version:  - Above and Beyond Technologies)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.8.0 - GOG.com)
The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TV-Browser 3.4.0.1 (HKLM-x32\...\tvbrowser) (Version: 3.4.0.1 - TV-Browser Team)
Unity Web Player (HKU\S-1-5-21-2576313555-507638820-2627635458-1000\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vintage Year (HKLM-x32\...\Steam App 333760) (Version:  - Nooner Bear Studio)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warzone 2100-3.1.2 (HKLM-x32\...\Warzone 2100-3.1.2) (Version: 3.1.2 - Warzone 2100 Project)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
X Rebirth (HKLM-x32\...\Steam App 2870) (Version:  - Egosoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2576313555-507638820-2627635458-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

11-08-2015 11:51:41 Windows Update
11-08-2015 17:22:53 avast! antivirus system restore point
11-08-2015 17:23:20 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
12-08-2015 18:59:55 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
13-08-2015 03:00:11 Windows Update
13-08-2015 04:05:08 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {038A5EBD-3077-48F2-8341-4B55EBB20094} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12] (Google Inc.)
Task: {218EF957-713C-4D90-923D-910C4B150912} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-08-09] (Overwolf LTD)
Task: {59B06229-888C-4B1F-A8DD-D89FB9201009} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12] (Google Inc.)
Task: {6B0796C0-3416-480C-8705-408C629D7228} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {B89E6AA4-F08C-4DA6-806C-04A92CFFFE5E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {C0D4FBFE-88F7-453F-B73D-AB14AC2BEF51} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-11] (AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-12-05 15:04 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-25 11:00 - 2014-01-28 05:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-06-02 17:18 - 2015-06-02 17:18 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2015-08-11 17:23 - 2015-08-11 17:23 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-11 17:23 - 2015-08-11 17:23 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-17 03:12 - 2015-08-17 03:12 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081601\algo.dll
2015-08-17 12:06 - 2015-08-17 12:06 - 02962432 _____ () C:\Program Files\AVAST Software\Avast\defs\15081701\algo.dll
2014-11-25 11:00 - 2015-08-17 12:06 - 00033280 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2014-11-25 11:00 - 2014-01-28 05:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-04-07 23:28 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-12-20 19:31 - 2014-11-13 12:55 - 03553280 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2015-03-19 17:54 - 2015-03-19 17:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2013-03-12 18:10 - 2015-07-03 18:12 - 00778240 _____ () H:\Steam\SDL2.dll
2014-12-03 21:07 - 2015-07-03 18:12 - 04962816 _____ () H:\Steam\v8.dll
2014-12-03 21:07 - 2015-07-03 18:12 - 01556992 _____ () H:\Steam\icui18n.dll
2014-12-03 21:07 - 2015-07-03 18:12 - 01187840 _____ () H:\Steam\icuuc.dll
2014-05-23 23:29 - 2015-08-12 20:26 - 02413248 _____ () H:\Steam\video.dll
2014-08-29 12:33 - 2014-12-01 23:31 - 02396672 _____ () H:\Steam\libavcodec-56.dll
2014-08-29 12:33 - 2014-12-01 23:31 - 00442880 _____ () H:\Steam\libavutil-54.dll
2014-08-29 12:33 - 2014-12-01 23:31 - 00479744 _____ () H:\Steam\libavformat-56.dll
2014-08-29 12:33 - 2014-12-01 23:31 - 00332800 _____ () H:\Steam\libavresample-2.dll
2014-08-29 12:33 - 2014-12-01 23:31 - 00485888 _____ () H:\Steam\libswscale-3.dll
2011-07-13 13:50 - 2015-08-12 20:26 - 00704192 _____ () H:\Steam\bin\chromehtml.DLL
2015-07-22 10:37 - 2015-07-27 03:13 - 00171008 _____ () H:\Steam\bin\openvr_api.dll
2010-12-03 01:49 - 2015-07-03 18:12 - 39553928 _____ () H:\Steam\bin\libcef.dll
2014-03-20 12:43 - 2014-03-20 12:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2576313555-507638820-2627635458-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2576313555-507638820-2627635458-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2576313555-507638820-2627635458-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2576313555-507638820-2627635458-1000\...\sony.com -> sony.com


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2576313555-507638820-2627635458-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{59E5C1FD-29D2-4DDF-951E-4E154B36B99F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B0570160-7D18-456C-B46B-A6EB011696BC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0F5C6D6F-5C68-4CA8-A9D3-7CDE1061B956}] => (Allow) H:\Steam\Steam.exe
FirewallRules: [{D7D3F082-608E-48CE-8BCB-C290AC48FDE8}] => (Allow) H:\Steam\Steam.exe
FirewallRules: [{9195E46B-D826-49E1-8F78-1225E66FB25F}] => (Allow) H:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C273D2A3-545B-4D34-9DEE-3405F5AB91F1}] => (Allow) H:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E6350829-5351-4CB6-8825-BD1D54FAF916}] => (Allow) H:\Steam\SteamApps\common\Horizon\Launcher.exe
FirewallRules: [{CEC6DA05-6EE4-4634-B409-ACBF5663B4E5}] => (Allow) H:\Steam\SteamApps\common\Horizon\Launcher.exe
FirewallRules: [{CA996D56-794A-429C-BFF8-7F50C245D8E9}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{0DEF3343-EBFA-4185-B386-F7B391811815}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{8A81EAD5-8952-48F8-B403-654E05F69242}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{6C4DEB79-D1EC-4EEB-8DA7-BF6D92D55286}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{DA5DE17F-5EF5-42AD-B9BF-EF1E216BA8B7}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe
