Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Werbung (Sound) im Hintergrund

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.09.2015, 05:42   #1
mineller
 
Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



Hallo trojaner-board

ich habe seit einiger Zeit immer mal wieder das Problem dass im Hintergrund einfach irgendwelche Werbung abgespielt wird. Also ich höre immer nur den Ton dieser Werbung, es hört sich nach ganz normaler Radio/TV Werbung an. Bin jetzt nur etwas besorgt, dass das etwas schlimmeres ist. Habe mal Logfiles gemacht mit FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Ramón3006 (Administrator) auf RAMÓN (22-09-2015 06:29:56)
Gestartet von C:\Users\Ramón3006\Downloads
Geladene Profile: Ramón3006 (Verfügbare Profile: Ramón3006)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files (x86)\001_Tools\AVAST\AvastSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVAST Software) C:\Program Files (x86)\001_Tools\AVAST\afwServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Hi-Rez Studios) E:\Games\Other\Smite\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files (x86)\001_Tools\AVAST\AvastUI.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files (x86)\001_Tools\AVAST\AvastUI.exe [6111824 2015-08-28] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [EADM] => E:\Games\Origin\Origin.exe [3632472 2015-05-03] (Electronic Arts)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2169640 2013-10-17] (Palit Microsystems Ltd.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] ()
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Ramón3006\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [GoogleChromeAutoLaunch_3B13B70C9998CC9CF6CE6FEC2F0D6633] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [871240 2015-09-12] (Google Inc.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\RunOnce: [Uninstall C:\Users\Ram�n3006\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ramón3006\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\RunOnce: [Uninstall C:\Users\Ram�n3006\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ramón3006\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\RunOnce: [Uninstall C:\Users\Ram�n3006\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ramón3006\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\001_Tools\AVAST\ashShA64.dll [2015-08-28] (AVAST Software)
Startup: C:\Users\Ramón3006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2014-01-31]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6a6f050c-4c99-4efb-ac56-7d66db5e7df9}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.lycle.net/
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.lycle.net/
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM -> {CB127E1A-135A-4672-BE00-0D3162B1E50B} URL = hxxps://www.lycle.net/de/results/10/{searchTerms}
SearchScopes: HKLM-x32 -> {CB127E1A-135A-4672-BE00-0D3162B1E50B} URL = hxxps://www.lycle.net/de/results/10/{searchTerms}
SearchScopes: HKU\S-1-5-21-3924869158-273311228-3757889127-1001 -> DefaultScope {F47AA529-9ABD-455A-9D25-9C7BEE3DD958} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3924869158-273311228-3757889127-1001 -> {CB127E1A-135A-4672-BE00-0D3162B1E50B} URL = hxxps://www.lycle.net/de/results/10/{searchTerms}
SearchScopes: HKU\S-1-5-21-3924869158-273311228-3757889127-1001 -> {F47AA529-9ABD-455A-9D25-9C7BEE3DD958} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-12-18] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\001_Tools\AVAST\aswWebRepIE64.dll [2015-08-28] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\001_Tools\AVAST\aswWebRepIE.dll [2015-08-28] (AVAST Software)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://de.search.yahoo.com/?type=402027&fr=spigot-yhp-ff
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3924869158-273311228-3757889127-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ramón3006\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default\user.js [2015-02-24]
FF SearchPlugin: C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default\searchplugins\yahoo_ff.xml [2014-04-13]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-18]
FF Extension: Video DownloadHelper - C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-06-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files (x86)\001_Tools\AVAST\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files (x86)\001_Tools\AVAST\WebRep\FF [2013-12-19]

Chrome: 
=======
CHR HomePage: Default -> hxxp://de.search.yahoo.com/?type=402027&fr=spigot-yhp-ch
CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Profile: C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-12-21]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2013-12-15]
CHR Extension: (BetterTTV) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-03-06]
CHR Extension: (Google Docs) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-13]
CHR Extension: (Google Drive) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-13]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-02-28]
CHR Extension: (YouTube) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-13]
CHR Extension: (Adblock Plus) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-25]
CHR Extension: (Google-Suche) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-13]
CHR Extension: (RocketBeansTV Mission Control) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcfomalfggghgohbinjpgibmbjpelndf [2015-05-07]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-19]
CHR Extension: (Imagus) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2014-03-02]
CHR Extension: (Speed Dial 2) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2014-04-29]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-03-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Webcam Toy) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-13]
CHR Extension: (Google Mail) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files (x86)\001_Tools\AVAST\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-09-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files (x86)\001_Tools\AVAST\WebRep\Chrome\aswWebRepChrome.crx [2015-04-29]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files (x86)\001_Tools\AVAST\AvastSvc.exe [146600 2015-08-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files (x86)\001_Tools\AVAST\afwServ.exe [109008 2015-08-28] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-20] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
U2 HiPatchService; E:\Games\Other\Smite\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; E:\Games\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2014-03-28] (Google Inc)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [19456 2014-05-08] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-28] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-28] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-28] (AVAST Software)
S3 EvolveVirtualAdapter; C:\Windows\system32\DRIVERS\evolve.sys [21656 2014-05-10] (Echobit, LLC)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-23] (REALiX(tm))
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-21] (Intel Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Datei ist nicht signiert]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [242688 2013-04-24] (QUALCOMM Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2013-12-31] (Nicomsoft Ltd.)
S2 VBoxAswDrv; \??\C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\VBoxAswDrv.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-22 06:29 - 2015-09-22 06:30 - 00027777 _____ C:\Users\Ramón3006\Downloads\FRST.txt
2015-09-22 06:29 - 2015-09-22 06:29 - 02191360 _____ (Farbar) C:\Users\Ramón3006\Downloads\FRST64.exe
2015-09-22 06:29 - 2015-09-22 06:29 - 00000000 ____D C:\FRST
2015-09-22 06:24 - 2015-09-22 06:24 - 00016148 _____ C:\WINDOWS\system32\RAMÓN_Ramón3006_HistoryPrediction.bin
2015-09-21 06:27 - 2015-09-22 06:24 - 00004050 _____ C:\WINDOWS\PFRO.log
2015-09-21 06:22 - 2015-09-21 06:22 - 00001358 _____ C:\Users\Ramón3006\Desktop\Revo Uninstaller.lnk
2015-09-21 06:22 - 2015-09-21 06:22 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-21 06:21 - 2015-09-21 06:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ramón3006\Downloads\revosetup95.exe
2015-09-20 06:40 - 2015-09-20 06:40 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-20 06:40 - 2015-09-20 06:40 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-09-17 03:17 - 2015-09-17 18:31 - 00000000 ___RD C:\Users\Ramón3006\3D Objects
2015-09-16 05:34 - 2015-09-22 06:24 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-16 05:34 - 2015-09-21 21:39 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-15 17:55 - 2015-09-15 17:55 - 00002405 _____ C:\Users\Ramón3006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-12 23:35 - 2015-09-12 23:35 - 00929360 _____ (Google Inc.) C:\Users\Ramón3006\Downloads\ChromeSetup.exe
2015-09-12 12:30 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-12 12:30 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-12 12:30 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-12 12:30 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-12 12:30 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-12 12:30 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-12 12:30 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-12 12:30 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-12 12:30 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-12 12:30 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-12 12:30 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-12 12:30 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-12 12:30 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-12 12:30 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-12 12:30 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-12 12:30 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-12 12:30 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-12 12:30 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-12 12:30 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-12 12:30 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-12 12:30 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-12 12:30 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-12 12:30 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-12 12:30 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-12 12:30 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-12 12:30 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-12 12:30 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-12 12:30 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-12 12:30 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-12 12:30 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-12 12:30 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-12 12:30 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-31 17:42 - 2015-08-31 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-29 16:54 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 16:54 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 16:54 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 16:54 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 16:54 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 16:54 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 16:54 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 16:54 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 16:54 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 16:54 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 16:54 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 16:54 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 16:54 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 16:54 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 16:54 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 16:54 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 16:54 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 16:54 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 16:54 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 16:54 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 16:54 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 16:54 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 16:54 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 16:54 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 16:54 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 16:54 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 16:54 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 16:54 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 16:54 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 16:54 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 16:54 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 16:54 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 16:54 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 16:54 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 16:54 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 16:54 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 16:54 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-28 06:21 - 2015-08-28 06:21 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00454016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-28 06:21 - 2015-08-28 06:21 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-28 06:21 - 2015-08-28 06:21 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00004008 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-22 06:29 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-22 06:28 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-22 06:27 - 2015-08-02 12:16 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1EEB137D-4B82-4D44-86D8-3A9179E5BCA8}
2015-09-22 06:26 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-22 06:25 - 2013-12-14 00:58 - 00000000 ____D C:\Users\Ramón3006\AppData\Roaming\Skype
2015-09-22 06:24 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-22 06:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-22 06:24 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-22 06:24 - 2014-06-01 11:35 - 00000000 ____D C:\Users\Ramón3006\.rainlendar2
2015-09-22 06:24 - 2013-12-13 23:19 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-22 06:23 - 2014-09-18 12:31 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Adobe
2015-09-21 21:44 - 2014-04-28 11:31 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Battle.net
2015-09-21 21:38 - 2014-02-01 19:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-21 21:34 - 2013-12-15 22:41 - 00000000 ____D C:\Users\Ramón3006\AppData\Roaming\vlc
2015-09-21 21:09 - 2014-10-11 16:22 - 00000408 _____ C:\WINDOWS\Tasks\update-sys.job
2015-09-21 20:53 - 2014-10-11 16:22 - 00000408 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3924869158-273311228-3757889127-1001.job
2015-09-21 19:22 - 2014-12-29 00:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-21 18:30 - 2013-12-21 16:33 - 00000000 ____D C:\ProgramData\ProductData
2015-09-21 06:33 - 2015-08-02 10:27 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-21 06:33 - 2015-07-10 18:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-21 06:33 - 2015-07-10 18:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-21 06:28 - 2013-12-14 14:32 - 10703360 ___SH C:\Users\Ramón3006\Desktop\Thumbs.db
2015-09-21 06:27 - 2015-07-10 14:20 - 05001552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-21 06:27 - 2014-12-18 12:13 - 00000262 _____ C:\WINDOWS\Tasks\ASC8_SkipUac_Ramón3006.job
2015-09-20 15:13 - 2015-07-29 16:31 - 00000000 ____D C:\Users\Ramón3006\Downloads\Floral Flyff Client
2015-09-20 13:02 - 2015-08-02 11:14 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-20 13:02 - 2014-12-18 12:13 - 00002104 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-09-19 17:55 - 2013-12-19 22:46 - 01296896 ___SH C:\Users\Ramón3006\Downloads\Thumbs.db
2015-09-17 03:17 - 2015-08-02 10:19 - 00000000 ____D C:\Users\Ramón3006
2015-09-16 18:00 - 2013-12-13 21:42 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Packages
2015-09-16 05:34 - 2013-12-13 21:54 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 05:34 - 2013-12-13 21:54 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 17:55 - 2015-08-02 11:12 - 00000000 ___RD C:\Users\Ramón3006\OneDrive
2015-09-14 18:01 - 2013-12-13 21:54 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Google
2015-09-13 01:12 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 01:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-12 21:47 - 2014-04-10 13:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-12 21:45 - 2013-12-13 22:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-12 21:45 - 2013-08-22 15:25 - 00000202 _____ C:\WINDOWS\win.ini
2015-09-01 06:21 - 2015-04-08 22:17 - 00000854 _____ C:\Users\Ramón3006\Desktop\smurf.txt
2015-08-31 17:43 - 2013-12-14 00:58 - 00000000 ____D C:\ProgramData\Skype
2015-08-31 17:42 - 2015-05-04 22:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-30 03:56 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-30 03:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-26 21:47 - 2014-04-30 17:09 - 00000000 ____D C:\Users\Ramón3006\Desktop\HS
2015-08-26 18:37 - 2013-12-13 22:18 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-23 04:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-04 22:09 - 2014-12-04 22:09 - 0000132 _____ () C:\Users\Ramón3006\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2015-04-12 20:51 - 2015-04-12 21:03 - 0000559 _____ () C:\Users\Ramón3006\AppData\Roaming\droid4xinstaller.log
2014-02-28 20:06 - 2014-02-28 20:09 - 0099384 _____ () C:\Users\Ramón3006\AppData\Roaming\inst.exe
2014-02-28 20:06 - 2014-02-28 20:09 - 0007859 _____ () C:\Users\Ramón3006\AppData\Roaming\pcouffin.cat
2014-02-28 20:06 - 2014-02-28 20:09 - 0001167 _____ () C:\Users\Ramón3006\AppData\Roaming\pcouffin.inf
2014-02-28 20:06 - 2014-02-28 20:09 - 0000055 _____ () C:\Users\Ramón3006\AppData\Roaming\pcouffin.log
2014-02-28 20:06 - 2014-02-28 20:09 - 0082816 _____ (VSO Software) C:\Users\Ramón3006\AppData\Roaming\pcouffin.sys
2015-03-14 20:46 - 2015-03-31 19:03 - 2424370 _____ () C:\Users\Ramón3006\AppData\Roaming\ramÓn64
2014-05-01 13:21 - 2014-05-07 19:44 - 0001399 _____ () C:\Users\Ramón3006\AppData\Roaming\SpeedRunnersLog.txt
2014-10-11 16:22 - 2014-10-11 16:22 - 0000003 _____ () C:\Users\Ramón3006\AppData\Local\updater.log
2014-10-11 16:22 - 2015-04-24 00:55 - 0000424 _____ () C:\Users\Ramón3006\AppData\Local\UserProducts.xml
2015-08-02 10:19 - 2015-08-02 10:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-16 15:55 - 2015-02-16 15:55 - 0000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-17 03:16

==================== Ende von FRST.txt ============================
         

Alt 22.09.2015, 05:43   #2
mineller
 
Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



Hier noch die Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Ramón3006 (2015-09-22 06:30:19)
Gestartet von C:\Users\Ramón3006\Downloads
Windows 10 Pro (X64) (2015-08-02 09:08:21)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3924869158-273311228-3757889127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3924869158-273311228-3757889127-503 - Limited - Disabled)
Gast (S-1-5-21-3924869158-273311228-3757889127-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3924869158-273311228-3757889127-1007 - Limited - Enabled)
Ramón3006 (S-1-5-21-3924869158-273311228-3757889127-1001 - Administrator - Enabled) => C:\Users\Ramón3006

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.35 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Akamai NetSession Interface (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version:  - Brace Yourself Games)
Device Simulation Framework 1.0.1 (HKLM\...\{C7966AB3-A8D9-48D5-B7DF-922674C40098}) (Version: 1.0.1 - Microsoft)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Droid4X (HKLM-x32\...\Droid4X) (Version: 0.7.5 - Haiyu Dongxiang Co.,Ltd.)
Dying Light (HKLM-x32\...\Steam App 239140) (Version:  - Techland)
Façade (HKLM-x32\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version:  - Telltale Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hand Of Fate (HKLM-x32\...\Steam App 266510) (Version:  - Defiant Development)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IMVU Avatar Chat Software (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
IncrediMail (x32 Version: 6.6.0.5288 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5288 - IncrediMail Ltd.)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.2 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.11.3.0 - LG Electronics)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
MagmaFlyff Live (HKLM-x32\...\MagmaFlyffLive) (Version: Live - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mortal Kombat X Premium Edition MULTi2 1.0 (HKLM-x32\...\Mortal Kombat X Premium Edition MULTi2 1.0) (Version:  - )
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-22ca718a-9ec7-443a-b826-b5854b5969e9) (Version:  - Epic Games, Inc.)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{123F0CCE-21AA-401D-A335-3EDF9C13AA52}) (Version: 1.6.9 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Office Trial Extender (HKLM-x32\...\{F18ADBD4-320F-4A67-9709-0FE9412BB0FA}_is1) (Version: 1.0.0.7 - pXc-coding.com)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Rainbow Six Siege - Closed Alpha (HKLM-x32\...\Uplay Install 1001) (Version:  - Ubisoft)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2151.6 - Hi-Rez Studios)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Tales from the Borderlands (HKLM-x32\...\Steam App 330830) (Version:  - Telltale Games)
TeamSpeak 3 Client (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Sims 4 Deluxe DLC Edition (HKLM-x32\...\The Sims 4 Deluxe DLC Edition) (Version: 1.01 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.5.139.1020 - Electronic Arts Inc.)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02) (Version:  - )
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.7.4 - Palit Microsystems Ltd.)
Torchlight 2 (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}) (Version: 1.21.2.1 - )
TowerFall Ascension (HKLM-x32\...\Steam App 251470) (Version:  - Matt Thorson)
Unity Web Player (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.9 r0 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.9 r0 - YGOPro DevPro Online)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

05-09-2015 03:30:38 Geplanter Prüfpunkt
12-09-2015 12:44:24 Windows Update
12-09-2015 12:45:56 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04459155-1E44-445E-920B-45EB176433AD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0D5C1DE0-88CE-44D1-B026-8C5951C98FA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0EB632B7-59A6-428C-9DC6-52CBFDB04147} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2013-10-17] (Palit Microsystems Ltd.)
Task: {12C6B58A-0CCD-4757-8EA4-07587CDD32D7} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit)
Task: {14AB0F57-C96E-49CF-A1A8-E9E2AABF5846} - System32\Tasks\Uninstaller_SkipUac_Ramón3006 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit)
Task: {186348D0-3EA6-4F59-ADC4-EF24D1A008FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {23C6F723-BAA2-4374-A72F-33896D00A2D5} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {259F663F-D581-4F3A-9575-36130600073D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {27542B9E-B2CD-4F19-A1B3-8E7B93027557} - System32\Tasks\ASC8_SkipUac_Ramón3006 => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-12-10] (IObit)
Task: {3A755139-3C6F-42F8-BBA1-62FEE09552C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3EE4CE06-1CCF-4D9D-9EDB-36DD979D94E0} - \StartMenuAutoupdate -> Keine Datei <==== ACHTUNG
Task: {50B14A94-82A4-4001-9F29-34410AA5C863} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {50B50D79-BAB6-42EF-82DA-D63493273D8E} - System32\Tasks\update-S-1-5-21-3924869158-273311228-3757889127-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {5C7CB0BB-00D5-458F-8764-4BFEE7AFAABB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-07-06] (IObit)
Task: {6AEC788C-1839-4DF4-A6B3-C6A121A6EADD} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {6C23AD68-3A03-4045-B546-D177124221A9} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ramon@walia-online.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {750B006A-7A3E-4A46-80B6-81996051DAF1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {844ED8EB-8EFF-4289-8ADF-535A590A525B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {8BF31DB1-05CD-4CD4-B95C-046A5A65B0FE} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A07C1BD9-B189-42EB-B053-D163E332F061} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {A4BAB66F-CB44-4F83-9436-0B17837986D4} - System32\Tasks\Driver Booster SkipUAC (Ramón3006) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit)
Task: {AC02FE26-8DF4-4AE0-8383-E1D237EAA7BD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {AF495A6A-E7AA-4B3A-A4BC-03216B34C41A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B3C7BBBD-A26D-45DE-864A-A87C329BB813} - System32\Tasks\avast! Emergency Update => C:\Program Files (x86)\001_Tools\AVAST\AvastEmUpdate.exe [2015-08-28] (AVAST Software)
Task: {BD563C9C-D348-4224-9D13-10B1154104E9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BF9C94BA-2FE4-47C5-95C3-2DCF42765FE9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DD0D11F6-891D-4CBF-AE00-F7CBB79636E8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {DF1A7FC0-F84E-48DD-A7E1-4005E19099B6} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-07-06] (IObit)
Task: {E7A73826-7A54-45AC-B5F0-73C6AD731488} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F32187A7-21D1-462C-AD7F-9FE86667A9A9} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {F6AA7A6F-7EAA-4C21-9F41-FE6AEFBBA545} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {F8D64133-12A3-493E-9516-481D790231E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Ramón3006.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Ramón3006.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3924869158-273311228-3757889127-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-02 11:11 - 2015-08-02 11:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2013-12-13 23:19 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 18:03 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-29 16:54 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 16:54 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-08-11 23:27 - 2015-08-03 03:09 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-02 11:11 - 2015-08-02 11:11 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-08-11 23:27 - 2015-08-03 03:09 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-08-19 18:03 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-11 23:27 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-08-11 23:27 - 2015-08-03 03:14 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-08-11 23:27 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 04411488 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-16 21:12 - 2012-05-16 21:12 - 00179200 _____ () C:\Program Files\Rainlendar2\lua52.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 00324608 _____ () C:\Program Files\Rainlendar2\libical.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 00082528 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 00080384 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2012-06-17 15:21 - 2012-06-17 15:21 - 00015360 _____ () C:\Program Files\Rainlendar2\lfs.dll
2015-09-16 05:39 - 2015-09-12 02:19 - 01868104 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libglesv2.dll
2015-09-16 05:39 - 2015-09-12 02:19 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libegl.dll
2014-12-18 12:13 - 2013-10-25 13:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-08-28 06:21 - 2015-08-28 06:21 - 00102864 _____ () C:\Program Files (x86)\001_Tools\AVAST\log.dll
2015-08-28 06:21 - 2015-08-28 06:21 - 00123976 _____ () C:\Program Files (x86)\001_Tools\AVAST\JsonRpcServer.dll
2015-09-21 20:37 - 2015-09-21 20:37 - 02965504 _____ () C:\Program Files (x86)\001_Tools\AVAST\defs\15092101\algo.dll
2013-12-21 16:52 - 2014-10-16 11:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-03-30 18:00 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-29 15:08 - 2015-04-29 15:08 - 40540672 _____ () C:\Program Files (x86)\001_Tools\AVAST\libcef.dll
2014-12-18 12:13 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-12-18 12:13 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-12-18 12:13 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Ramón3006\Cookies:gs5sys
AlternateDataStreams: C:\Users\Ramón3006\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Ramón3006\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Ramón3006\AppData\Local\Verlauf:gs5sys