FirewallRules: [{ABD294B4-7684-43C4-B396-6FBC9B1561E4}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe
FirewallRules: [{D789C385-CB13-4C6F-8BF7-34F8CF4C950B}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{0F7F526B-B76F-4FE6-A73D-5E18246705D3}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{4BAE8B8D-68B0-40B6-933A-1B0363CBC466}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9EF4383D-BC70-4A10-A2C2-926015904844}] => (Allow) H:\Steam\SteamApps\common\mountblade warband\mb_warband.exe
FirewallRules: [{6E336DFF-BED7-4F5D-B2A6-05ECC526FA09}] => (Allow) H:\Steam\SteamApps\common\mountblade warband\mb_warband.exe
FirewallRules: [{AB7F26C9-C3B3-45E6-9815-C2C5D139A9DA}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{F10F4D68-7A31-43FF-9847-15DE72DE35B4}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{14040AA7-FED2-4849-BBFA-26A827D0A8A5}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{523747BB-3CF0-44DE-841A-6828EDCADDD3}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{3B5937B4-4EE4-46B3-88F7-C31F3038EADB}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{F98BD8B8-E930-4008-A52B-F9CEE262F1EA}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{E5F8BE4D-111B-4CB7-987F-1BE01E4E1087}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{D60DAE63-A374-4AA4-9D1C-B7894A628B8F}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{735814A0-2E43-4F68-94F1-312CA7501FF6}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{051C3E2F-DA5C-494E-983F-0D84723C269A}] => (Allow) H:\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{4224264B-FC77-4E8B-B3C6-DAC379563B63}] => (Allow) H:\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{0D1F1E75-36C1-4626-B450-74D50B08C56C}] => (Allow) H:\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{94281907-99FB-4081-9F96-FF43A5EE3C42}] => (Allow) H:\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{CCD907AB-7D45-4A38-92DC-979A4E6B1256}] => (Allow) H:\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{DBC41771-DCD0-49C3-8B4F-16611D0BC654}] => (Allow) H:\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{2B5F28B3-3106-464C-BAB7-17482809798E}] => (Allow) H:\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{CFF5B120-1A2D-4E93-B754-9C967134AC6D}] => (Allow) H:\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{524ABC65-5511-44F2-8086-21674512EE89}] => (Allow) H:\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [TCP Query User{5AF214DA-BFF1-462E-80C8-CE492EA210A2}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2A0DA0A7-02F8-4796-BE1A-362D4C05388A}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{83087496-23D6-4486-868E-1E3C5D640CFC}] => (Allow) H:\Steam\SteamApps\common\StarMade\StarMade-starter.exe
FirewallRules: [{2BB91B5F-A3AD-4B15-801F-64684E36CAFB}] => (Allow) H:\Steam\SteamApps\common\StarMade\StarMade-starter.exe
FirewallRules: [{482B344D-A18F-4A4B-A554-7B944330205A}] => (Allow) H:\Steam\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{D0AAD8AC-AAFE-4CA6-85FA-D7593805C5F4}] => (Allow) H:\Steam\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{561B6A60-D19B-43C7-AEE0-7A9D8A377F56}] => (Allow) H:\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{6EAED4BD-AFC8-4055-AE15-25C37B981A6D}] => (Allow) H:\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{B750E623-A0B2-4D77-A5DC-4ACC3BE5E507}] => (Allow) H:\Steam\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{191BC414-F97F-43D4-BF2A-97F237BC7E48}] => (Allow) H:\Steam\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{CFE99441-E5F8-4A10-B981-E1334E97D6B1}] => (Allow) H:\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{1AFF1F5D-9139-4502-AF49-5CC0B1698485}] => (Allow) H:\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{678A53D6-9AF8-45FD-BC71-CD3D71AF8C87}] => (Allow) H:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{1B99F540-8EC7-4223-890E-8FC27B5170C2}] => (Allow) H:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{B8E9B9AC-A993-4B7F-BD93-2927A9CF49C1}] => (Allow) H:\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{AB9EC451-297A-4031-B560-5D603FCBE6DC}] => (Allow) H:\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{665A02E8-07C5-470A-A0E6-51549B29DABF}] => (Allow) H:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{AE241A3D-F554-4AA4-9206-3334FEF508FC}] => (Allow) H:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{E940961D-ABCF-4824-90FB-CC5175CB316E}] => (Allow) H:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{53A8FD07-5063-47B6-840F-F4A9C87C17BA}] => (Allow) H:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{BB29A496-5F7D-4FD7-85A0-BD08E33F052E}] => (Allow) H:\Steam\SteamApps\common\Kinetic Void\Kinetic Void.exe
FirewallRules: [{721AC65B-D8E3-4E21-B30C-E3DB4FD90439}] => (Allow) H:\Steam\SteamApps\common\Kinetic Void\Kinetic Void.exe
FirewallRules: [{0A7FBE73-EB43-438B-980E-8154930317AF}] => (Allow) H:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{B7ECE585-B505-4B3D-9CB5-395315159235}] => (Allow) H:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{3596475C-89C2-4EAD-B0E3-15F4867BAB26}] => (Allow) H:\Steam\SteamApps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{8DBE4636-12AA-4621-9D60-F9BBAF751B98}] => (Allow) H:\Steam\SteamApps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{F9FEDC5F-883B-488B-BD57-3A4753FD217B}] => (Allow) H:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{6ACFE7F4-0A02-44B6-ABC6-9BD671151469}] => (Allow) H:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{A4BC2D00-E966-461F-93A1-390C4E92DEE3}] => (Allow) H:\Steam\SteamApps\common\War For The Overworld\WFTO.exe
FirewallRules: [{89986C32-F0D9-45D3-A0A4-88879E5776AD}] => (Allow) H:\Steam\SteamApps\common\War For The Overworld\WFTO.exe
FirewallRules: [{5E905ECE-C18C-41D8-826F-B455E017B06E}] => (Allow) H:\Steam\SteamApps\common\Talisman\Talisman.exe
FirewallRules: [{547BC68A-23F1-4E43-8B19-BA15D2283C30}] => (Allow) H:\Steam\SteamApps\common\Talisman\Talisman.exe
FirewallRules: [{2994946C-0587-409A-8722-6493D9383CB2}] => (Allow) H:\Steam\SteamApps\common\Salt\Salt.exe
FirewallRules: [{E3854FE0-2797-44D7-A619-1FD1F186CCBF}] => (Allow) H:\Steam\SteamApps\common\Salt\Salt.exe
FirewallRules: [TCP Query User{B72223B0-CCF9-4C29-849D-D16C7B313D09}H:\steam\steamapps\common\beastsofprey\sfs2x\sfs2x-standalone.exe] => (Allow) H:\steam\steamapps\common\beastsofprey\sfs2x\sfs2x-standalone.exe
FirewallRules: [UDP Query User{5DFD849A-A7AF-4884-BDFB-D9A5ADE7803B}H:\steam\steamapps\common\beastsofprey\sfs2x\sfs2x-standalone.exe] => (Allow) H:\steam\steamapps\common\beastsofprey\sfs2x\sfs2x-standalone.exe
FirewallRules: [{C8450BFE-1143-4221-9B04-FDADF28DC3BB}] => (Allow) H:\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{809363DA-8D1B-4076-8948-7E6659229F77}] => (Allow) H:\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{BBBE8603-9BB9-4262-9C61-1CDBD940D8E2}] => (Allow) H:\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{A7B6A70E-DC0E-4615-9C36-59E58090BA79}] => (Allow) H:\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{81622C8D-0748-45BB-8D85-6FBF51DA29FF}] => (Allow) H:\Steam\SteamApps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{E3182756-5851-45E0-9953-7000491CE9B8}] => (Allow) H:\Steam\SteamApps\common\Stonehearth\Stonehearth.exe
FirewallRules: [TCP Query User{2F61629F-3C9E-47A2-9B59-2EA74A8AED74}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [UDP Query User{3A08C392-F1CB-42DB-AEBE-B5D395E37370}C:\program files (x86)\free download manager\fdm.exe] => (Allow) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [TCP Query User{5889DA45-C1F0-43AD-B07B-AA5A54928674}H:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) H:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{B9D0B132-AE1F-4F06-AE10-DF6449468748}H:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) H:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{6D7A631B-A6BE-4DBB-983F-A039701D3A09}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D8C83DD-2F33-4D3F-A061-3EFB12869146}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{161B8FCE-7C88-46EE-9871-22E969F04010}] => (Allow) H:\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{4FA3E45B-C0BC-4E3C-8286-26CCCCE07AC9}] => (Allow) H:\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [TCP Query User{91AEBAB3-AD76-4DED-BB6E-5632656305CC}H:\steam\steamapps\common\dayz\dayz.exe] => (Allow) H:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{5D83106B-47DA-46E1-9EDB-66C2C6C2ACEB}H:\steam\steamapps\common\dayz\dayz.exe] => (Allow) H:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{49EBB32D-DDEE-47EA-AA4D-7690961DB416}] => (Allow) H:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{56E82EC4-EC41-471D-95F6-BA12FABE2C94}] => (Allow) H:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{F17ADC8C-5C2B-40DE-AE8C-6EED7E6D51D5}] => (Allow) H:\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{AC2D1A73-5157-4C0D-A8C8-CA1E8B955EF0}] => (Allow) H:\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{C2E88C2F-E917-486B-8961-BFEB718555CE}] => (Allow) H:\Steam\SteamApps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{4523DDCB-F7DA-40B9-B237-1B42FE41EC1C}] => (Allow) H:\Steam\SteamApps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{D0833EA7-E1A8-4F3B-96B7-691CB24FF319}] => (Allow) H:\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{A3F30EA3-06D1-46CD-B658-B14A9E7C3285}] => (Allow) H:\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{39A86AD3-B342-4BB4-BD62-6A12C51AE173}] => (Allow) H:\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{E9E25154-AF14-49B4-8711-E516E00B3FFE}] => (Allow) H:\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{D8A69DA4-74BE-4CA7-858E-0576F049EA02}] => (Allow) H:\Steam\SteamApps\common\Xenonauts\Xenonauts.exe
FirewallRules: [{4EAA583C-6460-4502-A053-3B466B617767}] => (Allow) H:\Steam\SteamApps\common\Xenonauts\Xenonauts.exe
FirewallRules: [{3A63856D-8A0A-46D2-8F95-3822AC34B82B}] => (Allow) H:\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{FF757F50-95C4-45ED-8160-89CC339113B8}] => (Allow) H:\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{129D34C0-2B10-40A7-96F3-09EB72D76FF1}] => (Allow) H:\Steam\SteamApps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [{D55587ED-6254-4F03-B27A-07ABEB4DEC18}] => (Allow) H:\Steam\SteamApps\common\Planetary Annihilation\bin_x64\PA.exe
FirewallRules: [TCP Query User{E5138EDE-1FAC-4ECE-8933-906801A8E5E5}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{FF8F2165-73F4-4A40-ADDB-465CE9D1BEBE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{0EAD28C5-AE1C-4D00-8151-792C51BA6D46}] => (Allow) H:\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{5B98BB53-96C5-4376-A144-5C0B5BFBA0FA}] => (Allow) H:\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{EF525231-7CF5-4CDA-9DB9-31AB302E21C5}] => (Allow) H:\Steam\SteamApps\common\LordsOfXulima\LoX.exe
FirewallRules: [{D17702AB-4900-4641-9942-0FBDDBAE42A2}] => (Allow) H:\Steam\SteamApps\common\LordsOfXulima\LoX.exe