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\sony.com -> sony.com

IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3924869158-273311228-3757889127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ramón3006\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\325670.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SearchSettings"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "THPanel"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2FB8A24D-0376-4926-AC79-B7604D411216}] => (Allow) E:\Games\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5964B619-84BC-48A3-B43E-4E0C13483288}] => (Allow) E:\Games\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F6AF50C4-BBD2-436B-BE95-557C890605ED}] => (Allow) E:\Games\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{D3A7875D-8F17-44FD-AEA1-CC336A7490DF}] => (Allow) E:\Games\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{796DE778-D107-46FB-A963-BC41FC682122}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{337006AF-EB3C-4597-B292-0A04B3DFCC24}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{74EEC085-A8A2-4A2F-AD65-951F87B5D815}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{CF85D655-BC06-494B-B069-BCB7627BFE49}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{6412694E-DF58-4A10-A1B0-F05B5F7D2947}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{CAC3143D-F931-445E-8359-C743CFEF6FE9}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{B02D9FC0-0E37-406E-B5DF-6917B2EC35BD}] => (Allow) E:\Games\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{D6A97BAE-4F6D-47F3-B888-A8890245F79C}] => (Allow) E:\Games\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{7FF28AC6-BB7D-4981-8FC9-0D8D7CB39292}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{2C9A1232-8E34-4DF3-85C9-AD1B6132066A}] => (Allow) E:\Tools\Droid4X\Droid4X.exe
FirewallRules: [{7DB2AE0F-EE40-4B08-B8B0-1F3846131773}] => (Allow) E:\Games\Steam\SteamApps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [{00CD05D0-E96D-4100-AC98-EDC8866A6763}] => (Allow) E:\Games\Steam\SteamApps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [UDP Query User{1C2691D3-02D2-4243-992F-158151099BA8}E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{966CB8D9-5347-46B5-8678-52BDABA14DD4}E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CFB62EAF-F9DB-4E8A-9A72-E9FB6C6D33F3}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F2D73BED-8C1B-4025-91A8-137555F7C2D1}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{941A2452-5B5C-4E15-81F5-ED4AD685C5EB}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A68151A6-70C7-4C50-8FEA-C2A54CF9B616}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{D6354C55-B302-46DE-A96B-1738E248659F}] => (Allow) E:\Games\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{91DB6EC6-FA46-462C-AB17-7F058992CE60}] => (Allow) E:\Games\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{0C016036-D7AE-4AA0-8087-33FC9AD91085}] => (Allow) E:\Games\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{7D8C0AF3-57B2-48C7-B182-DB954FA22674}] => (Allow) E:\Games\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{E196DB73-901B-4C0E-BC94-E55FEE28442A}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Sims 4 Deluxe DLC Edition\Game\Bin\TS4.exe
FirewallRules: [{AD99D958-D6C1-4EBA-8934-3715392D7547}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Sims 4 Deluxe DLC Edition\Game\Bin\TS4.exe
FirewallRules: [{E1A127CD-7040-46F2-965A-13A652634111}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{DEC5B9AD-17DA-43A3-A66C-A61053B3C668}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{1059797B-6040-414C-AC51-F4553C3EA93E}E:\games\other\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\games\other\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FAC8B13F-7923-47BB-84B9-4B1ADBF50B57}E:\games\other\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\games\other\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{6A295014-B1B0-493C-9FF5-81C769D7A9E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{101C5CD1-DDA7-4493-A3B9-454C93BF90C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34675F77-203D-4D65-8F17-683DE6D9AB56}] => (Allow) E:\Games\Uplay\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Alpha\RainbowSix.exe
FirewallRules: [{D10903AB-2A89-46C3-A0EC-CD5916690895}] => (Allow) E:\Games\Uplay\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Alpha\RainbowSix.exe
FirewallRules: [UDP Query User{1826EB8F-E358-4FFD-B3E6-932B4BABBEFF}E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe] => (Allow) E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe
FirewallRules: [TCP Query User{8A453A42-FA36-41B5-BE22-216285CC0E5A}E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe] => (Allow) E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe
FirewallRules: [{AB483321-6920-44EB-9DA1-F34753E7C222}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C43831C1-A4D6-452B-9F18-7A5F6DA28E31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E46B5616-6645-4C1E-88F9-1B754FB860A0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{36A3A62E-35BE-45A4-B111-F19B00E9D063}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA230B46-8048-404D-B802-E42350DC9930}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{8F27FBA6-9E0F-43E8-8CAE-EBECD802FC29}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{60383100-6043-46B8-B659-A129B898EAD1}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{546B5056-394A-4E61-8DA7-8B61AF74872B}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{48578B4B-518D-4A75-B0CB-30061E25714A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E5163E28-D1D8-49AD-BB0B-DF44E8AB3192}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{04C2650E-5EBA-49A6-A00B-EB043EBA7332}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8A1171DA-8302-475E-B920-A06759C613E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CC171C56-C415-48ED-8AC1-3FDA5D4CECED}] => (Allow) E:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{F7DB9E56-08BB-442D-B597-F2153AB3B7A9}] => (Allow) E:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{2B324DA7-6D44-44FE-8FA4-D0473E20EB1F}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{52E9F925-F516-4C73-9637-450804B6C0A3}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{E060C7FD-0CE3-4A36-92CA-48EE68B504E1}] => (Block) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{29825B86-3621-4D71-B50E-3DF667B64AE2}] => (Block) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{4CDF68D4-2381-42CC-9D8F-AF25E1ABA530}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{EABF4EBF-3D32-46BF-9916-446330DD70F9}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{CA417306-346F-4F2D-B498-718639780E6F}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{150CDD80-B590-4EEE-B07F-BB2F893504F4}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{C4083184-08C5-4228-BF86-E8BA28FC7472}] => (Allow) E:\Games\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{C7CF63CF-268D-4AE7-8F6E-0D0BBDEB55E2}] => (Allow) E:\Games\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{EC3E7345-25C8-448F-BA34-6696249FF187}] => (Allow) E:\Games\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{E1B82F18-5C89-4DA1-8BDA-AC90AFF6D175}] => (Allow) E:\Games\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{88BA5A32-2E4C-4331-8642-1B9C62B2EBE1}] => (Allow) E:\Games\Steam\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{B47C26BB-676E-46AD-8744-0EDF3C2D0973}] => (Allow) E:\Games\Steam\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{B0995110-801A-400D-BC52-2C7073D10C7A}] => (Allow) E:\Games\Steam\SteamApps\common\GearUp\bin64\Traktor.Amalgam.App.exe
FirewallRules: [{50B5D515-AB3E-432D-B0A3-8D12CF62763A}] => (Allow) E:\Games\Steam\SteamApps\common\GearUp\bin64\Traktor.Amalgam.App.exe
FirewallRules: [UDP Query User{FF291C60-6518-43A2-AF1C-693973CA0DEF}E:\games\other\planetside 2\planetside2_x64.exe] => (Block) E:\games\other\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{6A7916B6-CFFF-4F0D-8827-04BF34F8AB4F}E:\games\other\planetside 2\planetside2_x64.exe] => (Block) E:\games\other\planetside 2\planetside2_x64.exe
FirewallRules: [{56D9D4C6-C983-4300-911F-BF8D2C8B4333}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{21C9EAC0-2102-4316-AA87-2031667D4579}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{D1A0533B-B5C3-4722-B68B-60941C2157E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{7A68D310-65C5-47B3-84AE-3E5893BC10E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{52D51A67-DACD-4B07-B414-CA6E5496FBB1}] => (Allow) E:\Games\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{F1AA8C91-273A-49F5-90ED-CB92F5F9CB63}] => (Allow) E:\Games\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{9F0719B3-C507-4DD8-9078-835DF15375E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{15D87AD6-D26B-473D-9829-00A84A5FDE3E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{5C2E1126-0FC9-4586-BD1D-F08CC8DD790F}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{39987B3C-951E-4F3D-9DFD-F56A07EC49BD}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{80F615FB-54F7-4587-830F-32024F4F7F7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{55106EA4-CA5B-4C93-BBCE-6D5F00955F1B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{A3080756-03CE-4022-BEB4-10DC6AE3444B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{5CD4109D-3C5A-49CE-963F-89DEE4375A9B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7242BEA9-7F11-4205-A348-71F1CBF91646}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{76C701B1-C942-4662-8358-A8890345D401}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{2FCA15ED-26D3-4479-A964-5A7707D99898}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{90CFFD4F-F396-44DD-A043-47AB14C6F55B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{45F7C9AF-187A-49C1-877D-62B376CBDA7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{6C506632-4070-4918-8963-A454170770D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{B71D0896-BB20-4C56-BC2C-8EDBCCC239AB}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{8E717E99-99C2-4054-A385-C6D7426B84B1}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{88F46CB0-66FB-41DF-9097-27BA68F9BDF7}] => (Allow) E:\Games\Steam\SteamApps\common\Game of Thrones\Thrones.exe
FirewallRules: [{78BDAFCC-94AE-48A1-A729-2AE097AE7D9D}] => (Allow) E:\Games\Steam\SteamApps\common\Game of Thrones\Thrones.exe
FirewallRules: [{E3A0FED8-1483-4836-B0B7-80BD721144EE}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\GameApp.exe
FirewallRules: [{FCF1B459-33CC-47B1-8209-CE73B350B3FA}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\GameApp.exe
FirewallRules: [{CB2FF9CE-38DA-4EFC-B384-4E5BD1604211}] => (Block) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [{CA4587E0-D957-40BB-B142-721B99CA3B27}] => (Block) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{83D7D4C6-0BA4-4DB1-B85D-8929EF95DF92}E:\games\other\far cry 4\bin\farcry4.exe] => (Allow) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{BE425D30-9DEF-4CB9-BC50-9776E336751B}E:\games\other\far cry 4\bin\farcry4.exe] => (Allow) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [{CDAC83D2-E036-4AB6-A41B-6146BCE13D9E}] => (Block) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{022242E8-8043-4C1F-AF74-4ECB1ACC25A0}] => (Block) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{BC913EEF-2FC9-432A-8EB3-E03F49EFC5FB}C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{C0802E94-DEE7-4F94-8292-C51E9BFB8270}C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{83A173E9-07EE-460A-8048-F5A2D406FFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3B8BE7C2-116F-43D5-8D36-2632FFD58365}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{CC4BCAB8-7215-4E5B-8CF5-EBB0AD9F71D1}] => (Allow) E:\Games\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{A8A1B298-A258-4E94-BF8E-F2246AB98593}] => (Allow) E:\Games\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{0DF45CAA-27A9-4C3C-B490-3E5EE9C9354D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{8D54D78F-B0A9-47C6-B040-1565CA7B0DF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{6CB95C3B-C22C-4FAD-B97E-8567DF36C1C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{D4E85729-C87C-4F7C-862C-BFC362911106}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{10BA5E95-BCBF-4677-84C1-2FE51BC97FD2}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{00D29422-98B3-4C4D-9FF2-C88140EEB0A1}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{605F8D1B-856D-467A-A274-DB7AF7BDF2AC}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{DB0D4EC6-4C3A-41F1-B9D8-9AF9FB25CF22}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{9A40DA3A-9848-46B1-BC80-323E7E6316DD}] => (Allow) E:\Games\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{14681AF6-C581-4BAA-AD01-1B7B2C8BC16C}] => (Allow) E:\Games\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{388E4258-DC1A-4936-85F8-7A56016F1247}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{8AD3D8EE-79A7-4FBE-86B4-107E0FFB8D0A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{E7710D01-810D-454A-BCB7-1B1E275C0264}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{480C8D7F-9AAD-4DD0-92D9-E75606CCF9F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{45D22EE0-1895-4CD5-8673-604D6BA33125}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{11920D20-770D-4AEC-BF87-3DE2AFC3BCFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{C6AB8CA4-AD4D-4F62-A6BC-5F044983C132}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{CE4C84E5-7F87-4F34-9AC3-FF6FECC52435}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{334BC361-334F-4562-9116-6BCE6939C757}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{1B80A48E-66B7-4E31-A82E-E7AC653A8D5D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{900475C7-1EF1-4C58-9350-E78C2D32A410}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{38EF4746-7023-4A8C-9AAA-47F350426489}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{791B3081-46C5-406D-93B7-B56C6006AFC1}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{D6D3DE9C-B61E-4989-8853-2F660A211BF0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{AB417BE5-3EFB-4DAD-876C-DA2CF510A21A}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{E1F4ECEF-42FF-4373-9712-DE60B2328F71}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{49B21BA7-7649-4556-8706-0C4E80BE8C05}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{4E0C0BFF-649C-4BC2-A56C-CBE0FB712E3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{0CF58BDE-FF43-44E2-80B4-5525C7CD9A2E}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{01350672-7C82-44A6-8198-9629C4515046}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{860ACD24-F985-4725-AD67-553E799B2D6A}] => (Allow) E:\Games\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{A3C70210-4F03-4C29-9B16-F27650DA614B}] => (Allow) E:\Games\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{6BEBF870-1D78-4AE7-8D6A-B75B5DEB9B96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{1E6EC11E-8DF9-4195-BD70-E25F16A0E7E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{75034B09-34BA-4A8D-A958-6D5813AE27AD}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{74B5F41C-8802-41F6-8256-9C791CF53546}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{246DC264-85DD-4BF0-AAB7-3CE99B712132}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{3796E5D3-4E35-4613-B847-B3C2F951474E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{44BD874E-E047-47AA-95EB-16F0683EE279}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{365012CB-0EFA-404A-8D8C-C0C3C936BF22}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{75B05950-1C60-4B5D-B1FF-CDAB98C7427C}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{1F47C763-0C51-4D3E-AAA2-43981E369821}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{3C2DCD90-629A-4174-9C1F-D46E04115F6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{D94FB425-2A72-432C-AC8A-5D8882D4A2AA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{C6FD2F2F-D880-49F1-8014-43DFE9F88ED4}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{CE42C321-A216-4801-90EF-6F3EFFE55782}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{F815DB78-88BB-446A-B004-2BA37DF71AEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{C7113255-9CAD-4F2C-87A3-912819CFC52C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9F595D3D-1D9A-41E1-A8FF-DA0D5F6356A4}] => (Allow) E:\Games\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{0C6CE6E1-EC2D-4612-A6EE-5DDF70798810}] => (Allow) E:\Games\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{D51B6AAF-BD82-4473-B34E-D768D2CF4E76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C76D4896-9164-403E-AE60-EB61F8FBB127}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [UDP Query User{567AE2C2-5914-40B3-BF37-F1C2EDA9D074}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{B130BAB4-214A-4798-B924-DCC21423FE8B}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7B59C1C0-417A-4CB5-8936-CE42C8E59C21}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{4AC03BDF-C508-4F16-998C-E84B9E7B470B}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4471C2C4-516A-4D55-93F4-F8CAC28CE963}] => (Allow) E:\Games\Uplay\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{081CA149-F211-4A3C-BDDD-2A61CBF5BBCD}] => (Allow) E:\Games\Uplay\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [UDP Query User{CEA1F0BD-59FE-4F67-A5F8-A736D8DC5339}E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{0D41101E-A5F6-4517-85B1-469D75FD845D}E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{A54943FF-03EB-4BBE-9C73-2732C2446E77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{A67C7C92-E40D-46E7-82BA-52E73442D99B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{9F2492A7-420A-45FE-A5CB-93C36B0C5F22}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{2065E2BA-FEA8-4D27-9DD8-89DD96086525}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{301E362B-4773-4C2F-958A-B73A1162454F}] => (Allow) E:\Games\Origin\Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{6BA2CE6F-E00F-4E41-A389-B201AEDB5D10}] => (Allow) E:\Games\Origin\Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{7E6D0522-D399-42FA-9A13-87F4031B7642}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{2AD2975D-F314-4F94-AAA5-4B4B2DEDC539}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{14569002-E408-45B5-9572-352C2D01FA32}] => (Allow) E:\Games\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{F12EC8FF-BB2B-4B05-B23D-091137A36F6B}] => (Allow) E:\Games\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{DEB809E9-E9A3-4ACF-A05B-C8ACEB193BE6}] => (Allow) E:\Games\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{B52F64A7-3AC0-4D72-A654-845A6B2E1DF3}] => (Allow) E:\Games\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{C9997D19-6DAC-4AA8-BCCE-362EC94F42D5}] => (Allow) E:\Games\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{14A054C7-6103-4955-A91A-450B39B04F73}] => (Allow) E:\Games\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D6027B68-7113-46F3-8A59-D3DB65E9190D}] => (Allow) E:\Games\Battle.net\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{B523DFD6-0EFA-49AD-8A49-324C36B2CE30}] => (Allow) E:\Games\Battle.net\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{B6B2C035-D6E4-49C3-881A-5EEF2559DA9A}] => (Allow) E:\Games\Battle.net\Battle.net.exe
FirewallRules: [{0D5572FA-3657-4970-8C81-47E08B627F4D}] => (Allow) E:\Games\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{F8B9713A-0D4E-4994-89C1-803E75925EB5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{9EE008BD-F1B2-4373-B87E-A0F578CB0BF7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{6B4E81E6-F135-4326-A128-83796A346ED3}] => (Allow) E:\Games\Other\Torchlight 2\Torchlight2.exe
FirewallRules: [{EBEF7097-6D3E-4A9C-BF96-4CD2A7DA05E5}] => (Allow) E:\Games\Other\Torchlight 2\Torchlight2.exe
FirewallRules: [{B789CD2E-4CB5-4A47-B588-C8E541E54F0E}] => (Allow) E:\Games\Other\Torchlight 2\tl2.runic.launcher.exe
FirewallRules: [{543E3F45-896B-4AB3-B287-5F2F22CE663D}] => (Allow) E:\Games\Other\Torchlight 2\tl2.runic.launcher.exe
FirewallRules: [{DE6C677E-52F4-4AB0-ACB5-1CD7AEE7F46D}] => (Allow) E:\Games\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{26744406-E013-4C32-8566-0EB6E597E867}] => (Allow) E:\Games\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [UDP Query User{926D9568-EF46-44CA-820E-C79F2B7A67C2}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{5C926152-047B-40FF-BCDB-AA45793E0C23}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{20245341-63C8-4E6C-B6B5-1AD0F244DF39}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [TCP Query User{ECB90676-9084-4EF7-9724-21AE55200D1A}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [{2B29A278-A633-4212-B550-420BAE05BCA5}] => (Allow) E:\Games\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{C06CFC23-4ACE-4D2C-A299-1B0911DCC129}] => (Allow) E:\Games\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{1121C306-AE29-422B-B827-FD9ABC844DBD}] => (Allow) E:\Games\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{3BA22026-92CA-47D0-AD82-24B6AF03010D}] => (Allow) E:\Games\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{6EF13E9E-22D7-4113-9B70-55F2E178C478}] => (Allow) E:\Games\Origin\Games\Titanfall-Beta\Titanfall.exe
FirewallRules: [{DEA5E280-E65F-4BEB-BFA4-6D0EFBAF7A1B}] => (Allow) E:\Games\Origin\Games\Titanfall-Beta\Titanfall.exe
FirewallRules: [{58F8DA64-8894-4766-A8B1-F89F03DFF403}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F3AA7559-3CCD-4D1B-A5DE-0EC7EA0AF99A}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7CF818E5-921A-4933-8951-99FD8044EBAE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{F0C4CEC6-95C5-4E15-9CBD-A9DBC93E6FDD}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{65A432B5-A762-42BD-B347-3C711FD4D075}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4.exe
FirewallRules: [{7B62090A-8DE6-4D8D-A13E-D20D90235A76}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4.exe
FirewallRules: [{47DAD354-4DF5-43CD-81A4-F031122B5C04}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2F46D74F-F264-4DA4-86C2-B01E94E9E8B2}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{3E5EF459-F4C3-4B32-920D-AC89D24A270C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9A973A88-FB1A-4821-A71E-DA9E1703762E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B7A4E813-E8FF-42A6-AC5F-8D03D976629C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{369ED7D5-3995-4D95-899E-53BE414F9F45}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{7AC9230E-C81F-492C-B93F-394BFDC963EB}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{1C4BCD6C-F49D-4FC0-9C1B-C7C6B3353D73}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{77290A04-C3C8-41F4-9101-7AA6A10AA636}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{3D3DCB9C-4E64-4FED-87C5-EB474980DE55}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{0E8F87FC-BB8E-47F2-A0F7-E7E002A08B08}] => (Allow) E:\Games\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D2DEE9A5-AE29-40D4-AF45-C44E75CCC2BC}] => (Allow) E:\Games\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{38A93314-4483-43A6-838F-A6309816EB68}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{BAB11A25-0BE6-42C0-8C7E-2FDDA9ABE71F}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{DC902F0B-10D9-40F5-8434-5B1DA9B549FA}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{E1068D3D-C42A-423A-8D9A-C0D3A397794C}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{847A742B-1787-407E-A0B2-36FF9BB64B62}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{ADB2BDA1-40AD-4F9C-A3DD-1956FE8550D6}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{20DEF293-D0B7-4A17-85AE-C12BF3C46490}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{FF9A8900-027B-43CF-9F3B-6BBE7DBF2C84}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{C34C6CD5-3EE6-4C61-ADC3-3F6D330A7B0D}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{496D504F-4489-443A-A675-9F559F6ECAFA}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DA78671F-1393-430A-80E8-ABC8AD484F6F}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{DAE667D5-C447-4F24-920E-41AB3A1EDC93}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{CCD5308D-2A3D-438A-9CD1-E21DB44281C6}] => (Allow) E:\Games\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{19AF8973-66CB-4591-84DB-84B120EBBF18}] => (Allow) E:\Games\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{DCDDAEFA-CAED-46E9-B16D-04C5D9C546C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C924247C-3D3D-4E47-A6FF-B39F9999775D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8538C8D2-A53A-4774-B888-9DB99AEBFBAF}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{4B2E228C-52B5-4703-A049-DF4BFA095366}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{62334EEA-52D9-491C-BCD1-9FFD866CB9E6}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{4579AA9B-2D43-4F36-8CFC-8F0D45306989}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{96CC47E4-2105-4C90-9F92-EB3132C2E8E5}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4D7EC868-5226-45DB-AA69-85C4AAB1CB08}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CEF3487B-7CE2-483A-AC05-0BF81A2369F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF6A8B4A-006E-457C-A471-6AEC70008B80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67A6E458-F189-4370-A72F-E708747B9912}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0BAE3131-ADC4-4EEA-9C58-5BF04ED22267}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{04DA576E-AA6D-4720-8333-346E195E4B57}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{95888945-DD70-4872-9022-C385191685AF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C02B6B5C-F35C-4674-8298-639C68B939E1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{43B93B1A-2F51-4F95-B423-2F6F6092D9F1}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{710625FD-B616-43BF-B61F-E7637A05B687}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{1B48F618-BB95-43B6-919D-74FC48ADF8C2}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{B7FE6DBD-FE9F-4F02-98BF-4D2B2CF8DB29}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [UDP Query User{8DEB4394-B565-4C8E-A04B-CAFFAFECA1E0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{DFFB87A6-D9B7-4B01-8247-31EF4E57470E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{72B3DA94-7D86-4242-93BC-18EFAFE3EA10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{90780BE8-43D3-4158-AFE9-F0160DFCD0BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{742E4CB7-BAD2-4544-A440-720A80B9ADC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A743AB00-EEA2-497D-A138-5E76E78DEA73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{72F32963-7ED0-4521-9EA8-718E202ED869}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{181D07D9-213D-49D7-8D44-8AB9C12E14CB}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{30B15735-9B59-4E18-8286-5AD1FC2DDB99}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{C1D863E1-5986-401C-98F8-FF1B3C053AE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{697DB895-56D3-496F-8431-B5C2B755AED9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F6300EFC-D689-4493-AA22-47613B97FA51}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{280ED723-E045-472D-B666-514718C13661}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F8FEFC65-E8FF-42E0-BE00-2F9851DC1642}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft USB 2.0 Host Controller Simulator
Description: Microsoft USB 2.0 Host Controller Simulator
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbehci_dsf
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/22/2015 06:23:59 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (09/22/2015 06:23:59 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (09/22/2015 06:23:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAMÓN)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/21/2015 10:18:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAMÓN)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/21/2015 05:47:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 45.0.2454.93, Zeitstempel: 0x55f3580a
Name des fehlerhaften Moduls: chrome.dll, Version: 45.0.2454.93, Zeitstempel: 0x55f34fb2
Ausnahmecode: 0x80000003
Fehleroffset: 0x00000000000310bd
ID des fehlerhaften Prozesses: 0x1db8
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (09/21/2015 07:22:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAMÓN)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/21/2015 06:27:28 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (09/21/2015 06:27:28 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (09/21/2015 06:27:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAMÓN)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/20/2015 07:14:06 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8012) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.