FirewallRules: [{2F2209B4-5CC2-49C0-9CFF-C04B1D658207}] => (Allow) H:\Steam\SteamApps\common\The Bluecoats North vs South\NAS.exe
FirewallRules: [{A023D534-63E7-4DA2-AF78-7CAFD004DFF4}] => (Allow) H:\Steam\SteamApps\common\The Bluecoats North vs South\NAS.exe
FirewallRules: [{B418F705-C3DB-4289-BCF5-2377FF0A2735}] => (Allow) H:\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{97E2CA73-FBAE-4FE4-A0A2-3C7235616586}] => (Allow) H:\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{FC8A7875-15CB-4DFC-8609-F14484CC8FF0}] => (Allow) H:\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{64D3D231-C0C0-4823-80D8-296FADC65CD4}] => (Allow) H:\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{6A7EBE5C-625B-4902-9740-B48F1CE1850B}] => (Allow) H:\Steam\SteamApps\common\Patrician IV\Patrician4.exe
FirewallRules: [{BC9D4244-908E-4925-98C9-7C0F434F8EC7}] => (Allow) H:\Steam\SteamApps\common\Patrician IV\Patrician4.exe
FirewallRules: [{4A4A9B06-D2AD-4CD7-A23D-961FDFAA3449}] => (Allow) H:\Steam\SteamApps\common\Patrician IV\Patrician4_addon.exe
FirewallRules: [{C85D70CC-B5C4-4AC5-B9F1-C211A297F48A}] => (Allow) H:\Steam\SteamApps\common\Patrician IV\Patrician4_addon.exe
FirewallRules: [TCP Query User{1228CD1B-E2FB-4A8D-A298-CCE3A559D1DB}H:\steam\steamapps\common\half-life 2 deathmatch\hl2.exe] => (Allow) H:\steam\steamapps\common\half-life 2 deathmatch\hl2.exe
FirewallRules: [UDP Query User{057A5481-3675-4F68-BC32-CFDB10AD12BC}H:\steam\steamapps\common\half-life 2 deathmatch\hl2.exe] => (Allow) H:\steam\steamapps\common\half-life 2 deathmatch\hl2.exe
FirewallRules: [{21C0E2C2-2D5D-423B-B406-27577E2BC342}] => (Allow) H:\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{299ABA0B-0320-4F41-A055-951C0C06BB9D}] => (Allow) H:\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [TCP Query User{00EA1DB2-A2CE-470A-842C-E0B754AE0300}H:\steam\steamapps\common\planet explorers\pe_client.exe] => (Allow) H:\steam\steamapps\common\planet explorers\pe_client.exe
FirewallRules: [UDP Query User{70318924-443B-4DDD-BC82-36D0008B1FF4}H:\steam\steamapps\common\planet explorers\pe_client.exe] => (Allow) H:\steam\steamapps\common\planet explorers\pe_client.exe
FirewallRules: [{14DE2B34-1B4C-42A6-91FA-DA114583205E}] => (Allow) H:\Steam\SteamApps\common\Savage Lands\SavageLands.exe
FirewallRules: [{7F2A95E7-F336-4586-8BF5-30C4C2F8707A}] => (Allow) H:\Steam\SteamApps\common\Savage Lands\SavageLands.exe
FirewallRules: [{0D98F3EE-A3B7-44C9-BA04-80632A9915E9}] => (Allow) H:\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{A34D7F37-F8A4-4FAE-9388-C3781C644881}] => (Allow) H:\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{36D05905-D1CF-4196-B406-3DAD7A64A8BD}] => (Allow) H:\Steam\SteamApps\common\Sid Meier's Railroads\RailRoads.exe
FirewallRules: [{00695760-C48D-49F1-AD21-C762D424F365}] => (Allow) H:\Steam\SteamApps\common\Sid Meier's Railroads\RailRoads.exe
FirewallRules: [TCP Query User{F91F64AB-12FE-409D-BCBB-81F5362D936B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{622B51C0-24BA-4515-8758-64A32B3CE5B8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6A14EE75-3211-4610-AC49-0D3FF5349E19}] => (Allow) H:\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{7AF7444D-D6CA-4413-A398-8C2163D0BF9A}] => (Allow) H:\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{B4DAE811-D167-4266-B8AA-845AD974576F}] => (Allow) H:\Steam\SteamApps\common\SotA\Shroud of the Avatar.exe
FirewallRules: [{C1F97C40-8073-40B5-A976-85F84296F532}] => (Allow) H:\Steam\SteamApps\common\SotA\Shroud of the Avatar.exe
FirewallRules: [{53F2C990-A2DA-4F92-935B-EDE02CF0E4F9}] => (Allow) H:\Steam\SteamApps\common\Command and Conquer Red Alert 3\runme.exe
FirewallRules: [{7F05BCBB-D2EC-401C-B52D-961137C7FDDD}] => (Allow) H:\Steam\SteamApps\common\Command and Conquer Red Alert 3\runme.exe
FirewallRules: [{5AE6FC48-5F73-44B2-B2C1-143B15033F95}] => (Allow) H:\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{7DE8E666-F063-4C36-B821-532D06F66A9F}] => (Allow) H:\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{101540EC-D5D2-4F6E-84F9-785E1CC68145}] => (Allow) H:\Steam\SteamApps\common\The Repopulation\Launcher.exe
FirewallRules: [{9DBDCBDA-ADA3-426A-89B9-1AB8BDA7287C}] => (Allow) H:\Steam\SteamApps\common\The Repopulation\Launcher.exe
FirewallRules: [TCP Query User{2515F28D-425B-4883-80CF-8400D51D4DB6}H:\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) H:\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game
FirewallRules: [UDP Query User{2EC13CFE-30D0-4AC0-9E85-3FE4A4A0214A}H:\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) H:\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game
FirewallRules: [TCP Query User{AAE050B1-966B-4AC4-A882-5F906B722D04}H:\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) H:\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [UDP Query User{53E0FD64-CF24-4E02-9861-A21361DC528D}H:\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) H:\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe
FirewallRules: [TCP Query User{D56D19C3-9398-4ED3-BEAF-1DC2B0862D3F}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{7FEC941E-17B2-463C-9B92-C850D8E95710}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{6FD9E717-76DF-4640-BB3E-C354FE09AFD0}] => (Allow) H:\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{E1794D0E-20F4-4A49-AEC8-3AAF7A7FAE38}] => (Allow) H:\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{DF9E89B7-8503-4FC1-8968-00C5E09F077C}] => (Allow) H:\Steam\SteamApps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [{19031BA7-B34A-4852-86B5-D57BFAD88762}] => (Allow) H:\Steam\SteamApps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [TCP Query User{28F52CFD-A2E2-4367-984A-7AD14833AFF0}H:\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) H:\steam\steamapps\common\war for the overworld\wftogame.exe