Systemfehler:
=============
Error: (09/22/2015 06:27:46 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/22/2015 06:27:46 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/22/2015 06:27:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/22/2015 06:27:44 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/22/2015 06:27:44 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/22/2015 06:27:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/22/2015 06:27:42 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/22/2015 06:27:42 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/22/2015 06:27:41 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/22/2015 06:27:41 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8136.63 MB
Verfügbarer physikalischer RAM: 4798.75 MB
Summe virtueller Speicher: 16328.63 MB
Verfügbarer virtueller Speicher: 12400.63 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:232.1 GB) (Free:77.36 GB) NTFS
Drive e: (HDD) (Fixed) (Total:1863.01 GB) (Free:1455.81 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2D637E44)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6C1D5ECD)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________


Alt 22.09.2015, 06:14   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 22.09.2015, 17:27   #4
mineller
 
Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



Erster mbar Scan:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.09.22.05
  rootkit: v2015.09.18.01

Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16431
Ramón3006 :: RAMÓN [administrator]

22.09.2015 17:39:13
mbar-log-2015-09-22 (17-39-13).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 503222
Time elapsed: 17 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 15
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EF94624F-EAAE-47CA-BE5B-86FDBF0B2BBA} (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EF94624F-EAAE-47CA-BE5B-86FDBF0B2BBA} (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\CLASSES\TYPELIB\{5FD5723F-D6F6-4F31-A7D0-318E72D28E80} (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\CLASSES\INTERFACE\{DF4F905C-0961-4464-8460-DD2A1F274D1F} (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DF4F905C-0961-4464-8460-DD2A1F274D1F} (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{DF4F905C-0961-4464-8460-DD2A1F274D1F} (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5FD5723F-D6F6-4F31-A7D0-318E72D28E80} (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{5FD5723F-D6F6-4F31-A7D0-318E72D28E80} (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\CLASSES\QMDispatch.QMFunction.1 (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\CLASSES\QMDispatch.QMFunction (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\QMDispatch.QMFunction (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\QMDispatch.QMFunction (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\QMDispatch.QMFunction.1 (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\QMDispatch.QMFunction.1 (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\SOFTWARE\DC3_FEXEC (Malware.Trace) -> Delete on reboot. [29c44ce6adde2a0c004b6389dd26e719]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 7
C:\Windows\QMDISPATCH.DLL (Backdoor.Hupigon) -> Delete on reboot. [f9f4de546e1de84e4d4bb8088f73ef11]
C:\Users\Ramón3006\Desktop\Trainer\AC4BFtrainer.exe (HackTool.CheatEngine) -> Delete on reboot. [d71663cf8605a88e4fdf5ef4d22e649c]
C:\Users\Ramón3006\Desktop\Trainer\Assassin's Creed Unity V1.4 Trainer +5 MrAntiFun.EXE (HackTool.CheatEngine) -> Delete on reboot. [88653df58b0092a42d0159f927d9ee12]
C:\Users\Ramón3006\Desktop\Trainer\Cities Skylines V1.00 Trainer +1 MrAntiFun.EXE (HackTool.CheatEngine) -> Delete on reboot. [a944b57d92f9999d0f1f19399967b34d]
C:\Users\Ramón3006\Desktop\Trainer\Darkest Dungeon Build 7537 Trainer +6 MrAntiFun.EXE (HackTool.CheatEngine) -> Delete on reboot. [19d4ff33b5d665d14ee04d05eb15d729]
C:\Users\Ramón3006\Desktop\Trainer\Dying Light V1.2.1 Trainer +17 MrAntiFun.EXE (HackTool.CheatEngine) -> Delete on reboot. [bc3169c9ef9c57df5dd1f75b867a6f91]
C:\Users\Ramón3006\Desktop\Trainer\Thief V1.1 64bit Trainer +5 MrAntiFun.EXE (HackTool.CheatEngine) -> Delete on reboot. [1ecf7fb3494247ef68c63919ae527a86]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Zweiter mbar Scan
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.09.22.05
  rootkit: v2015.09.18.01

Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16431
Ramón3006 :: RAMÓN [administrator]

22.09.2015 18:07:29
mbar-log-2015-09-22 (18-07-29).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 503086
Time elapsed: 17 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
TDSSKiller hatte nichts gefunden, finde hierzu auch keinen Log

Alt 23.09.2015, 09:25   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.09.2015, 18:02   #6
mineller
 
Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



mbam
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.09.2015
Suchlaufzeit: 18:35
Protokolldatei: Text.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.23.04
Rootkit-Datenbank: v2015.09.22.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Ramón3006

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 488253
Abgelaufene Zeit: 7 Min., 33 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 6
PUP.Optional.ThunderMaster, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ThunderMaster, Löschen bei Neustart, [123e85ae1e6d4fe7cabff8cb34d0a25e], 
PUP.Optional.SlickSavings, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, In Quarantäne, [2d23aa89b4d742f476a82796d92b7b85], 
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HBCENNHACFAAGDOPIKCEGFCOBCADEOCJ, In Quarantäne, [ff5159da7d0e5dd9b28c338cea1a09f7], 
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ, In Quarantäne, [de72d26136558aac291501be09fb6f91], 
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PFNDAKLGOLLADNIICKLEHHANCNLGOCPP, In Quarantäne, [7cd452e196f5f83ea29c269923e1619f], 
PUP.Optional.Spigot, HKU\S-1-5-21-3924869158-273311228-3757889127-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F47AA529-9ABD-455A-9D25-9C7BEE3DD958}, In Quarantäne, [410faf84f794c373de598639ea1ac63a], 

Registrierungswerte: 6
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj|path, C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx, In Quarantäne, [ff5159da7d0e5dd9b28c338cea1a09f7]
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj|path, C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx, In Quarantäne, [de72d26136558aac291501be09fb6f91]
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk|Path, C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx, In Quarantäne, [064ab380c7c47cbaad91704faf55ed13]
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp|path, C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx, In Quarantäne, [7cd452e196f5f83ea29c269923e1619f]
PUP.Optional.Spigot, HKU\S-1-5-21-3924869158-273311228-3757889127-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F47AA529-9ABD-455A-9D25-9C7BEE3DD958}|URL, hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}, In Quarantäne, [410faf84f794c373de598639ea1ac63a]
PUP.Optional.Spigot, HKU\S-1-5-21-3924869158-273311228-3757889127-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F47AA529-9ABD-455A-9D25-9C7BEE3DD958}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, In Quarantäne, [460ae54ec2c91521a98f00bfa0643dc3]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 3
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot, In Quarantäne, [eb6538fbb9d250e6682e30fa48bb7e82], 
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\GC, In Quarantäne, [eb6538fbb9d250e6682e30fa48bb7e82], 
PUP.Optional.Spigot, C:\Users\Ramón3006\AppData\Local\Slick Savings, In Quarantäne, [3a161b18503bf541c5b9a090679cfe02], 

Dateien: 9
PUP.Optional.Spigot, C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default\searchplugins\yahoo_ff.xml, In Quarantäne, [4808e35074176ec8989bd2edbf4524dc], 
PUP.Optional.ThunderMaster, C:\Windows\System32\Tasks\THUNDERMASTER, In Quarantäne, [b0a063d0e5a65dd9681f537061a3f30d], 
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx, In Quarantäne, [eb6538fbb9d250e6682e30fa48bb7e82], 
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx, In Quarantäne, [eb6538fbb9d250e6682e30fa48bb7e82], 
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx, In Quarantäne, [eb6538fbb9d250e6682e30fa48bb7e82], 
PUP.Optional.Spigot, C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx, In Quarantäne, [eb6538fbb9d250e6682e30fa48bb7e82], 
PUP.Optional.Spigot, C:\Users\Ramón3006\AppData\Local\Slick Savings\coupons.crx, In Quarantäne, [3a161b18503bf541c5b9a090679cfe02], 
PUP.Optional.Spigot, C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=");), Ersetzt,[054bf043c0cbb6808f14f1be7392e818]
PUP.Optional.Spigot, C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default\prefs.js, Gut: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (browser.startup.homepage", "hxxp://de.search.yahoo.com/?type=402027&fr=spigot-), Ersetzt,[71df10237b10d75fadd3ded7d43129d7]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
AdwCleaner
Code:
ATTFilter
# AdwCleaner v5.008 - Bericht erstellt am 23/09/2015 um 18:50:52
# Aktualisiert am 18/09/2015 von Xplode
# Datenbank : 2015-09-23.1 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : Ramón3006 - RAMÓN
# Gestartet von : C:\Users\Ramón3006\Downloads\AdwCleaner_5.008.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\productdata
[-] Ordner Gelöscht : C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[-] Ordner Gelöscht : C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[-] Ordner Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
[-] Ordner Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik
[-] Ordner Gelöscht : C:\Users\Ramón3006\AppData\Roaming\productdata

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.lyricsfreak.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.metrolyrics.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.darklyrics.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.lyricsmode.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.plyrics.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.divxcrawler.to_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default\user.js

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : update-sys
[-] Task Gelöscht : update-S-1-5-21-3924869158-273311228-3757889127-1001
[-] Task Gelöscht : update-sys
[-] Task Gelöscht : update-S-1-5-21-3924869158-273311228-3757889127-1001
[-] Task Gelöscht : update-sys

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\IM
[-] Schlüssel Gelöscht : HKCU\Software\ImInstaller
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\IM
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ImInstaller
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\WEBAPP

***** [ Internetbrowser ] *****

[-] [C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : bbmegnmpleoagolcnjnejdacakedpcgd
[-] [C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : gkcefkcdkepgkpbgncjchhbjgoanleod
[-] [C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : hbcennhacfaagdopikcegfcobcadeocj
[-] [C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : icdlfehblmklkikfigmjhbmmpmkmpooj
[-] [C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : jpfpebmajhhopeonhlcgidhclcccjcik
[-] [C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : mhkaekfpcppmmioggniknbnbdbcigpkk
[-] [C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : nfengeggddojhakldhlpjdlddgkkjkdd
[-] [C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : pfndaklgolladniicklehhancnlgocpp
[-] [C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://de.search.yahoo.com/?type=402027&fr=spigot-yhp-ch

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6566 Bytes] ##########
         
JRT
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.3 (09.21.2015:1)
OS: Windows 10 Pro x64
Ran by Ram¢n3006 on 23.09.2015 at 18:55:35,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster Scan
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (Ram¢n3006)
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster Update
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_Administrator
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_Ram¢n3006
Successfully deleted: [Task] C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job
Successfully deleted: [Task] C:\WINDOWS\Tasks\Uninstaller_SkipUac_Ram¢n3006.job



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_3B13B70C9998CC9CF6CE6FEC2F0D6633



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}



~~~ Files

Successfully deleted: [File] C:\Users\Ram¢n3006\AppData\Roaming\speedrunnerslog.txt
Successfully deleted: [File] C:\Users\Ram¢n3006\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\Ram¢n3006\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.similarsitesearch.com_0.localstorage



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver booster 2
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\Ram¢n3006\AppData\Roaming\imvuclient
Successfully deleted: [Folder] C:\Users\Ram¢n3006\AppData\Roaming\iobit\driver booster
Successfully deleted: [Folder] C:\Users\Ram¢n3006\AppData\Roaming\productdata
Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Users\Ram¢n3006\AppData\Roaming\3909