FirewallRules: [UDP Query User{8DC4CDDE-1155-402B-B833-AAC40E6F5C8D}H:\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) H:\steam\steamapps\common\war for the overworld\wftogame.exe
FirewallRules: [{8A28F6C0-A928-4DAC-8694-0639DAF12571}] => (Allow) H:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{315B8A79-0079-4127-B97A-EB174E779EC6}] => (Allow) H:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{36F72C7F-85A3-4474-8324-7B4162C722E5}] => (Allow) H:\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{244CEC43-59BD-45CC-91DF-200600764F9D}] => (Allow) H:\Steam\SteamApps\common\Sid Meier's Pirates!\Pirates!.exe
FirewallRules: [{0F593B45-8AFF-40F8-BE21-2BA5AADAE4C3}] => (Allow) H:\Steam\SteamApps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{D3156A28-95C7-4541-9F71-6A73B0E15AB4}] => (Allow) H:\Steam\SteamApps\common\Warmachine Tactics\WarmachineGame\Binaries\Win64\WarmachineGame-Win64-Shipping.exe
FirewallRules: [{FC0373A8-0050-483C-925F-6EF7B4D03702}] => (Allow) H:\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{4FC7B804-F26A-4178-BA7B-7392EEF8EE95}] => (Allow) H:\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{C3B9816B-65D7-41EB-A0BB-6A9F0EC1AAC3}] => (Allow) H:\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{47C5148F-7DCE-4BB1-B850-7F63DC6E83FE}] => (Allow) H:\Steam\SteamApps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{1080A05F-0FB9-4D2B-9B11-B579494191CC}] => (Allow) H:\Steam\SteamApps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{C70AA52A-89B9-44D2-9E99-71DC3BEA48EE}] => (Allow) H:\Steam\SteamApps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [TCP Query User{14242C8F-05D8-4757-92B8-A13F45D2224E}H:\spiele\gta5\gta5.exe] => (Allow) H:\spiele\gta5\gta5.exe
FirewallRules: [UDP Query User{8D0EFD80-B9AC-4DAE-AD09-AE3C35D75E78}H:\spiele\gta5\gta5.exe] => (Allow) H:\spiele\gta5\gta5.exe
FirewallRules: [{9DD51179-A615-4F5B-8FF3-BFDCF1A1FA23}] => (Allow) H:\Steam\SteamApps\common\mordheim\mordheim.exe
FirewallRules: [{8572FA97-AC2A-4357-9AFC-F3CB7BEC3FAB}] => (Allow) H:\Steam\SteamApps\common\mordheim\mordheim.exe
FirewallRules: [{3F0DCA11-F377-4CEE-BE4A-0E7DCF1CC392}] => (Allow) H:\Steam\SteamApps\common\Hardland\Hardland.exe
FirewallRules: [{0972CB78-59DF-4CB1-A24D-1A46BB20685F}] => (Allow) H:\Steam\SteamApps\common\Hardland\Hardland.exe
FirewallRules: [{EADDA8B9-F6C3-4805-8A30-24B26BC2972E}] => (Allow) H:\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{40A5D383-FE74-4AE2-9B01-F2A1D7007538}] => (Allow) H:\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [TCP Query User{AE15B1AF-8FDA-4500-AB3C-185EF9841DE3}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{EB444937-04D3-4561-9A88-3094B6A07892}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{E8269895-FC5F-4D79-914C-2A44E2220894}] => (Allow) H:\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [{36454850-4F80-41C0-9D60-04A042A389C5}] => (Allow) H:\Steam\SteamApps\common\Rust\legacy\rust.exe
FirewallRules: [TCP Query User{929905DE-7250-4EBC-9F2A-35B0FCA2E606}H:\spiele\heroes of might and magic v\bin\h5_game.exe] => (Allow) H:\spiele\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [UDP Query User{AC9F239A-75C8-4541-80E9-B692ADCC7973}H:\spiele\heroes of might and magic v\bin\h5_game.exe] => (Allow) H:\spiele\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [{7945BB1A-86A3-43FD-8655-97E3201533D3}] => (Allow) H:\Steam\SteamApps\common\Stronghold\Stronghold.exe
FirewallRules: [{12C48303-900E-450B-AABF-8066E185B0A4}] => (Allow) H:\Steam\SteamApps\common\Stronghold\Stronghold.exe
FirewallRules: [TCP Query User{36915616-1025-4C25-9C94-7CD3E17F571B}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{C30B407E-3115-4F1A-9192-96D078F7ECE6}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{1D56C22D-C800-46C2-B98D-C0C87404EB35}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{169A2172-8795-4D94-B525-8540513CD4F1}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{E5446CCA-9412-42B2-BF93-D5325E0A74B1}] => (Allow) H:\Ubisoft Game Launcher\games\Heroes6\Might & Magic Heroes VI.exe
FirewallRules: [{7106DE3E-6E52-4B69-9762-2C9B54F5FD5E}] => (Allow) H:\Ubisoft Game Launcher\games\Heroes6\Might & Magic Heroes VI.exe
FirewallRules: [TCP Query User{5EAC25DA-9E37-4628-9D8F-20F5F8B6A575}C:\gog games\homm 5 - tribes of the east\bin\h5_game.exe] => (Allow) C:\gog games\homm 5 - tribes of the east\bin\h5_game.exe
FirewallRules: [UDP Query User{BDBD77CB-9F51-456D-9438-539E96853602}C:\gog games\homm 5 - tribes of the east\bin\h5_game.exe] => (Allow) C:\gog games\homm 5 - tribes of the east\bin\h5_game.exe
FirewallRules: [{79218ED5-D018-46AB-A332-2794ABA43766}] => (Allow) G:\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{A6504A58-D1AF-4D65-A3C4-57482C00F1C3}] => (Allow) G:\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [TCP Query User{7B3E96B3-AEA9-4BEA-96F4-B4F9AC1AE516}H:\gog games\homm 5 - tribes of the east\bin\h5_game.exe] => (Allow) H:\gog games\homm 5 - tribes of the east\bin\h5_game.exe
FirewallRules: [UDP Query User{E28D183F-BC8C-44D2-AAB9-E7DF5873B8F9}H:\gog games\homm 5 - tribes of the east\bin\h5_game.exe] => (Allow) H:\gog games\homm 5 - tribes of the east\bin\h5_game.exe