~~~ FireFox

Successfully deleted: [File] C:\Users\Ram¢n3006\AppData\Roaming\mozilla\firefox\profiles\dkt0jo2f.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Successfully deleted: [Folder] C:\Users\Ram¢n3006\AppData\Roaming\mozilla\firefox\profiles\dkt0jo2f.default\extensions\iobitascsurfingprotection@iobit.com
Successfully deleted the following from C:\Users\Ram¢n3006\AppData\Roaming\mozilla\firefox\profiles\dkt0jo2f.default\prefs.js

user_pref(extensions.xpiState, {\app-profile\:{\iobitascsurfingprotection@iobit.com\:{\d\:\C:\\\\Users\\\\Ramón3006\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\P
Emptied folder: C:\Users\Ram¢n3006\AppData\Roaming\mozilla\firefox\profiles\dkt0jo2f.default\minidumps [1 files]



~~~ Chrome


[C:\Users\Ram¢n3006\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Ram¢n3006\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Ram¢n3006\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Ram¢n3006\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.09.2015 at 19:01:59,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 23.09.2015, 18:09   #7
mineller
 
Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Ramón3006 (Administrator) auf RAMÓN (23-09-2015 19:07:36)
Gestartet von C:\Users\Ramón3006\Downloads
Geladene Profile: Ramón3006 (Verfügbare Profile: Ramón3006)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files (x86)\001_Tools\AVAST\AvastSvc.exe
(AVAST Software) C:\Program Files (x86)\001_Tools\AVAST\afwServ.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files (x86)\001_Tools\AVAST\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files (x86)\001_Tools\AVAST\AvastUI.exe [6111824 2015-08-28] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [EADM] => E:\Games\Origin\Origin.exe [3632472 2015-05-03] (Electronic Arts)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2169640 2013-10-17] (Palit Microsystems Ltd.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] ()
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Ramón3006\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [GoogleChromeAutoLaunch_3B13B70C9998CC9CF6CE6FEC2F0D6633] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [871240 2015-09-19] (Google Inc.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\RunOnce: [Uninstall C:\Users\Ram�n3006\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ramón3006\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\RunOnce: [Uninstall C:\Users\Ram�n3006\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ramón3006\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\RunOnce: [Uninstall C:\Users\Ram�n3006\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ramón3006\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\001_Tools\AVAST\ashShA64.dll [2015-08-28] (AVAST Software)
Startup: C:\Users\Ramón3006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2014-01-31]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6a6f050c-4c99-4efb-ac56-7d66db5e7df9}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.lycle.net/
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.lycle.net/
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM -> {CB127E1A-135A-4672-BE00-0D3162B1E50B} URL = hxxps://www.lycle.net/de/results/10/{searchTerms}
SearchScopes: HKLM-x32 -> {CB127E1A-135A-4672-BE00-0D3162B1E50B} URL = hxxps://www.lycle.net/de/results/10/{searchTerms}
SearchScopes: HKU\S-1-5-21-3924869158-273311228-3757889127-1001 -> DefaultScope {F47AA529-9ABD-455A-9D25-9C7BEE3DD958} URL = 
SearchScopes: HKU\S-1-5-21-3924869158-273311228-3757889127-1001 -> {CB127E1A-135A-4672-BE00-0D3162B1E50B} URL = hxxps://www.lycle.net/de/results/10/{searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\001_Tools\AVAST\aswWebRepIE64.dll [2015-08-28] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\001_Tools\AVAST\aswWebRepIE.dll [2015-08-28] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/yhp-ff
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3924869158-273311228-3757889127-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ramón3006\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files (x86)\001_Tools\AVAST\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files (x86)\001_Tools\AVAST\WebRep\FF [2013-12-19]

Chrome: 
=======
CHR Profile: C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-12-21]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2013-12-15]
CHR Extension: (BetterTTV) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-03-06]
CHR Extension: (Google Docs) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-13]
CHR Extension: (Google Drive) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-13]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-09-23]
CHR Extension: (YouTube) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-13]
CHR Extension: (Adblock Plus) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-25]
CHR Extension: (Google-Suche) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-13]
CHR Extension: (RocketBeansTV Mission Control) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcfomalfggghgohbinjpgibmbjpelndf [2015-05-07]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-19]
CHR Extension: (Imagus) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2014-03-02]
CHR Extension: (Speed Dial 2) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2015-09-23]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-03-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Webcam Toy) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-13]
CHR Extension: (Google Mail) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files (x86)\001_Tools\AVAST\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-09-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files (x86)\001_Tools\AVAST\WebRep\Chrome\aswWebRepChrome.crx [2015-04-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files (x86)\001_Tools\AVAST\AvastSvc.exe [146600 2015-08-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files (x86)\001_Tools\AVAST\afwServ.exe [109008 2015-08-28] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-20] ()
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 HiPatchService; E:\Games\Other\Smite\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; E:\Games\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2014-03-28] (Google Inc)
R3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [19456 2014-05-08] (LG Electronics Inc.)
R3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (LG Electronics Inc.)
R3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-28] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-28] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-28] (AVAST Software)
S3 EvolveVirtualAdapter; C:\Windows\system32\DRIVERS\evolve.sys [21656 2014-05-10] (Echobit, LLC)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-23] (REALiX(tm))
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-21] (Intel Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Datei ist nicht signiert]
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [242688 2013-04-24] (QUALCOMM Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2013-12-31] (Nicomsoft Ltd.)
S2 VBoxAswDrv; \??\C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\VBoxAswDrv.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-23 19:07 - 2015-09-23 19:07 - 00023200 _____ C:\Users\Ramón3006\Downloads\FRST.txt
2015-09-23 19:06 - 2015-09-23 19:07 - 02192384 _____ (Farbar) C:\Users\Ramón3006\Downloads\FRST64.exe
2015-09-23 19:01 - 2015-09-23 19:01 - 00004119 _____ C:\Users\Ramón3006\Desktop\JRT.txt
2015-09-23 18:55 - 2015-09-23 18:55 - 01798976 _____ (Malwarebytes) C:\Users\Ramón3006\Downloads\JRT.exe
2015-09-23 18:55 - 2015-09-22 19:05 - 01800512 _____ (Malwarebytes) C:\Users\Ramón3006\Desktop\JRT.exe
2015-09-23 18:52 - 2015-09-23 18:52 - 00016148 _____ C:\WINDOWS\system32\RAMÓN_Ramón3006_HistoryPrediction.bin
2015-09-23 18:47 - 2015-09-23 18:50 - 00000000 ____D C:\AdwCleaner
2015-09-23 18:47 - 2015-09-23 18:47 - 01662976 _____ C:\Users\Ramón3006\Downloads\AdwCleaner_5.008.exe
2015-09-23 18:46 - 2015-09-23 18:46 - 00005579 _____ C:\Users\Ramón3006\Desktop\Text.txt
2015-09-23 18:32 - 2015-09-23 18:32 - 00001190 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-23 18:32 - 2015-09-23 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-23 18:32 - 2015-09-23 18:32 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-23 18:32 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-23 18:32 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-23 18:32 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-23 18:29 - 2015-09-15 18:12 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-23 18:29 - 2015-09-15 18:12 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-23 18:14 - 2015-09-23 18:24 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ramón3006\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-22 17:39 - 2015-09-23 18:45 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-22 17:39 - 2015-09-23 18:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-22 17:39 - 2015-09-23 18:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-22 06:29 - 2015-09-23 19:07 - 00000000 ____D C:\FRST
2015-09-21 06:27 - 2015-09-23 18:52 - 00010112 _____ C:\WINDOWS\PFRO.log
2015-09-21 06:22 - 2015-09-21 06:22 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-20 06:40 - 2015-09-20 06:40 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-20 06:40 - 2015-09-20 06:40 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-09-17 03:17 - 2015-09-17 18:31 - 00000000 ___RD C:\Users\Ramón3006\3D Objects
2015-09-16 05:34 - 2015-09-23 18:52 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-16 05:34 - 2015-09-23 18:39 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-15 17:55 - 2015-09-15 17:55 - 00002405 _____ C:\Users\Ramón3006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-12 12:30 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-12 12:30 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-12 12:30 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-12 12:30 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-12 12:30 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-12 12:30 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-12 12:30 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-12 12:30 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-12 12:30 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-12 12:30 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-12 12:30 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-12 12:30 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-12 12:30 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-12 12:30 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-12 12:30 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-12 12:30 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-12 12:30 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-12 12:30 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-12 12:30 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-12 12:30 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-12 12:30 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-12 12:30 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-12 12:30 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-12 12:30 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-12 12:30 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-12 12:30 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-12 12:30 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-12 12:30 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-12 12:30 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-12 12:30 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-12 12:30 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-12 12:30 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-31 17:42 - 2015-08-31 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-29 16:54 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 16:54 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 16:54 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 16:54 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 16:54 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 16:54 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 16:54 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 16:54 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 16:54 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 16:54 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 16:54 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 16:54 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 16:54 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 16:54 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 16:54 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 16:54 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 16:54 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 16:54 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 16:54 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 16:54 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 16:54 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 16:54 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 16:54 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 16:54 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 16:54 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 16:54 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 16:54 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 16:54 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 16:54 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 16:54 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 16:54 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 16:54 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 16:54 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 16:54 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 16:54 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 16:54 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 16:54 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-28 06:21 - 2015-08-28 06:21 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00454016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-28 06:21 - 2015-08-28 06:21 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-28 06:21 - 2015-08-28 06:21 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00004008 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-23 19:07 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-23 19:07 - 2013-12-14 00:58 - 00000000 ____D C:\Users\Ramón3006\AppData\Roaming\Skype
2015-09-23 18:58 - 2013-12-21 16:52 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-23 18:58 - 2013-12-21 16:33 - 00000000 ____D C:\ProgramData\IObit
2015-09-23 18:58 - 2013-12-21 16:32 - 00000000 ____D C:\Users\Ramón3006\AppData\Roaming\IObit
2015-09-23 18:52 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-23 18:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-23 18:52 - 2015-07-10 11:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-09-23 18:52 - 2014-06-01 11:35 - 00000000 ____D C:\Users\Ramón3006\.rainlendar2
2015-09-23 18:52 - 2013-12-13 23:19 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-23 18:50 - 2015-08-02 10:27 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-23 18:50 - 2015-07-10 18:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-23 18:50 - 2015-07-10 18:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-23 18:38 - 2014-02-01 19:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-23 18:35 - 2014-04-28 11:31 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Battle.net
2015-09-23 18:29 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-23 17:46 - 2015-08-02 12:16 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1EEB137D-4B82-4D44-86D8-3A9179E5BCA8}
2015-09-23 07:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-23 02:00 - 2014-09-18 12:31 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Adobe
2015-09-22 20:29 - 2015-07-29 16:31 - 00000000 ____D C:\Users\Ramón3006\Downloads\Floral Flyff Client
2015-09-22 18:05 - 2014-12-18 12:13 - 00002104 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-09-22 18:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\addins
2015-09-22 18:03 - 2014-05-31 11:50 - 00000000 ____D C:\Users\Ramón3006\Desktop\Trainer
2015-09-21 21:34 - 2013-12-15 22:41 - 00000000 ____D C:\Users\Ramón3006\AppData\Roaming\vlc
2015-09-21 19:22 - 2014-12-29 00:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-21 06:28 - 2013-12-14 14:32 - 10703360 ___SH C:\Users\Ramón3006\Desktop\Thumbs.db
2015-09-21 06:27 - 2015-07-10 14:20 - 05001552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-21 06:27 - 2014-12-18 12:13 - 00000262 _____ C:\WINDOWS\Tasks\ASC8_SkipUac_Ramón3006.job
2015-09-20 13:02 - 2015-08-02 11:14 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-19 17:55 - 2013-12-19 22:46 - 01296896 ___SH C:\Users\Ramón3006\Downloads\Thumbs.db
2015-09-17 03:17 - 2015-08-02 10:19 - 00000000 ____D C:\Users\Ramón3006
2015-09-16 18:00 - 2013-12-13 21:42 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Packages
2015-09-16 05:34 - 2013-12-13 21:54 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 05:34 - 2013-12-13 21:54 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 17:55 - 2015-08-02 11:12 - 00000000 ___RD C:\Users\Ramón3006\OneDrive
2015-09-14 18:01 - 2013-12-13 21:54 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Google
2015-09-13 01:12 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 01:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-12 21:47 - 2014-04-10 13:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-12 21:45 - 2013-12-13 22:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-12 21:45 - 2013-08-22 15:25 - 00000202 _____ C:\WINDOWS\win.ini
2015-09-01 06:21 - 2015-04-08 22:17 - 00000854 _____ C:\Users\Ramón3006\Desktop\smurf.txt
2015-08-31 17:43 - 2013-12-14 00:58 - 00000000 ____D C:\ProgramData\Skype
2015-08-31 17:42 - 2015-05-04 22:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-30 03:56 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-30 03:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-26 21:47 - 2014-04-30 17:09 - 00000000 ____D C:\Users\Ramón3006\Desktop\HS
2015-08-26 18:37 - 2013-12-13 22:18 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-04 22:09 - 2014-12-04 22:09 - 0000132 _____ () C:\Users\Ramón3006\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2015-04-12 20:51 - 2015-04-12 21:03 - 0000559 _____ () C:\Users\Ramón3006\AppData\Roaming\droid4xinstaller.log
2014-02-28 20:06 - 2014-02-28 20:09 - 0099384 _____ () C:\Users\Ramón3006\AppData\Roaming\inst.exe
2014-02-28 20:06 - 2014-02-28 20:09 - 0007859 _____ () C:\Users\Ramón3006\AppData\Roaming\pcouffin.cat
2014-02-28 20:06 - 2014-02-28 20:09 - 0001167 _____ () C:\Users\Ramón3006\AppData\Roaming\pcouffin.inf
2014-02-28 20:06 - 2014-02-28 20:09 - 0000055 _____ () C:\Users\Ramón3006\AppData\Roaming\pcouffin.log
2014-02-28 20:06 - 2014-02-28 20:09 - 0082816 _____ (VSO Software) C:\Users\Ramón3006\AppData\Roaming\pcouffin.sys
2015-03-14 20:46 - 2015-03-31 19:03 - 2424370 _____ () C:\Users\Ramón3006\AppData\Roaming\ramÓn64
2014-10-11 16:22 - 2014-10-11 16:22 - 0000003 _____ () C:\Users\Ramón3006\AppData\Local\updater.log
2014-10-11 16:22 - 2015-04-24 00:55 - 0000424 _____ () C:\Users\Ramón3006\AppData\Local\UserProducts.xml
2015-08-02 10:19 - 2015-08-02 10:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-16 15:55 - 2015-02-16 15:55 - 0000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Ramón3006\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-17 03:16

==================== Ende von FRST.txt ============================
         
Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von Ramón3006 (2015-09-23 19:07:59)
Gestartet von C:\Users\Ramón3006\Downloads
Windows 10 Pro (X64) (2015-08-02 09:08:21)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3924869158-273311228-3757889127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3924869158-273311228-3757889127-503 - Limited - Disabled)
Gast (S-1-5-21-3924869158-273311228-3757889127-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3924869158-273311228-3757889127-1007 - Limited - Enabled)
Ramón3006 (S-1-5-21-3924869158-273311228-3757889127-1001 - Administrator - Enabled) => C:\Users\Ramón3006

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.35 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Akamai NetSession Interface (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version:  - Brace Yourself Games)
Device Simulation Framework 1.0.1 (HKLM\...\{C7966AB3-A8D9-48D5-B7DF-922674C40098}) (Version: 1.0.1 - Microsoft)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Droid4X (HKLM-x32\...\Droid4X) (Version: 0.7.5 - Haiyu Dongxiang Co.,Ltd.)
Dying Light (HKLM-x32\...\Steam App 239140) (Version:  - Techland)
Façade (HKLM-x32\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version:  - Telltale Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hand Of Fate (HKLM-x32\...\Steam App 266510) (Version:  - Defiant Development)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IMVU Avatar Chat Software (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
IncrediMail (x32 Version: 6.6.0.5288 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5288 - IncrediMail Ltd.)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.2 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.11.3.0 - LG Electronics)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
MagmaFlyff Live (HKLM-x32\...\MagmaFlyffLive) (Version: Live - )
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mortal Kombat X Premium Edition MULTi2 1.0 (HKLM-x32\...\Mortal Kombat X Premium Edition MULTi2 1.0) (Version:  - )
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-22ca718a-9ec7-443a-b826-b5854b5969e9) (Version:  - Epic Games, Inc.)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{123F0CCE-21AA-401D-A335-3EDF9C13AA52}) (Version: 1.6.9 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Office Trial Extender (HKLM-x32\...\{F18ADBD4-320F-4A67-9709-0FE9412BB0FA}_is1) (Version: 1.0.0.7 - pXc-coding.com)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Rainbow Six Siege - Closed Alpha (HKLM-x32\...\Uplay Install 1001) (Version:  - Ubisoft)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2151.6 - Hi-Rez Studios)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Tales from the Borderlands (HKLM-x32\...\Steam App 330830) (Version:  - Telltale Games)
TeamSpeak 3 Client (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Sims 4 Deluxe DLC Edition (HKLM-x32\...\The Sims 4 Deluxe DLC Edition) (Version: 1.01 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.5.139.1020 - Electronic Arts Inc.)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02) (Version:  - )
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.7.4 - Palit Microsystems Ltd.)
Torchlight 2 (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}) (Version: 1.21.2.1 - )
TowerFall Ascension (HKLM-x32\...\Steam App 251470) (Version:  - Matt Thorson)
Unity Web Player (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.9 r0 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.9 r0 - YGOPro DevPro Online)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

05-09-2015 03:30:38 Geplanter Prüfpunkt
12-09-2015 12:44:24 Windows Update
12-09-2015 12:45:56 Windows Update
22-09-2015 18:03:29 Malwarebytes Anti-Rootkit Restore Point
23-09-2015 18:55:38 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04459155-1E44-445E-920B-45EB176433AD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0D5C1DE0-88CE-44D1-B026-8C5951C98FA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0EB632B7-59A6-428C-9DC6-52CBFDB04147} - \ThunderMaster -> Keine Datei <==== ACHTUNG
Task: {186348D0-3EA6-4F59-ADC4-EF24D1A008FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {23C6F723-BAA2-4374-A72F-33896D00A2D5} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {259F663F-D581-4F3A-9575-36130600073D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {27542B9E-B2CD-4F19-A1B3-8E7B93027557} - System32\Tasks\ASC8_SkipUac_Ramón3006 => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-12-10] (IObit)
Task: {3A755139-3C6F-42F8-BBA1-62FEE09552C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3EE4CE06-1CCF-4D9D-9EDB-36DD979D94E0} - \StartMenuAutoupdate -> Keine Datei <==== ACHTUNG
Task: {50B14A94-82A4-4001-9F29-34410AA5C863} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6C23AD68-3A03-4045-B546-D177124221A9} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ramon@walia-online.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {750B006A-7A3E-4A46-80B6-81996051DAF1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {844ED8EB-8EFF-4289-8ADF-535A590A525B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {8BF31DB1-05CD-4CD4-B95C-046A5A65B0FE} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A07C1BD9-B189-42EB-B053-D163E332F061} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {AC02FE26-8DF4-4AE0-8383-E1D237EAA7BD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {AF495A6A-E7AA-4B3A-A4BC-03216B34C41A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B318D817-51C5-4DF9-B6D7-4B707AA119A4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {B3C7BBBD-A26D-45DE-864A-A87C329BB813} - System32\Tasks\avast! Emergency Update => C:\Program Files (x86)\001_Tools\AVAST\AvastEmUpdate.exe [2015-08-28] (AVAST Software)
Task: {BD563C9C-D348-4224-9D13-10B1154104E9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BF9C94BA-2FE4-47C5-95C3-2DCF42765FE9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {E7A73826-7A54-45AC-B5F0-73C6AD731488} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F32187A7-21D1-462C-AD7F-9FE86667A9A9} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {F6AA7A6F-7EAA-4C21-9F41-FE6AEFBBA545} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {F8D64133-12A3-493E-9516-481D790231E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Ramón3006.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-02 11:11 - 2015-08-02 11:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 18:03 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-29 16:54 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 16:54 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-11 23:27 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-11 23:27 - 2015-08-03 03:14 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-08-19 18:03 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 23:27 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-11 23:27 - 2015-08-03 03:09 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2013-12-13 23:19 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-22 06:39 - 2015-09-19 07:54 - 01868104 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libglesv2.dll
2015-09-22 06:39 - 2015-09-19 07:54 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libegl.dll
2015-08-28 06:21 - 2015-08-28 06:21 - 00102864 _____ () C:\Program Files (x86)\001_Tools\AVAST\log.dll
2015-08-28 06:21 - 2015-08-28 06:21 - 00123976 _____ () C:\Program Files (x86)\001_Tools\AVAST\JsonRpcServer.dll
2015-09-23 18:44 - 2015-09-23 18:44 - 02966016 _____ () C:\Program Files (x86)\001_Tools\AVAST\defs\15092301\algo.dll
2015-04-29 15:08 - 2015-04-29 15:08 - 40540672 _____ () C:\Program Files (x86)\001_Tools\AVAST\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Ramón3006\Cookies:gs5sys
AlternateDataStreams: C:\Users\Ramón3006\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Ramón3006\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Ramón3006\AppData\Local\Verlauf:gs5sys

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\sony.com -> sony.com

IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3924869158-273311228-3757889127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ramón3006\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\325670.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SearchSettings"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "THPanel"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2FB8A24D-0376-4926-AC79-B7604D411216}] => (Allow) E:\Games\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5964B619-84BC-48A3-B43E-4E0C13483288}] => (Allow) E:\Games\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F6AF50C4-BBD2-436B-BE95-557C890605ED}] => (Allow) E:\Games\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{D3A7875D-8F17-44FD-AEA1-CC336A7490DF}] => (Allow) E:\Games\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{796DE778-D107-46FB-A963-BC41FC682122}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{337006AF-EB3C-4597-B292-0A04B3DFCC24}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{74EEC085-A8A2-4A2F-AD65-951F87B5D815}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{CF85D655-BC06-494B-B069-BCB7627BFE49}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{6412694E-DF58-4A10-A1B0-F05B5F7D2947}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{CAC3143D-F931-445E-8359-C743CFEF6FE9}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{B02D9FC0-0E37-406E-B5DF-6917B2EC35BD}] => (Allow) E:\Games\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{D6A97BAE-4F6D-47F3-B888-A8890245F79C}] => (Allow) E:\Games\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{7FF28AC6-BB7D-4981-8FC9-0D8D7CB39292}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{2C9A1232-8E34-4DF3-85C9-AD1B6132066A}] => (Allow) E:\Tools\Droid4X\Droid4X.exe
FirewallRules: [{7DB2AE0F-EE40-4B08-B8B0-1F3846131773}] => (Allow) E:\Games\Steam\SteamApps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [{00CD05D0-E96D-4100-AC98-EDC8866A6763}] => (Allow) E:\Games\Steam\SteamApps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [UDP Query User{1C2691D3-02D2-4243-992F-158151099BA8}E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{966CB8D9-5347-46B5-8678-52BDABA14DD4}E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CFB62EAF-F9DB-4E8A-9A72-E9FB6C6D33F3}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F2D73BED-8C1B-4025-91A8-137555F7C2D1}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{941A2452-5B5C-4E15-81F5-ED4AD685C5EB}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A68151A6-70C7-4C50-8FEA-C2A54CF9B616}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{D6354C55-B302-46DE-A96B-1738E248659F}] => (Allow) E:\Games\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{91DB6EC6-FA46-462C-AB17-7F058992CE60}] => (Allow) E:\Games\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{0C016036-D7AE-4AA0-8087-33FC9AD91085}] => (Allow) E:\Games\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{7D8C0AF3-57B2-48C7-B182-DB954FA22674}] => (Allow) E:\Games\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{E196DB73-901B-4C0E-BC94-E55FEE28442A}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Sims 4 Deluxe DLC Edition\Game\Bin\TS4.exe
FirewallRules: [{AD99D958-D6C1-4EBA-8934-3715392D7547}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Sims 4 Deluxe DLC Edition\Game\Bin\TS4.exe
FirewallRules: [{E1A127CD-7040-46F2-965A-13A652634111}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{DEC5B9AD-17DA-43A3-A66C-A61053B3C668}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{1059797B-6040-414C-AC51-F4553C3EA93E}E:\games\other\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\games\other\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FAC8B13F-7923-47BB-84B9-4B1ADBF50B57}E:\games\other\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\games\other\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{6A295014-B1B0-493C-9FF5-81C769D7A9E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{101C5CD1-DDA7-4493-A3B9-454C93BF90C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34675F77-203D-4D65-8F17-683DE6D9AB56}] => (Allow) E:\Games\Uplay\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Alpha\RainbowSix.exe
FirewallRules: [{D10903AB-2A89-46C3-A0EC-CD5916690895}] => (Allow) E:\Games\Uplay\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Alpha\RainbowSix.exe
FirewallRules: [UDP Query User{1826EB8F-E358-4FFD-B3E6-932B4BABBEFF}E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe] => (Allow) E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe
FirewallRules: [TCP Query User{8A453A42-FA36-41B5-BE22-216285CC0E5A}E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe] => (Allow) E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe
FirewallRules: [{AB483321-6920-44EB-9DA1-F34753E7C222}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C43831C1-A4D6-452B-9F18-7A5F6DA28E31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E46B5616-6645-4C1E-88F9-1B754FB860A0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{36A3A62E-35BE-45A4-B111-F19B00E9D063}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA230B46-8048-404D-B802-E42350DC9930}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{8F27FBA6-9E0F-43E8-8CAE-EBECD802FC29}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{60383100-6043-46B8-B659-A129B898EAD1}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{546B5056-394A-4E61-8DA7-8B61AF74872B}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{48578B4B-518D-4A75-B0CB-30061E25714A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E5163E28-D1D8-49AD-BB0B-DF44E8AB3192}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{04C2650E-5EBA-49A6-A00B-EB043EBA7332}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8A1171DA-8302-475E-B920-A06759C613E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CC171C56-C415-48ED-8AC1-3FDA5D4CECED}] => (Allow) E:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{F7DB9E56-08BB-442D-B597-F2153AB3B7A9}] => (Allow) E:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{2B324DA7-6D44-44FE-8FA4-D0473E20EB1F}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{52E9F925-F516-4C73-9637-450804B6C0A3}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{E060C7FD-0CE3-4A36-92CA-48EE68B504E1}] => (Block) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{29825B86-3621-4D71-B50E-3DF667B64AE2}] => (Block) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{4CDF68D4-2381-42CC-9D8F-AF25E1ABA530}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{EABF4EBF-3D32-46BF-9916-446330DD70F9}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{CA417306-346F-4F2D-B498-718639780E6F}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{150CDD80-B590-4EEE-B07F-BB2F893504F4}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{C4083184-08C5-4228-BF86-E8BA28FC7472}] => (Allow) E:\Games\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{C7CF63CF-268D-4AE7-8F6E-0D0BBDEB55E2}] => (Allow) E:\Games\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{EC3E7345-25C8-448F-BA34-6696249FF187}] => (Allow) E:\Games\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{E1B82F18-5C89-4DA1-8BDA-AC90AFF6D175}] => (Allow) E:\Games\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{88BA5A32-2E4C-4331-8642-1B9C62B2EBE1}] => (Allow) E:\Games\Steam\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{B47C26BB-676E-46AD-8744-0EDF3C2D0973}] => (Allow) E:\Games\Steam\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{B0995110-801A-400D-BC52-2C7073D10C7A}] => (Allow) E:\Games\Steam\SteamApps\common\GearUp\bin64\Traktor.Amalgam.App.exe
FirewallRules: [{50B5D515-AB3E-432D-B0A3-8D12CF62763A}] => (Allow) E:\Games\Steam\SteamApps\common\GearUp\bin64\Traktor.Amalgam.App.exe
FirewallRules: [UDP Query User{FF291C60-6518-43A2-AF1C-693973CA0DEF}E:\games\other\planetside 2\planetside2_x64.exe] => (Block) E:\games\other\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{6A7916B6-CFFF-4F0D-8827-04BF34F8AB4F}E:\games\other\planetside 2\planetside2_x64.exe] => (Block) E:\games\other\planetside 2\planetside2_x64.exe
FirewallRules: [{56D9D4C6-C983-4300-911F-BF8D2C8B4333}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{21C9EAC0-2102-4316-AA87-2031667D4579}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{D1A0533B-B5C3-4722-B68B-60941C2157E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{7A68D310-65C5-47B3-84AE-3E5893BC10E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{52D51A67-DACD-4B07-B414-CA6E5496FBB1}] => (Allow) E:\Games\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{F1AA8C91-273A-49F5-90ED-CB92F5F9CB63}] => (Allow) E:\Games\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{9F0719B3-C507-4DD8-9078-835DF15375E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{15D87AD6-D26B-473D-9829-00A84A5FDE3E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{5C2E1126-0FC9-4586-BD1D-F08CC8DD790F}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{39987B3C-951E-4F3D-9DFD-F56A07EC49BD}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{80F615FB-54F7-4587-830F-32024F4F7F7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{55106EA4-CA5B-4C93-BBCE-6D5F00955F1B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{A3080756-03CE-4022-BEB4-10DC6AE3444B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{5CD4109D-3C5A-49CE-963F-89DEE4375A9B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7242BEA9-7F11-4205-A348-71F1CBF91646}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{76C701B1-C942-4662-8358-A8890345D401}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{2FCA15ED-26D3-4479-A964-5A7707D99898}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{90CFFD4F-F396-44DD-A043-47AB14C6F55B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{45F7C9AF-187A-49C1-877D-62B376CBDA7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{6C506632-4070-4918-8963-A454170770D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{B71D0896-BB20-4C56-BC2C-8EDBCCC239AB}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{8E717E99-99C2-4054-A385-C6D7426B84B1}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{88F46CB0-66FB-41DF-9097-27BA68F9BDF7}] => (Allow) E:\Games\Steam\SteamApps\common\Game of Thrones\Thrones.exe
FirewallRules: [{78BDAFCC-94AE-48A1-A729-2AE097AE7D9D}] => (Allow) E:\Games\Steam\SteamApps\common\Game of Thrones\Thrones.exe
FirewallRules: [{E3A0FED8-1483-4836-B0B7-80BD721144EE}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\GameApp.exe
FirewallRules: [{FCF1B459-33CC-47B1-8209-CE73B350B3FA}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\GameApp.exe
FirewallRules: [{CB2FF9CE-38DA-4EFC-B384-4E5BD1604211}] => (Block) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [{CA4587E0-D957-40BB-B142-721B99CA3B27}] => (Block) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{83D7D4C6-0BA4-4DB1-B85D-8929EF95DF92}E:\games\other\far cry 4\bin\farcry4.exe] => (Allow) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{BE425D30-9DEF-4CB9-BC50-9776E336751B}E:\games\other\far cry 4\bin\farcry4.exe] => (Allow) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [{CDAC83D2-E036-4AB6-A41B-6146BCE13D9E}] => (Block) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{022242E8-8043-4C1F-AF74-4ECB1ACC25A0}] => (Block) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{BC913EEF-2FC9-432A-8EB3-E03F49EFC5FB}C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{C0802E94-DEE7-4F94-8292-C51E9BFB8270}C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{83A173E9-07EE-460A-8048-F5A2D406FFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3B8BE7C2-116F-43D5-8D36-2632FFD58365}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{CC4BCAB8-7215-4E5B-8CF5-EBB0AD9F71D1}] => (Allow) E:\Games\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{A8A1B298-A258-4E94-BF8E-F2246AB98593}] => (Allow) E:\Games\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{0DF45CAA-27A9-4C3C-B490-3E5EE9C9354D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{8D54D78F-B0A9-47C6-B040-1565CA7B0DF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{6CB95C3B-C22C-4FAD-B97E-8567DF36C1C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{D4E85729-C87C-4F7C-862C-BFC362911106}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{10BA5E95-BCBF-4677-84C1-2FE51BC97FD2}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{00D29422-98B3-4C4D-9FF2-C88140EEB0A1}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{605F8D1B-856D-467A-A274-DB7AF7BDF2AC}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{DB0D4EC6-4C3A-41F1-B9D8-9AF9FB25CF22}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{9A40DA3A-9848-46B1-BC80-323E7E6316DD}] => (Allow) E:\Games\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{14681AF6-C581-4BAA-AD01-1B7B2C8BC16C}] => (Allow) E:\Games\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{388E4258-DC1A-4936-85F8-7A56016F1247}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{8AD3D8EE-79A7-4FBE-86B4-107E0FFB8D0A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{E7710D01-810D-454A-BCB7-1B1E275C0264}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{480C8D7F-9AAD-4DD0-92D9-E75606CCF9F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{45D22EE0-1895-4CD5-8673-604D6BA33125}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{11920D20-770D-4AEC-BF87-3DE2AFC3BCFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{C6AB8CA4-AD4D-4F62-A6BC-5F044983C132}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{CE4C84E5-7F87-4F34-9AC3-FF6FECC52435}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{334BC361-334F-4562-9116-6BCE6939C757}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{1B80A48E-66B7-4E31-A82E-E7AC653A8D5D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{900475C7-1EF1-4C58-9350-E78C2D32A410}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{38EF4746-7023-4A8C-9AAA-47F350426489}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{791B3081-46C5-406D-93B7-B56C6006AFC1}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{D6D3DE9C-B61E-4989-8853-2F660A211BF0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{AB417BE5-3EFB-4DAD-876C-DA2CF510A21A}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{E1F4ECEF-42FF-4373-9712-DE60B2328F71}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{49B21BA7-7649-4556-8706-0C4E80BE8C05}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{4E0C0BFF-649C-4BC2-A56C-CBE0FB712E3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{0CF58BDE-FF43-44E2-80B4-5525C7CD9A2E}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{01350672-7C82-44A6-8198-9629C4515046}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{860ACD24-F985-4725-AD67-553E799B2D6A}] => (Allow) E:\Games\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{A3C70210-4F03-4C29-9B16-F27650DA614B}] => (Allow) E:\Games\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{6BEBF870-1D78-4AE7-8D6A-B75B5DEB9B96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{1E6EC11E-8DF9-4195-BD70-E25F16A0E7E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{75034B09-34BA-4A8D-A958-6D5813AE27AD}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{74B5F41C-8802-41F6-8256-9C791CF53546}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{246DC264-85DD-4BF0-AAB7-3CE99B712132}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{3796E5D3-4E35-4613-B847-B3C2F951474E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{44BD874E-E047-47AA-95EB-16F0683EE279}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{365012CB-0EFA-404A-8D8C-C0C3C936BF22}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{75B05950-1C60-4B5D-B1FF-CDAB98C7427C}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{1F47C763-0C51-4D3E-AAA2-43981E369821}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{3C2DCD90-629A-4174-9C1F-D46E04115F6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{D94FB425-2A72-432C-AC8A-5D8882D4A2AA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{C6FD2F2F-D880-49F1-8014-43DFE9F88ED4}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{CE42C321-A216-4801-90EF-6F3EFFE55782}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{F815DB78-88BB-446A-B004-2BA37DF71AEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{C7113255-9CAD-4F2C-87A3-912819CFC52C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9F595D3D-1D9A-41E1-A8FF-DA0D5F6356A4}] => (Allow) E:\Games\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{0C6CE6E1-EC2D-4612-A6EE-5DDF70798810}] => (Allow) E:\Games\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{D51B6AAF-BD82-4473-B34E-D768D2CF4E76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C76D4896-9164-403E-AE60-EB61F8FBB127}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [UDP Query User{567AE2C2-5914-40B3-BF37-F1C2EDA9D074}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{B130BAB4-214A-4798-B924-DCC21423FE8B}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7B59C1C0-417A-4CB5-8936-CE42C8E59C21}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{4AC03BDF-C508-4F16-998C-E84B9E7B470B}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4471C2C4-516A-4D55-93F4-F8CAC28CE963}] => (Allow) E:\Games\Uplay\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{081CA149-F211-4A3C-BDDD-2A61CBF5BBCD}] => (Allow) E:\Games\Uplay\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [UDP Query User{CEA1F0BD-59FE-4F67-A5F8-A736D8DC5339}E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{0D41101E-A5F6-4517-85B1-469D75FD845D}E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{A54943FF-03EB-4BBE-9C73-2732C2446E77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{A67C7C92-E40D-46E7-82BA-52E73442D99B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{9F2492A7-420A-45FE-A5CB-93C36B0C5F22}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{2065E2BA-FEA8-4D27-9DD8-89DD96086525}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{301E362B-4773-4C2F-958A-B73A1162454F}] => (Allow) E:\Games\Origin\Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{6BA2CE6F-E00F-4E41-A389-B201AEDB5D10}] => (Allow) E:\Games\Origin\Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{7E6D0522-D399-42FA-9A13-87F4031B7642}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{2AD2975D-F314-4F94-AAA5-4B4B2DEDC539}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{14569002-E408-45B5-9572-352C2D01FA32}] => (Allow) E:\Games\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{F12EC8FF-BB2B-4B05-B23D-091137A36F6B}] => (Allow) E:\Games\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{DEB809E9-E9A3-4ACF-A05B-C8ACEB193BE6}] => (Allow) E:\Games\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{B52F64A7-3AC0-4D72-A654-845A6B2E1DF3}] => (Allow) E:\Games\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{C9997D19-6DAC-4AA8-BCCE-362EC94F42D5}] => (Allow) E:\Games\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{14A054C7-6103-4955-A91A-450B39B04F73}] => (Allow) E:\Games\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D6027B68-7113-46F3-8A59-D3DB65E9190D}] => (Allow) E:\Games\Battle.net\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{B523DFD6-0EFA-49AD-8A49-324C36B2CE30}] => (Allow) E:\Games\Battle.net\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{B6B2C035-D6E4-49C3-881A-5EEF2559DA9A}] => (Allow) E:\Games\Battle.net\Battle.net.exe
FirewallRules: [{0D5572FA-3657-4970-8C81-47E08B627F4D}] => (Allow) E:\Games\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{F8B9713A-0D4E-4994-89C1-803E75925EB5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{9EE008BD-F1B2-4373-B87E-A0F578CB0BF7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{6B4E81E6-F135-4326-A128-83796A346ED3}] => (Allow) E:\Games\Other\Torchlight 2\Torchlight2.exe
FirewallRules: [{EBEF7097-6D3E-4A9C-BF96-4CD2A7DA05E5}] => (Allow) E:\Games\Other\Torchlight 2\Torchlight2.exe
FirewallRules: [{B789CD2E-4CB5-4A47-B588-C8E541E54F0E}] => (Allow) E:\Games\Other\Torchlight 2\tl2.runic.launcher.exe
FirewallRules: [{543E3F45-896B-4AB3-B287-5F2F22CE663D}] => (Allow) E:\Games\Other\Torchlight 2\tl2.runic.launcher.exe
FirewallRules: [{DE6C677E-52F4-4AB0-ACB5-1CD7AEE7F46D}] => (Allow) E:\Games\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{26744406-E013-4C32-8566-0EB6E597E867}] => (Allow) E:\Games\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [UDP Query User{926D9568-EF46-44CA-820E-C79F2B7A67C2}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{5C926152-047B-40FF-BCDB-AA45793E0C23}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{20245341-63C8-4E6C-B6B5-1AD0F244DF39}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [TCP Query User{ECB90676-9084-4EF7-9724-21AE55200D1A}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [{2B29A278-A633-4212-B550-420BAE05BCA5}] => (Allow) E:\Games\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{C06CFC23-4ACE-4D2C-A299-1B0911DCC129}] => (Allow) E:\Games\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{1121C306-AE29-422B-B827-FD9ABC844DBD}] => (Allow) E:\Games\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{3BA22026-92CA-47D0-AD82-24B6AF03010D}] => (Allow) E:\Games\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{6EF13E9E-22D7-4113-9B70-55F2E178C478}] => (Allow) E:\Games\Origin\Games\Titanfall-Beta\Titanfall.exe
FirewallRules: [{DEA5E280-E65F-4BEB-BFA4-6D0EFBAF7A1B}] => (Allow) E:\Games\Origin\Games\Titanfall-Beta\Titanfall.exe
FirewallRules: [{58F8DA64-8894-4766-A8B1-F89F03DFF403}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F3AA7559-3CCD-4D1B-A5DE-0EC7EA0AF99A}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7CF818E5-921A-4933-8951-99FD8044EBAE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{F0C4CEC6-95C5-4E15-9CBD-A9DBC93E6FDD}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{65A432B5-A762-42BD-B347-3C711FD4D075}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4.exe
FirewallRules: [{7B62090A-8DE6-4D8D-A13E-D20D90235A76}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4.exe
FirewallRules: [{47DAD354-4DF5-43CD-81A4-F031122B5C04}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2F46D74F-F264-4DA4-86C2-B01E94E9E8B2}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{3E5EF459-F4C3-4B32-920D-AC89D24A270C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9A973A88-FB1A-4821-A71E-DA9E1703762E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B7A4E813-E8FF-42A6-AC5F-8D03D976629C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{369ED7D5-3995-4D95-899E-53BE414F9F45}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{7AC9230E-C81F-492C-B93F-394BFDC963EB}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{1C4BCD6C-F49D-4FC0-9C1B-C7C6B3353D73}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{77290A04-C3C8-41F4-9101-7AA6A10AA636}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{3D3DCB9C-4E64-4FED-87C5-EB474980DE55}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{0E8F87FC-BB8E-47F2-A0F7-E7E002A08B08}] => (Allow) E:\Games\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D2DEE9A5-AE29-40D4-AF45-C44E75CCC2BC}] => (Allow) E:\Games\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{38A93314-4483-43A6-838F-A6309816EB68}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{BAB11A25-0BE6-42C0-8C7E-2FDDA9ABE71F}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{DC902F0B-10D9-40F5-8434-5B1DA9B549FA}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{E1068D3D-C42A-423A-8D9A-C0D3A397794C}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{847A742B-1787-407E-A0B2-36FF9BB64B62}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{ADB2BDA1-40AD-4F9C-A3DD-1956FE8550D6}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{20DEF293-D0B7-4A17-85AE-C12BF3C46490}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{FF9A8900-027B-43CF-9F3B-6BBE7DBF2C84}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{C34C6CD5-3EE6-4C61-ADC3-3F6D330A7B0D}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{496D504F-4489-443A-A675-9F559F6ECAFA}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DA78671F-1393-430A-80E8-ABC8AD484F6F}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{DAE667D5-C447-4F24-920E-41AB3A1EDC93}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{CCD5308D-2A3D-438A-9CD1-E21DB44281C6}] => (Allow) E:\Games\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{19AF8973-66CB-4591-84DB-84B120EBBF18}] => (Allow) E:\Games\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{DCDDAEFA-CAED-46E9-B16D-04C5D9C546C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C924247C-3D3D-4E47-A6FF-B39F9999775D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8538C8D2-A53A-4774-B888-9DB99AEBFBAF}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{4B2E228C-52B5-4703-A049-DF4BFA095366}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{62334EEA-52D9-491C-BCD1-9FFD866CB9E6}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{4579AA9B-2D43-4F36-8CFC-8F0D45306989}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{96CC47E4-2105-4C90-9F92-EB3132C2E8E5}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4D7EC868-5226-45DB-AA69-85C4AAB1CB08}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CEF3487B-7CE2-483A-AC05-0BF81A2369F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF6A8B4A-006E-457C-A471-6AEC70008B80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67A6E458-F189-4370-A72F-E708747B9912}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0BAE3131-ADC4-4EEA-9C58-5BF04ED22267}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{04DA576E-AA6D-4720-8333-346E195E4B57}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{95888945-DD70-4872-9022-C385191685AF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C02B6B5C-F35C-4674-8298-639C68B939E1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{43B93B1A-2F51-4F95-B423-2F6F6092D9F1}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{710625FD-B616-43BF-B61F-E7637A05B687}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{1B48F618-BB95-43B6-919D-74FC48ADF8C2}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{B7FE6DBD-FE9F-4F02-98BF-4D2B2CF8DB29}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [UDP Query User{8DEB4394-B565-4C8E-A04B-CAFFAFECA1E0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{DFFB87A6-D9B7-4B01-8247-31EF4E57470E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{72B3DA94-7D86-4242-93BC-18EFAFE3EA10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{90780BE8-43D3-4158-AFE9-F0160DFCD0BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{742E4CB7-BAD2-4544-A440-720A80B9ADC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A743AB00-EEA2-497D-A138-5E76E78DEA73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{72F32963-7ED0-4521-9EA8-718E202ED869}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{181D07D9-213D-49D7-8D44-8AB9C12E14CB}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{30B15735-9B59-4E18-8286-5AD1FC2DDB99}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{697DB895-56D3-496F-8431-B5C2B755AED9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F6300EFC-D689-4493-AA22-47613B97FA51}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{280ED723-E045-472D-B666-514718C13661}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F8FEFC65-E8FF-42E0-BE00-2F9851DC1642}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CE0CE086-B993-49AE-9EE1-9DCDB3436AA0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft USB 2.0 Host Controller Simulator
Description: Microsoft USB 2.0 Host Controller Simulator
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbehci_dsf
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/23/2015 06:55:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/23/2015 07:20:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAMÓN)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/22/2015 06:10:06 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8804) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (09/22/2015 06:10:06 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8804) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (09/22/2015 06:09:56 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8804) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (09/22/2015 06:09:56 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8804) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (09/22/2015 06:09:45 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8804) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (09/22/2015 06:09:45 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8804) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (09/22/2015 06:09:35 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8804) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (09/22/2015 06:09:35 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8804) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.


Systemfehler:
=============
Error: (09/23/2015 06:58:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/23/2015 06:58:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/23/2015 06:57:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/23/2015 06:57:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/23/2015 06:57:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/23/2015 06:57:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/23/2015 06:57:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Hi-Rez Studios Authenticate and Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/23/2015 06:57:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/23/2015 06:57:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/23/2015 06:57:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8136.63 MB
Verfügbarer physikalischer RAM: 5100.37 MB
Summe virtueller Speicher: 16328.63 MB
Verfügbarer virtueller Speicher: 12967.25 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:232.1 GB) (Free:75.07 GB) NTFS
Drive e: (HDD) (Fixed) (Total:1863.01 GB) (Free:1455.8 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2D637E44)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6C1D5ECD)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 24.09.2015, 14:16   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.09.2015, 21:42   #9
mineller
 
Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



ESET

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c412cc4726f75747bc9a8ed5b37d6721
# end=init
# utc_time=2015-09-24 06:19:53
# local_time=2015-09-24 08:19:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 25928
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c412cc4726f75747bc9a8ed5b37d6721
# end=updated
# utc_time=2015-09-24 06:38:24
# local_time=2015-09-24 08:38:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c412cc4726f75747bc9a8ed5b37d6721
# engine=25928
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-24 07:15:54
# local_time=2015-09-24 09:15:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2347942 6596166 0 0
# scanned=486224
# found=3
# cleaned=3
# scan_time=2250
sh=6E3F108DF81BE8D8E7EFABC886B7ABA27DC7CAB5 ft=1 fh=cb09dc3155ad616d vn="Win32/Somoto.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000"
sh=CDC20F305203004296462AD162680A4A03AD7BAF ft=1 fh=d0aa33a422ed2275 vn="Variante von Win32/Packed.Themida verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Ramón3006\Downloads\Floral Flyff Client\Neuz.exe"
sh=6A8B2B46574C2FFA8EF9A221EE4A63A899FAB7DF ft=1 fh=4b3e29bb26d7680c vn="Variante von MSIL/Packed.Confuser.N verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Ramón3006\Downloads\Zerux\MZLauncher.exe"
         
Security Check

Code:
ATTFilter
 Results of screen317's Security Check version 1.008  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 51  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	19.0.0.185  
 Adobe Reader XI  
 Mozilla Firefox 38.0.5 Firefox out of Date!  
 Google Chrome (45.0.2454.93) 
 Google Chrome (45.0.2454.99) 
````````Process Check: objlist.exe by Laurent````````  
 001_Tools AVAST AvastSvc.exe  
 001_Tools AVAST afwServ.exe  
 001_Tools AVAST AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Ramón3006 (Administrator) auf RAMÓN (24-09-2015 22:39:26)
Gestartet von C:\Users\Ramón3006\Downloads
Geladene Profile: Ramón3006 (Verfügbare Profile: Ramón3006)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVAST Software) C:\Program Files (x86)\001_Tools\AVAST\AvastSvc.exe
(AVAST Software) C:\Program Files (x86)\001_Tools\AVAST\afwServ.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files (x86)\001_Tools\AVAST\AvastUI.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4432\Agent.exe
(Blizzard Entertainment) E:\Games\Battle.net\Battle.net\Battle.net.6160\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Users\Ramón3006\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files (x86)\001_Tools\AVAST\AvastUI.exe [6111824 2015-08-28] (AVAST Software)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [EADM] => E:\Games\Origin\Origin.exe [3632472 2015-05-03] (Electronic Arts)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2169640 2013-10-17] (Palit Microsystems Ltd.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] ()
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Ramón3006\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Run: [GoogleChromeAutoLaunch_3B13B70C9998CC9CF6CE6FEC2F0D6633] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [871240 2015-09-19] (Google Inc.)
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\RunOnce: [Uninstall C:\Users\Ram�n3006\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ramón3006\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\RunOnce: [Uninstall C:\Users\Ram�n3006\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ramón3006\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\RunOnce: [Uninstall C:\Users\Ram�n3006\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ramón3006\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\001_Tools\AVAST\ashShA64.dll [2015-08-28] (AVAST Software)
Startup: C:\Users\Ramón3006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2014-01-31]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6a6f050c-4c99-4efb-ac56-7d66db5e7df9}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.lycle.net/
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.lycle.net/
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM -> {CB127E1A-135A-4672-BE00-0D3162B1E50B} URL = hxxps://www.lycle.net/de/results/10/{searchTerms}
SearchScopes: HKLM-x32 -> {CB127E1A-135A-4672-BE00-0D3162B1E50B} URL = hxxps://www.lycle.net/de/results/10/{searchTerms}
SearchScopes: HKU\S-1-5-21-3924869158-273311228-3757889127-1001 -> DefaultScope {F47AA529-9ABD-455A-9D25-9C7BEE3DD958} URL = 
SearchScopes: HKU\S-1-5-21-3924869158-273311228-3757889127-1001 -> {CB127E1A-135A-4672-BE00-0D3162B1E50B} URL = hxxps://www.lycle.net/de/results/10/{searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\001_Tools\AVAST\aswWebRepIE64.dll [2015-08-28] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\001_Tools\AVAST\aswWebRepIE.dll [2015-08-28] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Ramón3006\AppData\Roaming\Mozilla\Firefox\Profiles\dkt0jo2f.default
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/yhp-ff
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3924869158-273311228-3757889127-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ramón3006\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files (x86)\001_Tools\AVAST\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files (x86)\001_Tools\AVAST\WebRep\FF [2013-12-19]