FirewallRules: [{A1776823-5CAB-4479-8171-F0F54F324B84}] => (Allow) H:\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{DAE5B322-D9B3-4F7A-AF76-E4C657EA7F5D}] => (Allow) H:\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{EDA9FEEA-1029-441F-AA6C-FC9ABB6298DA}] => (Allow) G:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{C2EB10B1-FA15-44F9-B613-C13F30613179}] => (Allow) G:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{38CFADC9-644C-4B9B-AE39-82DD44AF7F29}] => (Allow) G:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{EC899006-5D5F-4396-B41A-1EE54DD5F3D5}] => (Allow) G:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{A416D4EC-CB1E-45B2-BB5E-130AA86D84AA}] => (Allow) G:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameOldLoad.exe
FirewallRules: [{80FCC500-25A7-4874-B4AD-3EC3498DE371}] => (Allow) G:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameOldLoad.exe
FirewallRules: [{E457EA28-5DBB-48DC-BC68-9F220C4A6C2E}] => (Allow) H:\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{CFEA1A53-2AEE-4FAB-AA47-452F9476B825}] => (Allow) H:\Steam\SteamApps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{BD3BBF97-12B3-4E39-B2DD-6A2609D4D8FA}] => (Allow) H:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{E804A7DA-5F52-45C5-B096-A0A35E03D453}] => (Allow) H:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{70BCC6F5-F130-40ED-9520-2D6E0C4BD008}] => (Allow) H:\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{07BEAF91-F7DC-4ADF-A898-DBEDE352603B}] => (Allow) H:\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{26D1D36B-6773-40F7-A24A-33DB7692C613}] => (Allow) H:\Steam\SteamApps\common\Cosmonautica\bin\CosmoNautica.exe
FirewallRules: [{E185DBEE-B0C6-41E7-AD7F-A071B0912BDE}] => (Allow) H:\Steam\SteamApps\common\Cosmonautica\bin\CosmoNautica.exe
FirewallRules: [{0CE01030-1962-4C66-8FFF-DCDCD55A56B4}] => (Allow) H:\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{EADDA7D7-CBC6-4106-A6FC-D6DF746D538D}] => (Allow) H:\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{1641F4F7-D2B9-4223-A28E-8C9A5063CB16}] => (Allow) H:\Steam\SteamApps\common\Overlord\Overlord.exe
FirewallRules: [{80214D14-9B14-48CF-9DDC-E1FE63139F0F}] => (Allow) H:\Steam\SteamApps\common\Overlord\Overlord.exe
FirewallRules: [{095FB0D8-8AD3-433C-A017-DACC550E5DC0}] => (Allow) H:\Steam\SteamApps\common\Overlord\Config.exe
FirewallRules: [{B65D4F6B-3C9A-4D32-9B1D-7F48CC0EBED4}] => (Allow) H:\Steam\SteamApps\common\Overlord\Config.exe
FirewallRules: [{FB84226D-146B-4AE8-99F0-990E5BEB500D}] => (Allow) H:\Steam\SteamApps\common\Better Late Than Dead\BLTD.exe
FirewallRules: [{393F55E8-ABF6-4CB3-B1DB-839D31FEDD77}] => (Allow) H:\Steam\SteamApps\common\Better Late Than Dead\BLTD.exe
FirewallRules: [{CD1E8BAF-ED26-4D44-A6C8-5AA55C766A7A}] => (Allow) H:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{CF81DB99-6321-473F-A06C-0ECB3DBFA019}] => (Allow) H:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{2C9EA1D4-EF1C-434E-904B-B04096EE19AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{565A5588-58CB-43F6-841F-53F4E76D994B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C2409778-0346-4EB9-BCB3-5BFDE6F949F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{747139C1-7EE7-4DC1-898F-EB76F9AEB5B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0FE16AE5-78C9-4AEE-B43B-5151D4BFF10C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{18D0493A-0CD0-41F4-8A5B-D3CCC829DC4B}] => (Allow) H:\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{26BD82C5-027D-471E-BF46-A9A5766ADBAC}] => (Allow) H:\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [TCP Query User{A79A27C3-5B29-4549-8B66-36CFDC98AE92}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{EC733A6D-FD88-4B57-BE6B-058CB192FCCC}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{6D8A39B4-666A-4944-90A4-39BE6869B075}] => (Allow) H:\Steam\SteamApps\common\Betrayer\Binaries\Win32\Betrayer.exe
FirewallRules: [{0974273C-22F1-44EA-809A-4183437F2962}] => (Allow) H:\Steam\SteamApps\common\Betrayer\Binaries\Win32\Betrayer.exe
FirewallRules: [{46169FD4-3FA4-4F34-BFA5-EB5B4022D572}] => (Allow) H:\Spiele\FF14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{44FDF0BC-DD8D-4269-8AD6-2657F0C5C0C4}] => (Allow) H:\Spiele\FF14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{94567EF6-4C80-4F50-92B3-C780FA1F9FEF}] => (Allow) H:\Spiele\FF14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{8C662776-88A6-47D7-9184-912086665325}] => (Allow) H:\Spiele\FF14\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [TCP Query User{EDDC0839-E449-4576-AAAA-1AFFE8B5541C}H:\starmade-launcher-win32-x64\dep\java\jre1.8.0_45\bin\java.exe] => (Allow) H:\starmade-launcher-win32-x64\dep\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{E7E1DB42-69F6-4B0A-9306-9AF255D3D2EA}H:\starmade-launcher-win32-x64\dep\java\jre1.8.0_45\bin\java.exe] => (Allow) H:\starmade-launcher-win32-x64\dep\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{559DD756-FCC5-4BEC-9BE0-C4CE20291A0F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{74599FDC-C88C-4E06-B0AD-C419CFD00C2D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{6CEE1B6E-B801-437D-89DC-477D766D72BD}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{264592C0-ED3F-442E-BA3A-778C25E389D7}] => (Allow) H:\Steam\SteamApps\common\Realm of Perpetual Guilds\Game.exe
FirewallRules: [{5B182601-B129-449E-9603-93051C292FBE}] => (Allow) H:\Steam\SteamApps\common\Realm of Perpetual Guilds\Game.exe
FirewallRules: [{42E589E8-23C6-43A9-A0DC-6C7BE43B5B65}] => (Allow) H:\Steam\SteamApps\common\Butsbal\Butsbal.exe
FirewallRules: [{812D9DFB-74E2-42E0-B85D-1F0D1FD7C013}] => (Allow) H:\Steam\SteamApps\common\Butsbal\Butsbal.exe