Chrome: 
=======
CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Profile: C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-12-21]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2013-12-15]
CHR Extension: (BetterTTV) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-03-06]
CHR Extension: (Google Docs) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-13]
CHR Extension: (Google Drive) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-13]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-09-23]
CHR Extension: (YouTube) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-13]
CHR Extension: (Adblock Plus) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-25]
CHR Extension: (Google-Suche) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-13]
CHR Extension: (RocketBeansTV Mission Control) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcfomalfggghgohbinjpgibmbjpelndf [2015-05-07]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Avast Online Security) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-19]
CHR Extension: (Imagus) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2014-03-02]
CHR Extension: (Speed Dial 2) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2015-09-23]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-03-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Webcam Toy) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-13]
CHR Extension: (Google Mail) - C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files (x86)\001_Tools\AVAST\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-09-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files (x86)\001_Tools\AVAST\WebRep\Chrome\aswWebRepChrome.crx [2015-04-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files (x86)\001_Tools\AVAST\AvastSvc.exe [146600 2015-08-28] (AVAST Software)
R2 avast! Firewall; C:\Program Files (x86)\001_Tools\AVAST\afwServ.exe [109008 2015-08-28] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-20] ()
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 HiPatchService; E:\Games\Other\Smite\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; E:\Games\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2014-03-28] (Google Inc)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [19456 2014-05-08] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-28] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-28] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-28] (AVAST Software)
S3 EvolveVirtualAdapter; C:\Windows\system32\DRIVERS\evolve.sys [21656 2014-05-10] (Echobit, LLC)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-23] (REALiX(tm))
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-21] (Intel Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Datei ist nicht signiert]
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [242688 2013-04-24] (QUALCOMM Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2013-12-31] (Nicomsoft Ltd.)
S2 VBoxAswDrv; \??\C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\VBoxAswDrv.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-24 22:39 - 2015-09-24 22:39 - 00024568 _____ C:\Users\Ramón3006\Downloads\FRST.txt
2015-09-24 17:30 - 2015-09-24 17:30 - 00016148 _____ C:\WINDOWS\system32\RAMÓN_Ramón3006_HistoryPrediction.bin
2015-09-23 19:06 - 2015-09-23 19:07 - 02192384 _____ (Farbar) C:\Users\Ramón3006\Downloads\FRST64.exe
2015-09-23 18:47 - 2015-09-23 18:50 - 00000000 ____D C:\AdwCleaner
2015-09-23 18:29 - 2015-09-15 18:12 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-23 18:29 - 2015-09-15 18:12 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-22 17:39 - 2015-09-23 18:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-22 17:39 - 2015-09-23 18:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-22 06:29 - 2015-09-24 22:39 - 00000000 ____D C:\FRST
2015-09-21 06:27 - 2015-09-23 18:52 - 00010112 _____ C:\WINDOWS\PFRO.log
2015-09-21 06:22 - 2015-09-23 19:10 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-20 06:40 - 2015-09-20 06:40 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-20 06:40 - 2015-09-20 06:40 - 00001035 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-09-17 03:17 - 2015-09-17 18:31 - 00000000 ___RD C:\Users\Ramón3006\3D Objects
2015-09-16 05:34 - 2015-09-24 22:39 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-16 05:34 - 2015-09-24 17:30 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-15 17:55 - 2015-09-15 17:55 - 00002405 _____ C:\Users\Ramón3006\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-12 12:30 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-12 12:30 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-12 12:30 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-12 12:30 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-12 12:30 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-12 12:30 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-12 12:30 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-12 12:30 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-12 12:30 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-12 12:30 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-12 12:30 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-12 12:30 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-12 12:30 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-12 12:30 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-12 12:30 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-12 12:30 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-12 12:30 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-12 12:30 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-12 12:30 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-12 12:30 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-12 12:30 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-12 12:30 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-12 12:30 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-12 12:30 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-12 12:30 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-12 12:30 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-12 12:30 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-12 12:30 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-12 12:30 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-12 12:30 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-12 12:30 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-12 12:30 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-31 17:42 - 2015-08-31 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-29 16:54 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 16:54 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 16:54 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 16:54 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 16:54 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 16:54 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 16:54 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 16:54 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 16:54 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 16:54 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 16:54 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 16:54 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 16:54 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 16:54 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 16:54 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 16:54 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 16:54 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 16:54 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 16:54 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 16:54 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 16:54 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 16:54 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 16:54 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 16:54 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 16:54 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 16:54 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 16:54 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 16:54 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 16:54 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 16:54 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 16:54 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 16:54 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 16:54 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 16:54 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 16:54 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 16:54 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 16:54 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 16:54 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-28 06:21 - 2015-08-28 06:21 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00454016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-28 06:21 - 2015-08-28 06:21 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-28 06:21 - 2015-08-28 06:21 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00028144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-08-28 06:21 - 2015-08-28 06:21 - 00004008 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-24 22:38 - 2014-02-01 19:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-24 22:35 - 2014-04-28 11:31 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Battle.net
2015-09-24 22:35 - 2013-12-14 00:58 - 00000000 ____D C:\Users\Ramón3006\AppData\Roaming\Skype
2015-09-24 22:34 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-24 22:13 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-24 21:15 - 2015-07-29 16:31 - 00000000 ____D C:\Users\Ramón3006\Downloads\Floral Flyff Client
2015-09-24 21:15 - 2014-06-17 20:48 - 00000000 ____D C:\Users\Ramón3006\Downloads\Zerux
2015-09-24 20:58 - 2015-04-08 22:17 - 00000879 _____ C:\Users\Ramón3006\Desktop\smurf.txt
2015-09-24 19:36 - 2014-12-29 00:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-24 17:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-24 17:31 - 2015-08-02 12:16 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1EEB137D-4B82-4D44-86D8-3A9179E5BCA8}
2015-09-24 17:31 - 2014-06-01 11:35 - 00000000 ____D C:\Users\Ramón3006\.rainlendar2
2015-09-24 02:00 - 2014-09-18 12:31 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Adobe
2015-09-23 22:46 - 2013-12-15 22:41 - 00000000 ____D C:\Users\Ramón3006\AppData\Roaming\vlc
2015-09-23 19:11 - 2014-04-30 17:09 - 00000000 ____D C:\Users\Ramón3006\Desktop\HS
2015-09-23 18:58 - 2013-12-21 16:52 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-23 18:58 - 2013-12-21 16:33 - 00000000 ____D C:\ProgramData\IObit
2015-09-23 18:58 - 2013-12-21 16:32 - 00000000 ____D C:\Users\Ramón3006\AppData\Roaming\IObit
2015-09-23 18:52 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-23 18:52 - 2015-07-10 11:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-09-23 18:52 - 2013-12-13 23:19 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-23 18:50 - 2015-08-02 10:27 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-23 18:50 - 2015-07-10 18:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-23 18:50 - 2015-07-10 18:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-23 18:29 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-22 18:05 - 2014-12-18 12:13 - 00002104 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-09-22 18:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\addins
2015-09-22 18:03 - 2014-05-31 11:50 - 00000000 ____D C:\Users\Ramón3006\Desktop\Trainer
2015-09-21 06:28 - 2013-12-14 14:32 - 10703360 ___SH C:\Users\Ramón3006\Desktop\Thumbs.db
2015-09-21 06:27 - 2015-07-10 14:20 - 05001552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-21 06:27 - 2014-12-18 12:13 - 00000262 _____ C:\WINDOWS\Tasks\ASC8_SkipUac_Ramón3006.job
2015-09-20 13:02 - 2015-08-02 11:14 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-19 17:55 - 2013-12-19 22:46 - 01296896 ___SH C:\Users\Ramón3006\Downloads\Thumbs.db
2015-09-17 03:17 - 2015-08-02 10:19 - 00000000 ____D C:\Users\Ramón3006
2015-09-16 18:00 - 2013-12-13 21:42 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Packages
2015-09-16 05:34 - 2013-12-13 21:54 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-16 05:34 - 2013-12-13 21:54 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 17:55 - 2015-08-02 11:12 - 00000000 ___RD C:\Users\Ramón3006\OneDrive
2015-09-14 18:01 - 2013-12-13 21:54 - 00000000 ____D C:\Users\Ramón3006\AppData\Local\Google
2015-09-13 01:12 - 2015-07-10 18:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 01:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-12 21:47 - 2014-04-10 13:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-12 21:45 - 2013-12-13 22:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-12 21:45 - 2013-08-22 15:25 - 00000202 _____ C:\WINDOWS\win.ini
2015-08-31 17:43 - 2013-12-14 00:58 - 00000000 ____D C:\ProgramData\Skype
2015-08-31 17:42 - 2015-05-04 22:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-30 03:56 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-30 03:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-26 18:37 - 2013-12-13 22:18 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-04 22:09 - 2014-12-04 22:09 - 0000132 _____ () C:\Users\Ramón3006\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2015-04-12 20:51 - 2015-04-12 21:03 - 0000559 _____ () C:\Users\Ramón3006\AppData\Roaming\droid4xinstaller.log
2014-02-28 20:06 - 2014-02-28 20:09 - 0099384 _____ () C:\Users\Ramón3006\AppData\Roaming\inst.exe
2014-02-28 20:06 - 2014-02-28 20:09 - 0007859 _____ () C:\Users\Ramón3006\AppData\Roaming\pcouffin.cat
2014-02-28 20:06 - 2014-02-28 20:09 - 0001167 _____ () C:\Users\Ramón3006\AppData\Roaming\pcouffin.inf
2014-02-28 20:06 - 2014-02-28 20:09 - 0000055 _____ () C:\Users\Ramón3006\AppData\Roaming\pcouffin.log
2014-02-28 20:06 - 2014-02-28 20:09 - 0082816 _____ (VSO Software) C:\Users\Ramón3006\AppData\Roaming\pcouffin.sys
2015-03-14 20:46 - 2015-03-31 19:03 - 2424370 _____ () C:\Users\Ramón3006\AppData\Roaming\ramÓn64
2014-10-11 16:22 - 2014-10-11 16:22 - 0000003 _____ () C:\Users\Ramón3006\AppData\Local\updater.log
2014-10-11 16:22 - 2015-04-24 00:55 - 0000424 _____ () C:\Users\Ramón3006\AppData\Local\UserProducts.xml
2015-08-02 10:19 - 2015-08-02 10:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-16 15:55 - 2015-02-16 15:55 - 0000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Ramón3006\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-17 03:16

==================== Ende von FRST.txt ============================
         

Alt 24.09.2015, 21:43   #10
mineller
 
Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von Ramón3006 (2015-09-24 22:39:51)
Gestartet von C:\Users\Ramón3006\Downloads
Windows 10 Pro (X64) (2015-08-02 09:08:21)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3924869158-273311228-3757889127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3924869158-273311228-3757889127-503 - Limited - Disabled)
Gast (S-1-5-21-3924869158-273311228-3757889127-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3924869158-273311228-3757889127-1007 - Limited - Enabled)
Ramón3006 (S-1-5-21-3924869158-273311228-3757889127-1001 - Administrator - Enabled) => C:\Users\Ramón3006

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.35 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Akamai NetSession Interface (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version:  - Brace Yourself Games)
Device Simulation Framework 1.0.1 (HKLM\...\{C7966AB3-A8D9-48D5-B7DF-922674C40098}) (Version: 1.0.1 - Microsoft)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Droid4X (HKLM-x32\...\Droid4X) (Version: 0.7.5 - Haiyu Dongxiang Co.,Ltd.)
Dying Light (HKLM-x32\...\Steam App 239140) (Version:  - Techland)
Façade (HKLM-x32\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version:  - Telltale Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hand Of Fate (HKLM-x32\...\Steam App 266510) (Version:  - Defiant Development)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IMVU Avatar Chat Software (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\IMVU Avatar chat client software BETA) (Version:  - )
IncrediMail (x32 Version: 6.6.0.5288 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5288 - IncrediMail Ltd.)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.2 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.11.3.0 - LG Electronics)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
MagmaFlyff Live (HKLM-x32\...\MagmaFlyffLive) (Version: Live - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mortal Kombat X Premium Edition MULTi2 1.0 (HKLM-x32\...\Mortal Kombat X Premium Edition MULTi2 1.0) (Version:  - )
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-22ca718a-9ec7-443a-b826-b5854b5969e9) (Version:  - Epic Games, Inc.)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{123F0CCE-21AA-401D-A335-3EDF9C13AA52}) (Version: 1.6.9 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Office Trial Extender (HKLM-x32\...\{F18ADBD4-320F-4A67-9709-0FE9412BB0FA}_is1) (Version: 1.0.0.7 - pXc-coding.com)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Rainbow Six Siege - Closed Alpha (HKLM-x32\...\Uplay Install 1001) (Version:  - Ubisoft)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2151.6 - Hi-Rez Studios)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Tales from the Borderlands (HKLM-x32\...\Steam App 330830) (Version:  - Telltale Games)
TeamSpeak 3 Client (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Sims 4 Deluxe DLC Edition (HKLM-x32\...\The Sims 4 Deluxe DLC Edition) (Version: 1.01 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.5.139.1020 - Electronic Arts Inc.)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02 (HKLM-x32\...\The Witcher 3 Wild Hunt Collectors Edition MULTi2 1.02) (Version:  - )
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.7.4 - Palit Microsystems Ltd.)
Torchlight 2 (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}) (Version: 1.21.2.1 - )
TowerFall Ascension (HKLM-x32\...\Steam App 251470) (Version:  - Matt Thorson)
Unity Web Player (HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.9 r0 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.9 r0 - YGOPro DevPro Online)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

05-09-2015 03:30:38 Geplanter Prüfpunkt
12-09-2015 12:44:24 Windows Update
12-09-2015 12:45:56 Windows Update
22-09-2015 18:03:29 Malwarebytes Anti-Rootkit Restore Point
23-09-2015 18:55:38 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04459155-1E44-445E-920B-45EB176433AD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0D5C1DE0-88CE-44D1-B026-8C5951C98FA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0EB632B7-59A6-428C-9DC6-52CBFDB04147} - \ThunderMaster -> Keine Datei <==== ACHTUNG
Task: {186348D0-3EA6-4F59-ADC4-EF24D1A008FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {23C6F723-BAA2-4374-A72F-33896D00A2D5} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {259F663F-D581-4F3A-9575-36130600073D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {27542B9E-B2CD-4F19-A1B3-8E7B93027557} - System32\Tasks\ASC8_SkipUac_Ramón3006 => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-12-10] (IObit)
Task: {3A755139-3C6F-42F8-BBA1-62FEE09552C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3EE4CE06-1CCF-4D9D-9EDB-36DD979D94E0} - \StartMenuAutoupdate -> Keine Datei <==== ACHTUNG
Task: {50B14A94-82A4-4001-9F29-34410AA5C863} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6C23AD68-3A03-4045-B546-D177124221A9} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ramon@walia-online.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {7358A30F-FEB8-420F-B4D7-10429A4CDE89} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {750B006A-7A3E-4A46-80B6-81996051DAF1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {844ED8EB-8EFF-4289-8ADF-535A590A525B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {8BF31DB1-05CD-4CD4-B95C-046A5A65B0FE} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A07C1BD9-B189-42EB-B053-D163E332F061} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {AC02FE26-8DF4-4AE0-8383-E1D237EAA7BD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {AF495A6A-E7AA-4B3A-A4BC-03216B34C41A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B3C7BBBD-A26D-45DE-864A-A87C329BB813} - System32\Tasks\avast! Emergency Update => C:\Program Files (x86)\001_Tools\AVAST\AvastEmUpdate.exe [2015-08-28] (AVAST Software)
Task: {BD563C9C-D348-4224-9D13-10B1154104E9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BF9C94BA-2FE4-47C5-95C3-2DCF42765FE9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {E7A73826-7A54-45AC-B5F0-73C6AD731488} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F32187A7-21D1-462C-AD7F-9FE86667A9A9} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {F6AA7A6F-7EAA-4C21-9F41-FE6AEFBBA545} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {F8D64133-12A3-493E-9516-481D790231E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Ramón3006.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-02 11:11 - 2015-08-02 11:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 18:03 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-12-13 23:19 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-29 16:54 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 16:54 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 04411488 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-16 21:12 - 2012-05-16 21:12 - 00179200 _____ () C:\Program Files\Rainlendar2\lua52.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 00324608 _____ () C:\Program Files\Rainlendar2\libical.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 00082528 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 00080384 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2012-06-17 15:21 - 2012-06-17 15:21 - 00015360 _____ () C:\Program Files\Rainlendar2\lfs.dll
2015-09-22 06:39 - 2015-09-19 07:54 - 01868104 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libglesv2.dll
2015-09-22 06:39 - 2015-09-19 07:54 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libegl.dll
2015-08-11 23:27 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-11 23:27 - 2015-08-03 03:14 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-08-19 18:03 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 23:27 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-02 11:11 - 2015-08-02 11:11 - 00577024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-08-02 11:11 - 2015-08-02 11:11 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-08-02 11:11 - 2015-08-02 11:11 - 00559616 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-08-02 11:11 - 2015-08-02 11:11 - 00643072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation.diagnostics\bin\NodeRT_Windows_Foundation_Diagnostics.node
2015-07-10 13:00 - 2015-07-10 18:44 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-08-02 11:11 - 2015-08-02 11:11 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-08-02 11:11 - 2015-08-02 11:11 - 00961536 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-08-02 11:11 - 2015-08-02 11:11 - 00204288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-08-02 11:11 - 2015-08-02 11:11 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-08-02 11:11 - 2015-08-02 11:11 - 00074240 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.networking\bin\NodeRT_Windows_Networking.node
2015-08-02 11:11 - 2015-08-02 11:11 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-08-02 11:11 - 2015-08-02 11:11 - 00124416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2015-08-11 23:27 - 2015-08-03 03:09 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-08-28 06:21 - 2015-08-28 06:21 - 00102864 _____ () C:\Program Files (x86)\001_Tools\AVAST\log.dll
2015-08-28 06:21 - 2015-08-28 06:21 - 00123976 _____ () C:\Program Files (x86)\001_Tools\AVAST\JsonRpcServer.dll
2015-09-23 18:44 - 2015-09-23 18:44 - 02966016 _____ () C:\Program Files (x86)\001_Tools\AVAST\defs\15092301\algo.dll
2015-09-24 20:22 - 2015-09-24 20:22 - 02966016 _____ () C:\Program Files (x86)\001_Tools\AVAST\defs\15092401\algo.dll
2015-03-30 18:00 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-29 15:08 - 2015-04-29 15:08 - 40540672 _____ () C:\Program Files (x86)\001_Tools\AVAST\libcef.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 26065408 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\libcef.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00739840 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\libGLESv2.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00909312 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\platforms\qwindows.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00130048 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\libEGL.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00020992 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\imageformats\qgif.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00021504 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\imageformats\qico.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00205312 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\imageformats\qjpeg.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00225792 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\imageformats\qmng.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00015872 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\imageformats\qsvg.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00312832 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\imageformats\qtiff.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00010240 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\qml\QtQuick.2\qtquick2plugin.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00054272 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-09-17 21:49 - 2015-09-17 21:49 - 00010240 _____ () E:\Games\Battle.net\Battle.net\Battle.net.6160\qml\QtQml\Models.2\modelsplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Ramón3006\Cookies:gs5sys
AlternateDataStreams: C:\Users\Ramón3006\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Ramón3006\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Ramón3006\AppData\Local\Verlauf:gs5sys