FirewallRules: [{7AFB3F7F-DD56-4FEB-B4EF-3116E1EC8E79}] => (Allow) H:\Steam\SteamApps\common\Eron\eron.exe
FirewallRules: [{C61CF4A4-962A-445E-B10D-1ACB028CF32D}] => (Allow) H:\Steam\SteamApps\common\Eron\eron.exe
FirewallRules: [{940F3595-8516-4534-8E1D-BA6F52C067A4}] => (Allow) H:\Steam\SteamApps\common\Musclecar Online\MusclecarOnline.exe
FirewallRules: [{2A10C8DC-9FD5-45EC-99BF-687D43709684}] => (Allow) H:\Steam\SteamApps\common\Musclecar Online\MusclecarOnline.exe
FirewallRules: [{9BA0B9E1-E31B-4E3D-8096-76193AEC645D}] => (Allow) H:\Steam\SteamApps\common\Agapan\Agapan.exe
FirewallRules: [{8629E1E6-0D2C-441E-AF56-EC60B43C6C0D}] => (Allow) H:\Steam\SteamApps\common\Agapan\Agapan.exe
FirewallRules: [{2C9F0154-0E08-4F72-A476-D3ABE99F61C0}] => (Allow) H:\Steam\SteamApps\common\Arachnid Games\BPU.exe
FirewallRules: [{910C25E0-BCEA-4088-BF23-AFB90162EEEC}] => (Allow) H:\Steam\SteamApps\common\Arachnid Games\BPU.exe
FirewallRules: [{C04FE490-DD5F-4864-BEC5-6A45D9BD8758}] => (Allow) H:\Steam\SteamApps\common\Vintage Year\Vintage Year.exe
FirewallRules: [{8A1A559D-16BB-43C6-B0C6-452BEF780DDF}] => (Allow) H:\Steam\SteamApps\common\Vintage Year\Vintage Year.exe
FirewallRules: [{AA0FE1D3-20CC-4992-89EA-9EE9A4FE8DBA}] => (Allow) H:\Steam\SteamApps\common\Dungeon Crawlers HD\Dungeon Crawlers HD.exe
FirewallRules: [{79B1E17A-7AC7-415C-B2F9-0658C672E880}] => (Allow) H:\Steam\SteamApps\common\Dungeon Crawlers HD\Dungeon Crawlers HD.exe
FirewallRules: [{FDE90DD9-9442-4B09-9A5B-F1C570DB68B8}] => (Allow) H:\Steam\SteamApps\common\Dungeon Crawlers HD\Dungeon Crawlers HD_DirectToRift.exe
FirewallRules: [{19B36546-4B8D-4E2E-BFAF-94D0998623D0}] => (Allow) H:\Steam\SteamApps\common\Dungeon Crawlers HD\Dungeon Crawlers HD_DirectToRift.exe
FirewallRules: [{0F658B9E-3F54-466C-9EE5-A5B4D1610161}] => (Allow) H:\Steam\SteamApps\common\Man Alive Game\ManAlive.exe
FirewallRules: [{2BFC4F4A-228A-4C86-B808-09AE116A008C}] => (Allow) H:\Steam\SteamApps\common\Man Alive Game\ManAlive.exe
FirewallRules: [{3B45162E-B9EC-4116-B700-A6DECFD93755}] => (Allow) H:\Steam\SteamApps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe
FirewallRules: [{E858FF1A-2BDC-4BDA-8C63-75139C03246F}] => (Allow) H:\Steam\SteamApps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe
FirewallRules: [{73D06EA7-8580-4A7B-ADE8-B2A3FCD9EE93}] => (Allow) H:\Steam\SteamApps\common\Angels of Fasaria 2D RPG\Angels of Fasaria.exe
FirewallRules: [{88788083-2522-4390-A60F-058DC1AF49AD}] => (Allow) H:\Steam\SteamApps\common\Angels of Fasaria 2D RPG\Angels of Fasaria.exe
FirewallRules: [{5F2B46E6-F913-4B13-B206-5E0D60E52CFB}] => (Allow) H:\Steam\SteamApps\common\Angels of Fasaria 2D RPG\Angels of Fasaria Online.exe
FirewallRules: [{63EC86F3-6287-42BB-A037-3A5A521C6748}] => (Allow) H:\Steam\SteamApps\common\Angels of Fasaria 2D RPG\Angels of Fasaria Online.exe
FirewallRules: [{D865B0E0-8810-4CB2-BDEA-F8996F352349}] => (Allow) H:\Steam\SteamApps\common\Angels of Fasaria 2D RPG\Angels_of_Fasaria_DLL_Set_Up.exe
FirewallRules: [{D394048F-A01C-40E9-99A0-33F0A38E58EE}] => (Allow) H:\Steam\SteamApps\common\Angels of Fasaria 2D RPG\Angels_of_Fasaria_DLL_Set_Up.exe
FirewallRules: [{1A7C0F8E-CF60-47DA-BF51-4FEA8D7ABC46}] => (Allow) H:\Steam\SteamApps\common\Angels of Fasaria 2D RPG\Ancients of Fasaria BT.exe
FirewallRules: [{984214B7-AEFC-45C3-88B9-A43C49A00439}] => (Allow) H:\Steam\SteamApps\common\Angels of Fasaria 2D RPG\Ancients of Fasaria BT.exe
FirewallRules: [{574159D0-9846-4801-ABF5-666BDC262786}] => (Allow) H:\Steam\SteamApps\common\Spandex Force - Champion Rising\SpandexForceChampionRising.exe
FirewallRules: [{CF86B9D9-88E1-48D1-AD3E-E2106B8CB632}] => (Allow) H:\Steam\SteamApps\common\Spandex Force - Champion Rising\SpandexForceChampionRising.exe
FirewallRules: [{A2F42F1E-6BAD-482B-855A-EA89CC9D47C2}] => (Allow) H:\Steam\SteamApps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{30D92378-2B43-49B7-9894-B2DBBD0691B7}] => (Allow) H:\Steam\SteamApps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{9365B261-CFEB-41ED-AAD4-6D3E6AB96982}] => (Allow) H:\Steam\SteamApps\common\Empyrion - Galactic Survival\Empyrion.exe
FirewallRules: [{F2D8D04B-4FBD-44C4-888C-23AD6CA00F4A}] => (Allow) H:\Steam\SteamApps\common\Empyrion - Galactic Survival\Empyrion.exe
FirewallRules: [{1EF02F5F-E18F-48A1-A7B1-BAACCF8B0D54}] => (Allow) H:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{66786BF2-BBCB-4B7A-9315-B8336260200B}] => (Allow) H:\Steam\SteamApps\common\Half-Life 2\hl2.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/17/2015 12:06:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2015 11:11:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2015 08:10:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2015 11:50:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2015 04:13:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2015 11:29:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2015 12:03:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 11:19:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 08:50:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 05:19:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/17/2015 12:06:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (08/17/2015 12:06:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (08/16/2015 11:11:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (08/16/2015 11:11:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (08/16/2015 08:10:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (08/16/2015 08:10:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (08/16/2015 11:50:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (08/16/2015 11:50:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (08/15/2015 04:13:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (08/15/2015 04:13:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)


Microsoft Office:
=========================
Error: (08/17/2015 12:06:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2015 11:11:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2015 08:10:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2015 11:50:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2015 04:13:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2015 11:29:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2015 12:03:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 11:19:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 08:50:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2015 05:19:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity:
===================================
  Date: 2015-08-17 18:42:12.691
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-17 17:31:19.282
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-17 17:16:25.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-17 17:10:23.096
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-17 15:58:55.189
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-17 12:06:26.909
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-16 23:46:11.977
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-16 23:11:41.696
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-16 20:41:00.371
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-16 20:30:53.830
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16325.55 MB
Verfügbarer physikalischer RAM: 12750.5 MB
Summe virtueller Speicher: 32649.31 MB
Verfügbarer virtueller Speicher: 29213.36 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:25.92 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:141.09 GB) NTFS
Drive f: (System Win7) (Fixed) (Total:244.14 GB) (Free:242.17 GB) NTFS
Drive g: (OCZ) (Fixed) (Total:232.88 GB) (Free:184.42 GB) NTFS
Drive h: (Daten Spiele Win7) (Fixed) (Total:687.37 GB) (Free:44.95 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6980076C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5627EACC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: B179B179)
Partition 1: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 82433076)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== Ende von Ergebnis ============================
         
PS : Ach ja der Firefox wurde mit einem Backupprogramm wieder übernommen. Kann ja sein das die Toolbar mal ausversehen auf dem letzten Rechner war und deswegen die Meldung nicht weggeht ? Es gab da mal Ärger mit einem Download von Giga oder Chip.

Geändert von Arsat (17.08.2015 um 18:09 Uhr)

Alt 18.08.2015, 10:35   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Meldungen von adwCleaner z.b. quickstores.toolbar.guid - Standard

Meldungen von adwCleaner z.b. quickstores.toolbar.guid



Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Meldungen von adwCleaner z.b. quickstores.toolbar.guid
anti-malware, appdata, avast, bericht, browser, dateien, download, explorer, file, firefox, gelöscht, google, internet explorer, löschen, malwarebytes, microsoft, mozilla, online, ordner, roaming, scan, server, software, virus, virus total, windows



Ähnliche Themen: Meldungen von adwCleaner z.b. quickstores.toolbar.guid


  1. Yahoo Toolbar drängelt vor, AVG Securtiy Toolbar nicht löschbar, Werbung poppt auf trotz Firewall
    Plagegeister aller Art und deren Bekämpfung - 23.09.2015 (31)
  2. AdwCleaner Log Auswertung
    Log-Analyse und Auswertung - 24.10.2014 (3)
  3. AdwCleaner
    Log-Analyse und Auswertung - 23.10.2014 (5)
  4. AdwCleaner Log Auswertung
    Log-Analyse und Auswertung - 30.06.2014 (3)
  5. AdwCleaner vs. APPL/Downloader.Gen = alles ok! Aber wie werde ich nun AdwCleaner 3.212 wieder los?
    Plagegeister aller Art und deren Bekämpfung - 14.06.2014 (5)
  6. AdwCleaner 3.202
    Antiviren-, Firewall- und andere Schutzprogramme - 24.04.2014 (1)
  7. AdwCleaner 3.023
    Antiviren-, Firewall- und andere Schutzprogramme - 24.04.2014 (24)
  8. Virenalarm bei AdwCleaner
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (17)
  9. adwcleaner
    Log-Analyse und Auswertung - 22.12.2013 (5)
  10. AdwCleaner Quarantine
    Plagegeister aller Art und deren Bekämpfung - 26.10.2013 (5)
  11. Windows 7 "PUP Babylon Toolbar" und "a variant of Win32/Bundled.Toolbar.Ask.D" gefunden
    Log-Analyse und Auswertung - 26.09.2013 (9)
  12. Probleme mit AdwCleaner
    Plagegeister aller Art und deren Bekämpfung - 05.09.2013 (19)
  13. wie entferne ich Utility Chest Internet Explorer Toolbar Utility Chest Firefox Toolbar?
    Plagegeister aller Art und deren Bekämpfung - 23.07.2013 (32)
  14. mapsgalaxy toolbar und mindspark toolbar platform plugin stub - wie entfernen?
    Log-Analyse und Auswertung - 08.05.2013 (8)
  15. Entrusted Toolbar und DVDVideoSoftTB Toolbar lassen sich nicht deinstaliern
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (4)

Zum Thema Meldungen von adwCleaner z.b. quickstores.toolbar.guid - Hallo. Ich scanne regelmässig alles was ich mache. Hab Avast als Virenscanner und lasse Malwarebytes Anti-Malware regelmässig laufen. Jetzt habe ich wegen Mausproblemen (waren aber hardwareprobleme wie es scheint) mal - Meldungen von adwCleaner z.b. quickstores.toolbar.guid...
Archiv
Du betrachtest: Meldungen von adwCleaner z.b. quickstores.toolbar.guid auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.