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\sony.com -> sony.com

IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3924869158-273311228-3757889127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ramón3006\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\325670.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SearchSettings"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "THPanel"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "AshSnap"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "EvolveClient"
HKU\S-1-5-21-3924869158-273311228-3757889127-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2FB8A24D-0376-4926-AC79-B7604D411216}] => (Allow) E:\Games\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5964B619-84BC-48A3-B43E-4E0C13483288}] => (Allow) E:\Games\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F6AF50C4-BBD2-436B-BE95-557C890605ED}] => (Allow) E:\Games\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{D3A7875D-8F17-44FD-AEA1-CC336A7490DF}] => (Allow) E:\Games\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{796DE778-D107-46FB-A963-BC41FC682122}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{337006AF-EB3C-4597-B292-0A04B3DFCC24}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{74EEC085-A8A2-4A2F-AD65-951F87B5D815}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{CF85D655-BC06-494B-B069-BCB7627BFE49}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{6412694E-DF58-4A10-A1B0-F05B5F7D2947}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{CAC3143D-F931-445E-8359-C743CFEF6FE9}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{B02D9FC0-0E37-406E-B5DF-6917B2EC35BD}] => (Allow) E:\Games\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{D6A97BAE-4F6D-47F3-B888-A8890245F79C}] => (Allow) E:\Games\Steam\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{7FF28AC6-BB7D-4981-8FC9-0D8D7CB39292}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{2C9A1232-8E34-4DF3-85C9-AD1B6132066A}] => (Allow) E:\Tools\Droid4X\Droid4X.exe
FirewallRules: [{7DB2AE0F-EE40-4B08-B8B0-1F3846131773}] => (Allow) E:\Games\Steam\SteamApps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [{00CD05D0-E96D-4100-AC98-EDC8866A6763}] => (Allow) E:\Games\Steam\SteamApps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [UDP Query User{1C2691D3-02D2-4243-992F-158151099BA8}E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{966CB8D9-5347-46B5-8678-52BDABA14DD4}E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) E:\games\battle.net\battle.net\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CFB62EAF-F9DB-4E8A-9A72-E9FB6C6D33F3}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F2D73BED-8C1B-4025-91A8-137555F7C2D1}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{941A2452-5B5C-4E15-81F5-ED4AD685C5EB}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{A68151A6-70C7-4C50-8FEA-C2A54CF9B616}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{D6354C55-B302-46DE-A96B-1738E248659F}] => (Allow) E:\Games\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{91DB6EC6-FA46-462C-AB17-7F058992CE60}] => (Allow) E:\Games\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{0C016036-D7AE-4AA0-8087-33FC9AD91085}] => (Allow) E:\Games\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{7D8C0AF3-57B2-48C7-B182-DB954FA22674}] => (Allow) E:\Games\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{E196DB73-901B-4C0E-BC94-E55FEE28442A}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Sims 4 Deluxe DLC Edition\Game\Bin\TS4.exe
FirewallRules: [{AD99D958-D6C1-4EBA-8934-3715392D7547}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Sims 4 Deluxe DLC Edition\Game\Bin\TS4.exe
FirewallRules: [{E1A127CD-7040-46F2-965A-13A652634111}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{DEC5B9AD-17DA-43A3-A66C-A61053B3C668}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{1059797B-6040-414C-AC51-F4553C3EA93E}E:\games\other\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\games\other\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FAC8B13F-7923-47BB-84B9-4B1ADBF50B57}E:\games\other\rockstar games\grand theft auto v\gta5.exe] => (Allow) E:\games\other\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{6A295014-B1B0-493C-9FF5-81C769D7A9E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{101C5CD1-DDA7-4493-A3B9-454C93BF90C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34675F77-203D-4D65-8F17-683DE6D9AB56}] => (Allow) E:\Games\Uplay\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Alpha\RainbowSix.exe
FirewallRules: [{D10903AB-2A89-46C3-A0EC-CD5916690895}] => (Allow) E:\Games\Uplay\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Alpha\RainbowSix.exe
FirewallRules: [UDP Query User{1826EB8F-E358-4FFD-B3E6-932B4BABBEFF}E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe] => (Allow) E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe
FirewallRules: [TCP Query User{8A453A42-FA36-41B5-BE22-216285CC0E5A}E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe] => (Allow) E:\games\uplay\ubisoft game launcher\games\rainbow six siege - closed alpha\rainbowsix.exe
FirewallRules: [{AB483321-6920-44EB-9DA1-F34753E7C222}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C43831C1-A4D6-452B-9F18-7A5F6DA28E31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E46B5616-6645-4C1E-88F9-1B754FB860A0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{36A3A62E-35BE-45A4-B111-F19B00E9D063}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA230B46-8048-404D-B802-E42350DC9930}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{8F27FBA6-9E0F-43E8-8CAE-EBECD802FC29}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{60383100-6043-46B8-B659-A129B898EAD1}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{546B5056-394A-4E61-8DA7-8B61AF74872B}] => (Allow) E:\Games\Steam\SteamApps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{48578B4B-518D-4A75-B0CB-30061E25714A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E5163E28-D1D8-49AD-BB0B-DF44E8AB3192}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{04C2650E-5EBA-49A6-A00B-EB043EBA7332}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8A1171DA-8302-475E-B920-A06759C613E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CC171C56-C415-48ED-8AC1-3FDA5D4CECED}] => (Allow) E:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{F7DB9E56-08BB-442D-B597-F2153AB3B7A9}] => (Allow) E:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{2B324DA7-6D44-44FE-8FA4-D0473E20EB1F}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{52E9F925-F516-4C73-9637-450804B6C0A3}] => (Allow) E:\Games\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{E060C7FD-0CE3-4A36-92CA-48EE68B504E1}] => (Block) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{29825B86-3621-4D71-B50E-3DF667B64AE2}] => (Block) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{4CDF68D4-2381-42CC-9D8F-AF25E1ABA530}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{EABF4EBF-3D32-46BF-9916-446330DD70F9}E:\games\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\games\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{CA417306-346F-4F2D-B498-718639780E6F}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{150CDD80-B590-4EEE-B07F-BB2F893504F4}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{C4083184-08C5-4228-BF86-E8BA28FC7472}] => (Allow) E:\Games\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{C7CF63CF-268D-4AE7-8F6E-0D0BBDEB55E2}] => (Allow) E:\Games\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{EC3E7345-25C8-448F-BA34-6696249FF187}] => (Allow) E:\Games\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{E1B82F18-5C89-4DA1-8BDA-AC90AFF6D175}] => (Allow) E:\Games\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{88BA5A32-2E4C-4331-8642-1B9C62B2EBE1}] => (Allow) E:\Games\Steam\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{B47C26BB-676E-46AD-8744-0EDF3C2D0973}] => (Allow) E:\Games\Steam\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{B0995110-801A-400D-BC52-2C7073D10C7A}] => (Allow) E:\Games\Steam\SteamApps\common\GearUp\bin64\Traktor.Amalgam.App.exe
FirewallRules: [{50B5D515-AB3E-432D-B0A3-8D12CF62763A}] => (Allow) E:\Games\Steam\SteamApps\common\GearUp\bin64\Traktor.Amalgam.App.exe
FirewallRules: [UDP Query User{FF291C60-6518-43A2-AF1C-693973CA0DEF}E:\games\other\planetside 2\planetside2_x64.exe] => (Block) E:\games\other\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{6A7916B6-CFFF-4F0D-8827-04BF34F8AB4F}E:\games\other\planetside 2\planetside2_x64.exe] => (Block) E:\games\other\planetside 2\planetside2_x64.exe
FirewallRules: [{56D9D4C6-C983-4300-911F-BF8D2C8B4333}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{21C9EAC0-2102-4316-AA87-2031667D4579}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{D1A0533B-B5C3-4722-B68B-60941C2157E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{7A68D310-65C5-47B3-84AE-3E5893BC10E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{52D51A67-DACD-4B07-B414-CA6E5496FBB1}] => (Allow) E:\Games\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{F1AA8C91-273A-49F5-90ED-CB92F5F9CB63}] => (Allow) E:\Games\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{9F0719B3-C507-4DD8-9078-835DF15375E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{15D87AD6-D26B-473D-9829-00A84A5FDE3E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{5C2E1126-0FC9-4586-BD1D-F08CC8DD790F}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{39987B3C-951E-4F3D-9DFD-F56A07EC49BD}] => (Allow) E:\Games\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{80F615FB-54F7-4587-830F-32024F4F7F7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{55106EA4-CA5B-4C93-BBCE-6D5F00955F1B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{A3080756-03CE-4022-BEB4-10DC6AE3444B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{5CD4109D-3C5A-49CE-963F-89DEE4375A9B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7242BEA9-7F11-4205-A348-71F1CBF91646}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{76C701B1-C942-4662-8358-A8890345D401}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{2FCA15ED-26D3-4479-A964-5A7707D99898}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{90CFFD4F-F396-44DD-A043-47AB14C6F55B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{45F7C9AF-187A-49C1-877D-62B376CBDA7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{6C506632-4070-4918-8963-A454170770D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{B71D0896-BB20-4C56-BC2C-8EDBCCC239AB}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{8E717E99-99C2-4054-A385-C6D7426B84B1}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{88F46CB0-66FB-41DF-9097-27BA68F9BDF7}] => (Allow) E:\Games\Steam\SteamApps\common\Game of Thrones\Thrones.exe
FirewallRules: [{78BDAFCC-94AE-48A1-A729-2AE097AE7D9D}] => (Allow) E:\Games\Steam\SteamApps\common\Game of Thrones\Thrones.exe
FirewallRules: [{E3A0FED8-1483-4836-B0B7-80BD721144EE}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\GameApp.exe
FirewallRules: [{FCF1B459-33CC-47B1-8209-CE73B350B3FA}] => (Allow) E:\Games\Steam\SteamApps\common\Tales from the Borderlands\GameApp.exe
FirewallRules: [{CB2FF9CE-38DA-4EFC-B384-4E5BD1604211}] => (Block) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [{CA4587E0-D957-40BB-B142-721B99CA3B27}] => (Block) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{83D7D4C6-0BA4-4DB1-B85D-8929EF95DF92}E:\games\other\far cry 4\bin\farcry4.exe] => (Allow) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{BE425D30-9DEF-4CB9-BC50-9776E336751B}E:\games\other\far cry 4\bin\farcry4.exe] => (Allow) E:\games\other\far cry 4\bin\farcry4.exe
FirewallRules: [{CDAC83D2-E036-4AB6-A41B-6146BCE13D9E}] => (Block) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{022242E8-8043-4C1F-AF74-4ECB1ACC25A0}] => (Block) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{BC913EEF-2FC9-432A-8EB3-E03F49EFC5FB}C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{C0802E94-DEE7-4F94-8292-C51E9BFB8270}C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\ramón3006\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{83A173E9-07EE-460A-8048-F5A2D406FFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3B8BE7C2-116F-43D5-8D36-2632FFD58365}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{CC4BCAB8-7215-4E5B-8CF5-EBB0AD9F71D1}] => (Allow) E:\Games\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{A8A1B298-A258-4E94-BF8E-F2246AB98593}] => (Allow) E:\Games\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{0DF45CAA-27A9-4C3C-B490-3E5EE9C9354D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{8D54D78F-B0A9-47C6-B040-1565CA7B0DF4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{6CB95C3B-C22C-4FAD-B97E-8567DF36C1C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{D4E85729-C87C-4F7C-862C-BFC362911106}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{10BA5E95-BCBF-4677-84C1-2FE51BC97FD2}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{00D29422-98B3-4C4D-9FF2-C88140EEB0A1}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{605F8D1B-856D-467A-A274-DB7AF7BDF2AC}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{DB0D4EC6-4C3A-41F1-B9D8-9AF9FB25CF22}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{9A40DA3A-9848-46B1-BC80-323E7E6316DD}] => (Allow) E:\Games\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{14681AF6-C581-4BAA-AD01-1B7B2C8BC16C}] => (Allow) E:\Games\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{388E4258-DC1A-4936-85F8-7A56016F1247}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{8AD3D8EE-79A7-4FBE-86B4-107E0FFB8D0A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{E7710D01-810D-454A-BCB7-1B1E275C0264}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{480C8D7F-9AAD-4DD0-92D9-E75606CCF9F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{45D22EE0-1895-4CD5-8673-604D6BA33125}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{11920D20-770D-4AEC-BF87-3DE2AFC3BCFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{C6AB8CA4-AD4D-4F62-A6BC-5F044983C132}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{CE4C84E5-7F87-4F34-9AC3-FF6FECC52435}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{334BC361-334F-4562-9116-6BCE6939C757}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{1B80A48E-66B7-4E31-A82E-E7AC653A8D5D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{900475C7-1EF1-4C58-9350-E78C2D32A410}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{38EF4746-7023-4A8C-9AAA-47F350426489}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{791B3081-46C5-406D-93B7-B56C6006AFC1}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{D6D3DE9C-B61E-4989-8853-2F660A211BF0}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{AB417BE5-3EFB-4DAD-876C-DA2CF510A21A}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{E1F4ECEF-42FF-4373-9712-DE60B2328F71}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{49B21BA7-7649-4556-8706-0C4E80BE8C05}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{4E0C0BFF-649C-4BC2-A56C-CBE0FB712E3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{0CF58BDE-FF43-44E2-80B4-5525C7CD9A2E}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{01350672-7C82-44A6-8198-9629C4515046}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{860ACD24-F985-4725-AD67-553E799B2D6A}] => (Allow) E:\Games\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{A3C70210-4F03-4C29-9B16-F27650DA614B}] => (Allow) E:\Games\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{6BEBF870-1D78-4AE7-8D6A-B75B5DEB9B96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{1E6EC11E-8DF9-4195-BD70-E25F16A0E7E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{75034B09-34BA-4A8D-A958-6D5813AE27AD}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{74B5F41C-8802-41F6-8256-9C791CF53546}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
FirewallRules: [{246DC264-85DD-4BF0-AAB7-3CE99B712132}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{3796E5D3-4E35-4613-B847-B3C2F951474E}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
FirewallRules: [{44BD874E-E047-47AA-95EB-16F0683EE279}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{365012CB-0EFA-404A-8D8C-C0C3C936BF22}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{75B05950-1C60-4B5D-B1FF-CDAB98C7427C}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{1F47C763-0C51-4D3E-AAA2-43981E369821}] => (Allow) E:\Games\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{3C2DCD90-629A-4174-9C1F-D46E04115F6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{D94FB425-2A72-432C-AC8A-5D8882D4A2AA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{C6FD2F2F-D880-49F1-8014-43DFE9F88ED4}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{CE42C321-A216-4801-90EF-6F3EFFE55782}] => (Allow) E:\Games\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{F815DB78-88BB-446A-B004-2BA37DF71AEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{C7113255-9CAD-4F2C-87A3-912819CFC52C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9F595D3D-1D9A-41E1-A8FF-DA0D5F6356A4}] => (Allow) E:\Games\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{0C6CE6E1-EC2D-4612-A6EE-5DDF70798810}] => (Allow) E:\Games\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{D51B6AAF-BD82-4473-B34E-D768D2CF4E76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C76D4896-9164-403E-AE60-EB61F8FBB127}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [UDP Query User{567AE2C2-5914-40B3-BF37-F1C2EDA9D074}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{B130BAB4-214A-4798-B924-DCC21423FE8B}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7B59C1C0-417A-4CB5-8936-CE42C8E59C21}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{4AC03BDF-C508-4F16-998C-E84B9E7B470B}C:\users\ramón3006\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ramón3006\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4471C2C4-516A-4D55-93F4-F8CAC28CE963}] => (Allow) E:\Games\Uplay\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{081CA149-F211-4A3C-BDDD-2A61CBF5BBCD}] => (Allow) E:\Games\Uplay\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [UDP Query User{CEA1F0BD-59FE-4F67-A5F8-A736D8DC5339}E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{0D41101E-A5F6-4517-85B1-469D75FD845D}E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe] => (Allow) E:\games\other\smite\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{A54943FF-03EB-4BBE-9C73-2732C2446E77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{A67C7C92-E40D-46E7-82BA-52E73442D99B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{9F2492A7-420A-45FE-A5CB-93C36B0C5F22}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [{2065E2BA-FEA8-4D27-9DD8-89DD96086525}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{301E362B-4773-4C2F-958A-B73A1162454F}] => (Allow) E:\Games\Origin\Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{6BA2CE6F-E00F-4E41-A389-B201AEDB5D10}] => (Allow) E:\Games\Origin\Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{7E6D0522-D399-42FA-9A13-87F4031B7642}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{2AD2975D-F314-4F94-AAA5-4B4B2DEDC539}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{14569002-E408-45B5-9572-352C2D01FA32}] => (Allow) E:\Games\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{F12EC8FF-BB2B-4B05-B23D-091137A36F6B}] => (Allow) E:\Games\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{DEB809E9-E9A3-4ACF-A05B-C8ACEB193BE6}] => (Allow) E:\Games\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{B52F64A7-3AC0-4D72-A654-845A6B2E1DF3}] => (Allow) E:\Games\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{C9997D19-6DAC-4AA8-BCCE-362EC94F42D5}] => (Allow) E:\Games\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{14A054C7-6103-4955-A91A-450B39B04F73}] => (Allow) E:\Games\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D6027B68-7113-46F3-8A59-D3DB65E9190D}] => (Allow) E:\Games\Battle.net\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{B523DFD6-0EFA-49AD-8A49-324C36B2CE30}] => (Allow) E:\Games\Battle.net\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{B6B2C035-D6E4-49C3-881A-5EEF2559DA9A}] => (Allow) E:\Games\Battle.net\Battle.net.exe
FirewallRules: [{0D5572FA-3657-4970-8C81-47E08B627F4D}] => (Allow) E:\Games\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{F8B9713A-0D4E-4994-89C1-803E75925EB5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{9EE008BD-F1B2-4373-B87E-A0F578CB0BF7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{6B4E81E6-F135-4326-A128-83796A346ED3}] => (Allow) E:\Games\Other\Torchlight 2\Torchlight2.exe
FirewallRules: [{EBEF7097-6D3E-4A9C-BF96-4CD2A7DA05E5}] => (Allow) E:\Games\Other\Torchlight 2\Torchlight2.exe
FirewallRules: [{B789CD2E-4CB5-4A47-B588-C8E541E54F0E}] => (Allow) E:\Games\Other\Torchlight 2\tl2.runic.launcher.exe
FirewallRules: [{543E3F45-896B-4AB3-B287-5F2F22CE663D}] => (Allow) E:\Games\Other\Torchlight 2\tl2.runic.launcher.exe
FirewallRules: [{DE6C677E-52F4-4AB0-ACB5-1CD7AEE7F46D}] => (Allow) E:\Games\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{26744406-E013-4C32-8566-0EB6E597E867}] => (Allow) E:\Games\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [UDP Query User{926D9568-EF46-44CA-820E-C79F2B7A67C2}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{5C926152-047B-40FF-BCDB-AA45793E0C23}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{20245341-63C8-4E6C-B6B5-1AD0F244DF39}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [TCP Query User{ECB90676-9084-4EF7-9724-21AE55200D1A}C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 5\totalmedia server\tm server.exe
FirewallRules: [{2B29A278-A633-4212-B550-420BAE05BCA5}] => (Allow) E:\Games\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{C06CFC23-4ACE-4D2C-A299-1B0911DCC129}] => (Allow) E:\Games\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{1121C306-AE29-422B-B827-FD9ABC844DBD}] => (Allow) E:\Games\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{3BA22026-92CA-47D0-AD82-24B6AF03010D}] => (Allow) E:\Games\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{6EF13E9E-22D7-4113-9B70-55F2E178C478}] => (Allow) E:\Games\Origin\Games\Titanfall-Beta\Titanfall.exe
FirewallRules: [{DEA5E280-E65F-4BEB-BFA4-6D0EFBAF7A1B}] => (Allow) E:\Games\Origin\Games\Titanfall-Beta\Titanfall.exe
FirewallRules: [{58F8DA64-8894-4766-A8B1-F89F03DFF403}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F3AA7559-3CCD-4D1B-A5DE-0EC7EA0AF99A}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7CF818E5-921A-4933-8951-99FD8044EBAE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{F0C4CEC6-95C5-4E15-9CBD-A9DBC93E6FDD}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{65A432B5-A762-42BD-B347-3C711FD4D075}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4.exe
FirewallRules: [{7B62090A-8DE6-4D8D-A13E-D20D90235A76}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4.exe
FirewallRules: [{47DAD354-4DF5-43CD-81A4-F031122B5C04}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2F46D74F-F264-4DA4-86C2-B01E94E9E8B2}] => (Allow) E:\Games\Origin\Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{3E5EF459-F4C3-4B32-920D-AC89D24A270C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9A973A88-FB1A-4821-A71E-DA9E1703762E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B7A4E813-E8FF-42A6-AC5F-8D03D976629C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{369ED7D5-3995-4D95-899E-53BE414F9F45}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{7AC9230E-C81F-492C-B93F-394BFDC963EB}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{1C4BCD6C-F49D-4FC0-9C1B-C7C6B3353D73}E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) E:\games\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{77290A04-C3C8-41F4-9101-7AA6A10AA636}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{3D3DCB9C-4E64-4FED-87C5-EB474980DE55}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{0E8F87FC-BB8E-47F2-A0F7-E7E002A08B08}] => (Allow) E:\Games\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D2DEE9A5-AE29-40D4-AF45-C44E75CCC2BC}] => (Allow) E:\Games\Steam\SteamApps\common\Dead Space\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{38A93314-4483-43A6-838F-A6309816EB68}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{BAB11A25-0BE6-42C0-8C7E-2FDDA9ABE71F}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{DC902F0B-10D9-40F5-8434-5B1DA9B549FA}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{E1068D3D-C42A-423A-8D9A-C0D3A397794C}] => (Allow) E:\Games\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{847A742B-1787-407E-A0B2-36FF9BB64B62}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{ADB2BDA1-40AD-4F9C-A3DD-1956FE8550D6}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{20DEF293-D0B7-4A17-85AE-C12BF3C46490}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{FF9A8900-027B-43CF-9F3B-6BBE7DBF2C84}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{C34C6CD5-3EE6-4C61-ADC3-3F6D330A7B0D}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{496D504F-4489-443A-A675-9F559F6ECAFA}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DA78671F-1393-430A-80E8-ABC8AD484F6F}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{DAE667D5-C447-4F24-920E-41AB3A1EDC93}] => (Allow) E:\Games\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{CCD5308D-2A3D-438A-9CD1-E21DB44281C6}] => (Allow) E:\Games\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{19AF8973-66CB-4591-84DB-84B120EBBF18}] => (Allow) E:\Games\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{DCDDAEFA-CAED-46E9-B16D-04C5D9C546C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C924247C-3D3D-4E47-A6FF-B39F9999775D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8538C8D2-A53A-4774-B888-9DB99AEBFBAF}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{4B2E228C-52B5-4703-A049-DF4BFA095366}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{62334EEA-52D9-491C-BCD1-9FFD866CB9E6}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{4579AA9B-2D43-4F36-8CFC-8F0D45306989}] => (Allow) E:\Games\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{96CC47E4-2105-4C90-9F92-EB3132C2E8E5}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4D7EC868-5226-45DB-AA69-85C4AAB1CB08}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CEF3487B-7CE2-483A-AC05-0BF81A2369F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF6A8B4A-006E-457C-A471-6AEC70008B80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67A6E458-F189-4370-A72F-E708747B9912}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0BAE3131-ADC4-4EEA-9C58-5BF04ED22267}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{04DA576E-AA6D-4720-8333-346E195E4B57}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{95888945-DD70-4872-9022-C385191685AF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C02B6B5C-F35C-4674-8298-639C68B939E1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{43B93B1A-2F51-4F95-B423-2F6F6092D9F1}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{710625FD-B616-43BF-B61F-E7637A05B687}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{1B48F618-BB95-43B6-919D-74FC48ADF8C2}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{B7FE6DBD-FE9F-4F02-98BF-4D2B2CF8DB29}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [UDP Query User{8DEB4394-B565-4C8E-A04B-CAFFAFECA1E0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{DFFB87A6-D9B7-4B01-8247-31EF4E57470E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{72B3DA94-7D86-4242-93BC-18EFAFE3EA10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{90780BE8-43D3-4158-AFE9-F0160DFCD0BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{742E4CB7-BAD2-4544-A440-720A80B9ADC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A743AB00-EEA2-497D-A138-5E76E78DEA73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{72F32963-7ED0-4521-9EA8-718E202ED869}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{181D07D9-213D-49D7-8D44-8AB9C12E14CB}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{30B15735-9B59-4E18-8286-5AD1FC2DDB99}] => (Allow) C:\Program Files (x86)\001_Tools\AVAST\ng\vbox\aswFe.exe
FirewallRules: [{697DB895-56D3-496F-8431-B5C2B755AED9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F6300EFC-D689-4493-AA22-47613B97FA51}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{280ED723-E045-472D-B666-514718C13661}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F8FEFC65-E8FF-42E0-BE00-2F9851DC1642}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CE0CE086-B993-49AE-9EE1-9DCDB3436AA0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft USB 2.0 Host Controller Simulator
Description: Microsoft USB 2.0 Host Controller Simulator
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Microsoft
Service: usbehci_dsf
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/24/2015 10:39:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (09/24/2015 10:36:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (09/24/2015 08:19:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (09/24/2015 08:19:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (09/24/2015 08:19:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (09/24/2015 06:49:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DespicableMe_w8.exe, Version: 0.0.0.0, Zeitstempel: 0x55d4576a
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10240.16431, Zeitstempel: 0x55c9b90a
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0067b536
ID des fehlerhaften Prozesses: 0x6d0
Startzeit der fehlerhaften Anwendung: 0xDespicableMe_w8.exe0
Pfad der fehlerhaften Anwendung: DespicableMe_w8.exe1
Pfad des fehlerhaften Moduls: DespicableMe_w8.exe2
Berichtskennung: DespicableMe_w8.exe3
Vollständiger Name des fehlerhaften Pakets: DespicableMe_w8.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DespicableMe_w8.exe5

Error: (09/24/2015 07:21:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAMÓN)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/24/2015 07:21:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAMÓN)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/23/2015 06:55:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/23/2015 07:20:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RAMÓN)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (09/24/2015 10:37:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/24/2015 10:37:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/24/2015 10:37:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/24/2015 10:37:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/24/2015 10:37:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/24/2015 10:37:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/24/2015 10:35:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/24/2015 10:35:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/24/2015 10:35:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (09/24/2015 10:35:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 8136.63 MB
Verfügbarer physikalischer RAM: 3536.64 MB
Summe virtueller Speicher: 16328.63 MB
Verfügbarer virtueller Speicher: 10343.86 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:232.1 GB) (Free:74.6 GB) NTFS
Drive e: (HDD) (Fixed) (Total:1863.01 GB) (Free:1455.8 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2D637E44)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6C1D5ECD)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Wurde denn bisher schon etwas gravierendes entfernt?
Habe bisher keinen Sound mehr gehört - kann allerdings ein paar Tage dauern

Alt 25.09.2015, 18:13   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Werbung (Sound) im Hintergrund - Standard

Werbung (Sound) im Hintergrund



Java und Firefox udpaten.
Wir haben Adware entfernt.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Ramón3006\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000

C:\Users\Ramón3006\Downloads\Floral Flyff Client\Neuz.exe

C:\Users\Ramón3006\Downloads\Zerux\MZLauncher.exe
Task: {04459155-1E44-445E-920B-45EB176433AD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {0D5C1DE0-88CE-44D1-B026-8C5951C98FA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {0EB632B7-59A6-428C-9DC6-52CBFDB04147} - \ThunderMaster -> Keine Datei <==== ACHTUNG

Task: {259F663F-D581-4F3A-9575-36130600073D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

Task: {3EE4CE06-1CCF-4D9D-9EDB-36DD979D94E0} - \StartMenuAutoupdate -> Keine Datei <==== ACHTUNG

Task: {50B14A94-82A4-4001-9F29-34410AA5C863} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {750B006A-7A3E-4A46-80B6-81996051DAF1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG

Task: {AC02FE26-8DF4-4AE0-8383-E1D237EAA7BD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {BD563C9C-D348-4224-9D13-10B1154104E9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

Task: {BF9C94BA-2FE4-47C5-95C3-2DCF42765FE9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {E7A73826-7A54-45AC-B5F0-73C6AD731488} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {F6AA7A6F-7EAA-4C21-9F41-FE6AEFBBA545} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {F8D64133-12A3-493E-9516-481D790231E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Werbung (Sound) im Hintergrund
antivirus, backdoor.hupigon, defender, dnsapi.dll, explorer, flash player, hacktool.cheatengine, homepage, launch, malware.trace, prozesse, registry, security, services.exe, software, svchost.exe, werbung sound im hintergrund, windows 10 pro



Ähnliche Themen: Werbung (Sound) im Hintergrund


  1. Werbung im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 08.12.2015 (13)
  2. Skype spielt unerwünschte Sound Werbung ab und reagiert nicht
    Plagegeister aller Art und deren Bekämpfung - 23.07.2015 (3)
  3. Sound einer Werbung während dem Surfen auf YouTube.
    Plagegeister aller Art und deren Bekämpfung - 25.05.2015 (3)
  4. Geräusche und Werbung laufen im Hintergrund.
    Log-Analyse und Auswertung - 08.04.2015 (17)
  5. Windows 8 - Audio-Werbung im Hintergrund!
    Log-Analyse und Auswertung - 28.01.2015 (9)
  6. firefox: Stimmen (Werbung) im Hintergrund
    Log-Analyse und Auswertung - 26.01.2015 (10)
  7. Dauerhafte Werbung im Hintergrund zu hören !
    Plagegeister aller Art und deren Bekämpfung - 24.02.2014 (7)
  8. Werbung und Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 02.01.2014 (12)
  9. Werbung im Hintergrund
    Log-Analyse und Auswertung - 02.05.2013 (5)
  10. Internet Explorer öffnet sich im Hintergrund & spielt einen Sound ab
    Plagegeister aller Art und deren Bekämpfung - 03.12.2012 (1)
  11. Werbung (Radio) im Hintergrund!
    Antiviren-, Firewall- und andere Schutzprogramme - 13.06.2012 (1)
  12. Wave Regler auf 0 und Werbung im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 22.02.2011 (12)
  13. Werbung / Musik im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 04.02.2011 (1)
  14. Internet Explorer öffnet sich mit Werbung und Wave-Sound schaltet ab
    Plagegeister aller Art und deren Bekämpfung - 22.07.2010 (2)
  15. Internetexplorer Popups, Werbung, Wave Sound Regelung, komische Musik
    Plagegeister aller Art und deren Bekämpfung - 18.07.2010 (6)
  16. IE popped mit Werbung auf und Sound schaltet selbstständig aus
    Log-Analyse und Auswertung - 15.07.2010 (1)
  17. iexplorer.exe im Hintergrund mit Werbung/Sound
    Plagegeister aller Art und deren Bekämpfung - 04.07.2010 (47)

Zum Thema Werbung (Sound) im Hintergrund - Hallo trojaner-board ich habe seit einiger Zeit immer mal wieder das Problem dass im Hintergrund einfach irgendwelche Werbung abgespielt wird. Also ich höre immer nur den Ton dieser Werbung, es - Werbung (Sound) im Hintergrund...
Archiv
Du betrachtest: Werbung (Sound) im Hintergrund auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.